{"report_id":"16f4c961-2411-437a-b78a-30b21c82922a","version":0,"status":"done","tags":[],"date":"2026-06-08T12:56:19Z","url":{"schema":"http","addr":"coinbaseru.ru","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":0,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"coinbaseru.ru/","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"title":"Биржа Coinbase — Вход на официальный сайт","dom":{"size":64794,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9379)","md5":"6b90539cf57c38e477a8973dbbf281f3","sha1":"b851cc0c6d0c438bed4e0adc0b90708d9ce6797f","sha256":"0cf27c833cb9887de9832626fd17e8984027ac965d513b38a5767794a0318b0e","sha512":"25012ff72a0c3bae591d89e5cb4e791f3a57a989778300a62abc5f54cd91f568dd2660a7ed9bdbc20491fa0a827cf27dc9846e7b6538bf7e32495b976fe50ff5","ssdeep":"1536:+IQhQRnnypudIIPl0/UxiYixmla/23ZdZRTgKksNMvi7Ab:QhQRnyQK/MRc9MZdZRkKksNM67Ab","tlshash":"fe53c771919d109e2201f19ad824ba0dbcea54beff66972734bc29bf76e1170817b30d","dom_hash":"domhash3eef11b96d1b9796d8ecf422f1c33082","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"coinbaseru.ru","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":0,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-13T12:56:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-07T22:18:26.533791Z","alert_count":0,"request_count":4,"received_data":126316,"sent_data":2272,"comment":"","tags":null,"fingerprints":null},{"fqdn":"coinbaseru.ru","ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"domain_registered":"2024-03-22","domain_rank":0,"first_seen":"2026-06-08T12:56:20.553926Z","last_seen":"2026-06-08T12:56:20.553927Z","alert_count":70,"request_count":14,"received_data":1055667,"sent_data":7079,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-07T22:22:03.23237Z","alert_count":0,"request_count":1,"received_data":6525,"sent_data":549,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-06-13T21:32:31.824453Z","times_seen":833875,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/reboot-scripts-js-extra","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"552a95b8734585cbdabc81976c1b6ab5","sha1":"bd353170356b14497d3f61dfc589fb142b8263fa","sha256":"b2b0ecfcd15f437bb2d9e040e3196f9320bf2d866e4bb2fa23b089130fa7777c","sha512":"d29bab1749d9c2ddcd45c24c905b5c0d10dd9aa081431166c22ab5dca5eb4555a4349e1b130525373ea4be29e34ece70a9102fba16f11fb90e18c089b4cbd081","ssdeep":"","tlshash":"d501e751c1b50e091183a5f1cc308f3f13ac0451f850cf085f5cc48be5343517f64545","size":708,"data":"","first_seen":"2026-06-08T12:56:24.275018Z","last_seen":"2026-06-08T13:03:38.892895Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/themes/reboot/assets/js/scripts.min.js?ver=1.5.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"451beb716b342f45e555c085bfb62ad7","sha1":"fb8f175c8f6d95c7e4a9bd0d551529956ac8b67e","sha256":"bebaebbd3ba0e572d77248a464216e8dfbee7624ecf262869d961f902b0e8eb1","sha512":"81662597168dea3217e94962eab616f672dfc677dda463765aa8bba7e59a4fe066d2d7489442cfe82e3a8993595d05981d7ad07d177b23c17b3c0943d8aba7de","ssdeep":"768:JlLxyK/VahplIWMftV9/HUW6JPdtQLdKQUFv+rUz1I1E4erM+ZenQKM/lTWTl90E:JlLxjafljUkyrxr","tlshash":"7d3382907241b0b50aab51154bbfb30ff07a6b166cd6c400d06a8eb42e64ee7b167ff5","size":54495,"data":"","first_seen":"2024-08-19T19:48:09.812667Z","last_seen":"2026-06-10T14:06:09.530605Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/wp-emoji-loader.min.js","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"771cffa7bb5b4cf03357670814676b6e","sha1":"dba257d73f2bf8c1cbc06e199cfac08efd0ed084","sha256":"1841cd69c62cb8dead2edfc6c8781f4a5d8eb62f402f1a76eb4135f224f2e287","sha512":"5690c318e6578e1177f29d05b806e1c399b383bf19bd805933b3df465b777ef2a89df4d85ec04127037392b56ef69d2dad6b49283e5c7f99ec646d5c2d018489","ssdeep":"","tlshash":"5161969ae77638dbb2f900f2697a0d47eb614435d6c8d438c9bda3181cb58a3c274a46","size":3383,"data":"","first_seen":"2026-06-08T12:56:24.276243Z","last_seen":"2026-06-10T14:06:09.537123Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-13T21:33:54.973253Z","times_seen":268869,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"eef18da5fe5aaae5e680c986d45095b3","sha1":"7de98439dcac8ae29f70032e3e9f8e1c61be1029","sha256":"2ab5e6d557ff0c4bd1d7d3818cc1ae19228a1236ff9d5acd