r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16006
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17072
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:36:02 GMT
content-type: application/json
age: 1022
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11203
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TMwLHiJkWx36K7aF71ItPv4tE51Eg8hxEGZc6HEMfZfofx3qwgP7hTyHrTztOr17xwwC44YzosQ=
x-amz-request-id: J2YRSQH8JVZAF8J4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:51:46 GMT
age: 78
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:04 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:49:05 GMT
age: 240
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.coinbasecf-app.com/
52.139.170.40301 Moved Permanently 166 B IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET / HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 00:53:05 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.coinbasecf-app.com/
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Thu, 02 Feb 2023 00:53:05 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.71.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.71.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ql6e7Adaa8qar+nSZRrHJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9+jirUtT+ZrWs2NuMqDShSM643M=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4972e7210981174fe8bf90e52b33df91
7d199bc841088f5edb10300642f04a20919f9fbd
efa8d8209b358b38a8dc7ca8261d58c605add23d7106921552da85c1c6280395
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFA8D8209B358B38A8DC7CA8261D58C605ADD23D7106921552DA85C1C6280395"
Last-Modified: Wed, 01 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Thu, 02 Feb 2023 06:53:04 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
www.coinbasecf-app.com/
52.139.170.40200 OK 1.2 kB IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1749)
Hash 780619a16b2779b65f90ed898e7c7ca1
e50e46da3035db59d030bf688a1ea415436e0e8a
dabc75d9ef52c7c15f48f9cb21dc3ec17896fb78745721f22409d810738d61b9
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET / HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 08:37:20 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63d0ea40-b41"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
Content-Encoding: gzip
www.coinbasecf-app.com/static/css/chunk-vendors.08fce731.css
52.139.170.40200 OK 40 kB URL HTTP/1.1 www.coinbasecf-app.com/static/css/chunk-vendors.08fce731.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash f702556fd6ce2249f3c43416923c7f21
bebc3b169b38bcbae69cd0af8a20402eb04780a4
04a9871c891c076a3e063118589568cd25541e430e6b13ab9710ec0908250ef7
Analyzer Verdict Alert openphish Coinbase
GET /static/css/chunk-vendors.08fce731.css HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 08:10:02 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63b685da-1958d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6726
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6726
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6726
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: l6-o76hw-t0vadcFKKSBS6gEaHfkob3_ZUOg-zd90GmENeSiVmvr4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 00:51:56 GMT
age: 111
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 10164
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 10689
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hhd99jugAUeT4SMDkgOSFkc9q5jWXE0qAq51OVq8ct4juyFrYH0IhA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:23:30 GMT
age: 62977
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qON7fRZ1XPCkl7ldiGagd0UcPynLKMzysXr8LZSRvS1ily9cN5w_wA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:22:55 GMT
age: 9012
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 00:52:30 GMT
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
age: 37
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.coinbasecf-app.com/static/css/app.458720dd.css
52.139.170.40200 OK 80 kB URL HTTP/1.1 www.coinbasecf-app.com/static/css/app.458720dd.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 49e768ee15bcf59f9521d6a38d2ee8a2
70a9e75f8a6b41c2685d438cb853f31dac55b050
4141af68a4346aae620a57ca2a845ed0a6dba419ab1f2f2532ca2d493a7495bf
Analyzer Verdict Alert openphish Coinbase
GET /static/css/app.458720dd.css HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 08:37:20 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63d0ea40-486f3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/js/app.548967e5.js
52.139.170.40200 OK 201 kB URL HTTP/1.1 www.coinbasecf-app.com/static/js/app.548967e5.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65475), with no line terminators
Size 201 kB (200751 bytes)
Hash ee5307c5d133c8385351fbda02bb6c20
9ea408252bdea8194beb8293bbda14a27be50408
9448adab301519e430d4b2af72778a504bdab6fb5acdddd07fd466d2972a3ab6