7a5993ecbd45332a","sha512":"8258dd7abc8b6723730ed0816a61f6c1201741818b3ac5b9a82a97f4715a744ffb1a2d9f963485e25560d8cc431d0c91b4b3a1632ad81fb5d5057de01093cdcf","ssdeep":"","tlshash":"79f054943cdc40254337102237bbd148b03969292c0fed14f90cc4812f99ebc08bb90c","size":509,"data":"","first_seen":"2026-06-08T12:56:24.277254Z","last_seen":"2026-06-10T14:06:09.538066Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"aafa0a5779a1fe8cf4d474c681e855c0","sha1":"2856d23220455cb1d1afb2e374244d2aabbfa80f","sha256":"972b82974c893782620de04cd838c50ac2b499e56f9b7a9f886680f91a347470","sha512":"cbb7c4c976f69c92049280e6c578700765506f71ed6373c30185e3f3821321a74079460774d42128317121d090f5386ac3d35cde938bb8027bd51c15434ed47f","ssdeep":"","tlshash":"cfe0275585b51e09118365d1cc309f7f136d4451f850cf185f5dd49be5343517f64545","size":298,"data":"","first_seen":"2026-06-08T12:56:24.278331Z","last_seen":"2026-06-08T13:03:38.894682Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-06-13T21:32:31.833923Z","times_seen":905208,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"JQMIGRATE: Migrate is installed, version 3.4.1","filename":"https://coinbaseru.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459W1hyyTn89ddpROi.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:57.121Z","timestamp":1780923357121,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459W1hyyTn89ddpROi.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://coinbaseru.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23776\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 05:11:50 GMT\r\nexpires: Fri, 04 Jun 2027 05:11:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 373447\r\nlast-modified: Thu, 04 Sep 2025 17:11:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":23776,"size_decoded":24589,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23776, version 1.0","md5":"61611e47a80abeae7bab6335b074c70b","sha1":"6902954d25cbd00a037f12421a0d25580a0a81f7","sha256":"6e310df94df0c3e75cd1c6ecd08e22cc559eb0667d54013afdc469671ef4614a","sha512":"8207ee33de460e5f705a53a54ed45f4ad921141672b995584b2718a9bee837ae3331647f0f8fa9b62b812e6b54f9397e1da11160f9b3bf51ae39fc1ec32bb07b","ssdeep":"384:uEEi3OYr7g0sF91UG3qkcKtr40D/w18XHu3Nr/UL2s+HSeSN/Z26s6A296:fEieY/gfj1UVKSow1TVs+HY/Z/a","tlshash":"d4b2e142401cf0b1e7c76f7daacf24c095d613bacf3f95981145db7855ad5932c9c88a","first_seen":"2025-09-05T05:16:31.285834Z","last_seen":"2026-06-13T19:10:14.738307Z","times_seen":8522,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":28,"dns":2,"connect":0,"send":0,"wait":18,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-08T12:55:55.856Z","timestamp":1780923355856,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.3.20\r\nx-pingback: https://coinbaseru.ru/xmlrpc.php\r\nlink: \u003chttps://coinbaseru.ru/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://coinbaseru.ru/wp-json/wp/v2/pages/2\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://coinbaseru.ru/\u003e; rel=shortlink\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64625,"size_decoded":17917,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9379), with CRLF, LF line terminators","md5":"c952d76bfb5a22eee34a54d2333f4cf1","sha1":"ada7e8986525794630a77773b2bdb08c06695be8","sha256":"35366a5a2025334e03aa031fdf2523eb862d09fff88a1b1f1d1f02c3efa6eac0","sha512":"f234c37982bbe379bb3f84250782a0e71c45abfd730129a1643be54bae7fffe9197f345d30e3815686dd383ccbe07344b01c06b486fc8fcaff6e9738b6543f4a","ssdeep":"1536:BIQlYNMnypIlIID70VUXiYixmla/23ZdZRTgKksJvvi7AJ:llYNMyOYVORc9MZdZRkKksJv67AJ","tlshash":"0753c8719199109e2201f29ad824ba0dbcea44beff67972735bc29bf76e1170417b30d","first_seen":"2026-06-08T12:56:24.259135Z","last_seen":"2026-06-08T13:03:38.889695Z","times_seen":2,"resource_available":true,"data":null}},"time_used":610,"timings":{"blocked":0,"dns":77,"connect":40,"send":0,"wait":407,"receive":0,"ssl":85},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/themes/reboot/assets/css/style.min.css?ver=1.5.