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/js/app.548967e5.js HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 08:37:20 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63d0ea40-8791f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/js/chunk-vendors.d1595a09.js
52.139.170.40200 OK 1.8 MB URL HTTP/1.1 www.coinbasecf-app.com/static/js/chunk-vendors.d1595a09.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (60607)
Size 1.8 MB (1781996 bytes)
Hash d7d1921b08109efb3ff4bbd13e828a5c
2e7840f59eea5753ca99a9bac43497ce4682a31a
be37a0eaa7a5d53f16d628ce2cc2d854527a39c285fad839d3685b33426b90fb
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/js/chunk-vendors.d1595a09.js HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 03:57:31 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63c61cab-4a63fd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/favicon.ico
52.139.170.40403 Forbidden 144 B URL HTTP/1.1 www.coinbasecf-app.com/favicon.ico
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ff488a3a7c828d8853d25c236503048e
c954332064982d8d4ec8687d4bb69e0c056e24e9
4d76cd0acfe2f3e91b1736936fdfcf0746196ffd831165b921927ff32cda83b6
Analyzer Verdict Alert openphish Coinbase
GET /favicon.ico HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
Date: Thu, 02 Feb 2023 00:53:09 GMT
Content-Type: text/html
Content-Length: 144
Connection: keep-alive
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/static/css/chunk-4711cb97.dcfaad6a.css
52.139.170.40200 OK 448 B URL HTTP/1.1 www.coinbasecf-app.com/static/css/chunk-4711cb97.dcfaad6a.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1070), with no line terminators
Hash 5981386c46bc544392552a81af6a6490
0dbe61e859cce451ba886b055a8621ce212ed261
71bf3450f28738d2e7756a014d1e05da9c3ac6e4d8c3580d29baa03d9e7e2f75
Analyzer Verdict Alert openphish Coinbase
GET /static/css/chunk-4711cb97.dcfaad6a.css HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-42e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/css/chunk-6d7b0fc3.d92afbd1.css
52.139.170.40200 OK 585 B URL HTTP/1.1 www.coinbasecf-app.com/static/css/chunk-6d7b0fc3.d92afbd1.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (585), with no line terminators
Hash ed60012e29d80ead974959557e6b6437
64047681bac245fae5722eb8a309631805123ede
e853c556e4f842a643a6b183681714b49d750308c533e2cb5b48be9f500f1646
Analyzer Verdict Alert openphish Coinbase
GET /static/css/chunk-6d7b0fc3.d92afbd1.css HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: text/css
Content-Length: 585
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 08:10:02 GMT
Vary: Accept-Encoding
ETag: "63b685da-249"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
www.coinbasecf-app.com/static/css/chunk-4043fba0.efdd0cba.css
52.139.170.40200 OK 678 B URL HTTP/1.1 www.coinbasecf-app.com/static/css/chunk-4043fba0.efdd0cba.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2296), with no line terminators
Hash 20383fd4bcfa44702eaa62af42da852a
67a57e2fdb7115fecde53c83ce2f2405942cbb89
1de1156fcd925ff63860ccf042950cd5dda67336dbe612b4866053ba115b6e4c
Analyzer Verdict Alert openphish Coinbase
GET /static/css/chunk-4043fba0.efdd0cba.css HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-8f8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/api/identify?domain=coinbasecf-app.com
52.139.170.40200 OK 170 B URL HTTP/1.1 www.coinbasecf-app.com/api/identify?domain=coinbasecf-app.com
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 0941196e4351436f4f7e3120e54079bb
aadb78c406d71fef8d4150de38e42229c774e663
8c1d8f2428e1188cbab965f1236422ddce226ba00ab9ddb4f615179ba28f60e2
GET /api/identify?domain=coinbasecf-app.com HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: undefined
Device-Id: h5
Request-Date: 1675299213
Signature: 64407f01f8f6aa26a5984cfef6921509
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/static/css/chunk-c19bad78.2830a849.css
52.139.170.40200 OK 719 B URL HTTP/1.1 www.coinbasecf-app.com/static/css/chunk-c19bad78.2830a849.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2680), with no line terminators
Hash 4868f5024844943241c4b224b52e3467
8eafe98f66f8aba2289fa9e8b4552daaf7aa2274
34c475457128a958990f18c823e419d200bf8e6df2f00f4149ab016a6728c9c8
Analyzer Verdict Alert openphish Coinbase
GET /static/css/chunk-c19bad78.2830a849.css HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-a78"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/js/chunk-4043fba0.653a0e09.js
52.139.170.40200 OK 1.5 kB URL HTTP/1.1 www.coinbasecf-app.com/static/js/chunk-4043fba0.653a0e09.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (3694), with no line terminators
Hash 0df68867bdc406b46407db8dd8d07c1e
bf37049ed060b1780a0a59e3614846b86c07c592
ec5b147ee55e63941d340e03b454ca2e3326cdf55fbf68dfac509a6edc3fb8e9
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/js/chunk-4043fba0.653a0e09.js HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-e6e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/js/chunk-4711cb97.4dcaf51b.js
52.139.170.40200 OK 2.8 kB URL HTTP/1.1 www.coinbasecf-app.com/static/js/chunk-4711cb97.4dcaf51b.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (5490), with no line terminators