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.868Z","timestamp":1780923356868,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/themes/reboot/assets/css/style.min.css?ver=1.5.1 HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Apr 2024 16:35:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6616bfda-37fd6\"\r\nexpires: Mon, 15 Jun 2026 12:55:56 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":229334,"size_decoded":43026,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65107)","md5":"4d53605f615d690aba50a1a84eaebb7e","sha1":"799045d17f67877fbce46aba89306e8ad1a9c5d6","sha256":"543eff52dcdddccadf0d8c782e2556a4f998a71588eaf36b004e877283d25627","sha512":"3c962bb8ea393e3579f5156fc70f81f3a78c1561e029e4be8f8229aa04d863c5868773c502402ca3f2ba29d72a4126175367154bb557f6e96f92611b04bd18c9","ssdeep":"1536:D6ACWf65WQXcNFI00iB/QtI8UYXTaZHir0ro/Jv6zw9mQXAV:D6Ajf65WQXcXP/9YXOsJgw9C","tlshash":"222409e029a025dc9327cb3b5771f26c6d2491b1c7414af4e2f5ca1c8beabe6417364e","first_seen":"2025-09-18T16:21:05.717567Z","last_seen":"2026-06-10T14:06:09.521174Z","times_seen":4,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.871Z","timestamp":1780923356871,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 10 Apr 2024 15:27:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6616afdd-3509\"\r\nexpires: Mon, 15 Jun 2026 12:55:56 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13577,"size_decoded":5205,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-06-13T21:32:31.824453Z","times_seen":833875,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/uploads/2024/04/Screenshot_25-366x400.png","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.888Z","timestamp":1780923356888,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/uploads/2024/04/Screenshot_25-366x400.png HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 37107\r\nlast-modified: Wed, 10 Apr 2024 16:51:00 GMT\r\netag: \"6616c374-90f3\"\r\nexpires: Wed, 08 Jul 2026 12:55:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37107,"size_decoded":37422,"mime_type":"image/png","magic":"PNG image data, 366 x 400, 8-bit/color RGBA, non-interlaced","md5":"f5c6583c1ec22b2325d15ed1706dc9bf","sha1":"bd9229fcc3392cd96014fb492a61c9b1c6c34f6d","sha256":"01b2b5e4dce2de51acdd9fea1bf73e5f04c5457de2387f22d24eb232116a7bdd","sha512":"a4aa6fd793595f21e36db9d2823cc286aa7957a581f88e837cbede5ce86a4000c7845ffec926935a632038c82e331054ad12e70dd5a96efbdc5d988b597a7ac2","ssdeep":"768:f8BxHvkHCVsZMRfTZoP0ruS+YCoOE9qV0gJRmzP6ZI/i09:fUHvC9MnosrK1U60VWk","tlshash":"8df2f1ab65b8f04fbfe706174e612d76c7d900da432f1a8c8e29bc545ed1a4432f22b1","first_seen":"2025-09-18T16:21:05.706344Z","last_seen":"2026-06-10T14:06:09.531689Z","times_seen":4,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/uploads/2024/04/logo-coinbase.png","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.901Z","timestamp":1780923356901,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/uploads/2024/04/logo-coinbase.png HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nReferer: https://coinbaseru.ru/\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 25519\r\nlast-modified: Wed, 10 Apr 2024 16:19:34 GMT\r\netag: \"6616bc16-63af\"\r\nexpires: Wed, 08 Jul 2026 12:55:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25519,"size_decoded":25834,"mime_type":"image/png","magic":"PNG image data, 1122 x 200, 8-bit/color RGBA, non-interlaced","md5":"43a12c24bf6859b89951fa6f1a1e6f85","sha1":"0dd4af5cd4336cd290a6a2c74e51d5cc1e888cdb","sha256":"9759f7d4a9f3dedb3ff2280019a28336e3765b88dfcbac5485f59d95a70429de","sha512":"976341eb5fd87600fba8f9a8e56aadbf1d7adbe8ec918562ed72752a9d82b3308793e968e9165265987f11dfdf11f419909a3bf54bcf589bf650578f4e0df885","ssdeep":"768:rwf6kkyYvvyDprILk24ux623LcpQPXzmEAYi4Ztg:rwykkyYvvyDSR4uxXLAQSEDit","tlshash":"73b2f10ffcfa4311c9cf1630e461beb1a4fd968ea56be61ba9b341c44a9a5817005ad3","first_seen":"2025-02-27T11:21:23.38091Z","last_seen":"2026-06-10T14:06:09.534155Z","times_seen":27,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:57.123Z","timestamp":1780923357123,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://coinbaseru.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Jun 2026 18:05:25 GMT\r\nexpires: Sat, 05 Jun 2027 18:05:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 240632\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":37756,"size_decoded":38569,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-06-13T21:29:37.575431