Hash 8418dff66796e2b9fe20d9735398659e
1ce2181a8b3c67184e8d58e817aa04f5980faaf8
6e7bdc9714ed3e06424de27cd94c1235434458297b50d09468924ab5b5f6e3f6
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/js/chunk-4711cb97.4dcaf51b.js HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-1572"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/js/chunk-c19bad78.9c8bef24.js
52.139.170.40200 OK 4.5 kB URL HTTP/1.1 www.coinbasecf-app.com/static/js/chunk-c19bad78.9c8bef24.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (10713), with no line terminators
Hash 51f429df5bd7c0a4261775cce257f5e8
9def0d12b9b9d84a11bba4c54de2437d66fa7df1
aba3a714d76f4f44d7accaab157c09aeee6dd569ad66b12e5617bce8473ea3e1
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/js/chunk-c19bad78.9c8bef24.js HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 03:57:31 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63c61cab-29dd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/static/js/chunk-6d7b0fc3.39200c45.js
52.139.170.40200 OK 811 B URL HTTP/1.1 www.coinbasecf-app.com/static/js/chunk-6d7b0fc3.39200c45.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1452), with no line terminators
Hash 937281159723f5c8a1e1eee7216f6f09
9dfa430e681167b32be285a5d04f48d2777ecf76
a9d53b5742fb238be47d06ee2b1af3797aa54a8f79585c365f8f7f19cb0fd34e
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/js/chunk-6d7b0fc3.39200c45.js HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 08:10:03 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63b685db-5ac"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
www.coinbasecf-app.com/api/wallets/1/templates/0
52.139.170.40200 OK 246 B URL HTTP/1.1 www.coinbasecf-app.com/api/wallets/1/templates/0
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (315), with no line terminators
Hash bbcf4dac63aac2f174f5abcba9e9d493
ca996923f45c174539372998d2f767628ebdeff7
f879aaba5f1fb4dbdee8b3b387510d742dde9a72180a46d4f8424e94b9c9c605
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /api/wallets/1/templates/0 HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: d05e57cb-88a1-49ec-89e5-fc8268c50c80
Device-Id: h5
Request-Date: 1675299214
Signature: 04ee5c7209e8c6aede001211b55ce455
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/api/configs
52.139.170.40200 OK 1.1 kB URL HTTP/1.1 www.coinbasecf-app.com/api/configs
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (2655), with no line terminators
Hash ab887576ec1673f46182968a594f62e8
66b6ad9db4dbe05cbc9f05a5d8346195a6029ab8
623d7f0e056a226adc337444c7fecb264543b42f59e35e338156086a33e2b5a0
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /api/configs HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: d05e57cb-88a1-49ec-89e5-fc8268c50c80
Device-Id: h5
Request-Date: 1675299214
Signature: 6a89b360a22818ba46dc92accafe654c
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/static/img/icon_duigou.455309c2.svg
52.139.170.40200 OK 1.7 kB URL HTTP/1.1 www.coinbasecf-app.com/static/img/icon_duigou.455309c2.svg
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1089)
Hash 455309c29bf7626df47507c12fe7926d
131a81271e6b29b6a370087cfb2db2b5ff6aece4
b1303fa2dc2a0e950c8d8510e4a73d70cfa5d5a9a28fbfa60c06ddbd6962b4f4
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/img/icon_duigou.455309c2.svg HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: image/svg+xml
Content-Length: 1717
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
Vary: Accept-Encoding
ETag: "637f3fdb-6b5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
www.coinbasecf-app.com/static/img/icon_googlePlay.c4282a5f.png
52.139.170.40200 OK 17 kB URL HTTP/1.1 www.coinbasecf-app.com/static/img/icon_googlePlay.c4282a5f.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 464 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash c4282a5f16443fd4493ced29810ef78d
350cb5059ba98aa2305ba0d959fec205c30d0f86
7036016f1b71023def76c780104605b32a3f61bcf0bbc4e851b58ddef0582f01
Analyzer Verdict Alert openphish Coinbase
GET /static/img/icon_googlePlay.c4282a5f.png HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: image/png
Content-Length: 17300
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
ETag: "637f3fdb-4394"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
www.coinbasecf-app.com/static/img/icon_appStore.89f0eb05.png
52.139.170.40200 OK 14 kB URL HTTP/1.1 www.coinbasecf-app.com/static/img/icon_appStore.89f0eb05.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 464 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 89f0eb0533a76fcf8a2714e6945cb344
faf2cd0dc10a9f06388f51998f399732e901f61b
8dc4749e2ea6917da79d553571aadc8ab4dff908a1b48bb2582be80247aa2213
Analyzer Verdict Alert openphish Coinbase
GET /static/img/icon_appStore.89f0eb05.png HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: image/png
Content-Length: 14006
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
ETag: "637f3fdb-36b6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
www.coinbasecf-app.com/files/rcw45g3.29795107
52.139.170.40200 OK 13 kB URL HTTP/1.1 www.coinbasecf-app.com/files/rcw45g3.29795107
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 450 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 29795107c169eb9bbcabdbf9549929f9
c9643656f957ae51ca5f5981aea041776c79ffc8
adb5d1b1eb058f2f393730f020967dccf2201994212ab41ae48de25d676a2211
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /files/rcw45g3.29795107 HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: image/png
Content-Length: 12660
Connection: keep-alive
x-amz-id-2: 5pZjI7eW0rtbFB5IjIF/uVqfoLnAVfUpxOMQSOLl4v5ePyyL4qx1ryAJ0SjXZDd7+ctEsn00dBM=
x-amz-request-id: SRS1X5SQXASWBFTQ
Last-Modified: Fri, 03 Jun 2022 07:25:53 GMT
ETag: "29795107c169eb9bbcabdbf9549929f9"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
Content-Disposition: attachment
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/api/app/dialogs
52.139.170.40200 OK 64 B URL HTTP/1.1 www.coinbasecf-app.com/api/app/dialogs
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 414734fd09e01292a48b8953548c43b3
e2e7db14c9d335d81a64feb52c40370c5ff744d8
31c918746a04f6f71be7a4cd9afc151be32a2d944f736286eac9047af0aa27af
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /api/app/dialogs HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: d05e57cb-88a1-49ec-89e5-fc8268c50c80
Device-Id: h5
Request-Date: 1675299214
Signature: 4f78911afc5f68af860e91b8286f10e0
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/files/rnbp7u4.json
52.139.170.40200 OK 71 kB URL HTTP/1.1 www.coinbasecf-app.com/files/rnbp7u4.json
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (63922), with no line terminators
Hash 32b0d6bc0eacf807a7f42a77c718a06d
003a50c6e10abe6ee56915577a50fce1e44a2c08
b48112e59838071203026bfede08c631c304293f3f43511dfad2afb77db9911b
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /files/rnbp7u4.json HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
x-amz-id-2: NV4P899BlYzeqU7iyp4U2rxYIQ8Ml+v6O38PtZzrZ7UFNyrnapPxipOpFGnfTbA+6MmrePgH700=
x-amz-request-id: SRSC24721SKT4B9F
Last-Modified: Fri, 23 Dec 2022 03:06:40 GMT
ETag: W/"3ce54e65112190ac527bd7c4db75ebe7"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
Content-Disposition: attachment
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
Content-Encoding: gzip
www.coinbasecf-app.com/files/rcw1dg6.44
52.139.170.40200 OK 54 kB URL HTTP/1.1 www.coinbasecf-app.com/files/rcw1dg6.44
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 982x860, components 3\012- data
Hash 1ce25b1e327e4c68fb347aa400e083da
0f8d6c7cb85713382a42a594d01053479653383d
7449631badd9075484b2f70f972efbbee951570156038617ed73edfcdd387896
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /files/rcw1dg6.44 HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: image/jpeg
Content-Length: 53911
Connection: keep-alive
x-amz-id-2: yjeRyrnI+ZLhAOVKXS83I/18IJ6+tHUZIhsYMqTnAvogqeerUWhEwriGr06N8/Brmuihft6Nqig=
x-amz-request-id: SRSABY7N0R7B070A
Last-Modified: Fri, 03 Jun 2022 07:06:50 GMT
ETag: "1ce25b1e327e4c68fb347aa400e083da"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
Content-Disposition: attachment
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
www.coinbasecf-app.com/static/fonts/Nunito-Bold.c0844c99.ttf
52.139.170.40200 OK 153 kB URL HTTP/1.1 www.coinbasecf-app.com/static/fonts/Nunito-Bold.c0844c99.ttf
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)NunitoBold3.601\012- data
Size 153 kB (152748 bytes)
Hash c0844c990ecaaeb9f124758d38df4f3f
231df28194a466da9e8ad72532164f50ad5f8750
8b9e27ba172e5b535b1d0564b4882f74aecc77a4dc4d20fc400bd2b2bc4418c1
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/fonts/Nunito-Bold.c0844c99.ttf HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/static/css/app.458720dd.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: application/octet-stream
Content-Length: 152748
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
ETag: "637f3fdb-254ac"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
www.coinbasecf-app.com/static/fonts/Nunito-SemiBold.876701bc.ttf
52.139.170.40200 OK 153 kB URL HTTP/1.1 www.coinbasecf-app.com/static/fonts/Nunito-SemiBold.876701bc.ttf
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)Nunito SemiBold\012- data
Size 153 kB (153116 bytes)
Hash 876701bc4fbf6166f07f152691b15159
91ab95e4bfedccb234e05305eeb2de76e5f5f66a
f1e4f2f2fc3d7c308dd2c7535c10c26020928a3e424a93712392d05429945cef
Analyzer Verdict Alert openphish Coinbase
fortinet Phishing
GET /static/fonts/Nunito-SemiBold.876701bc.ttf HTTP/1.1
Host: www.coinbasecf-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasecf-app.com/static/css/app.458720dd.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: application/octet-stream
Content-Length: 153116
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
ETag: "637f3fdb-2561c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes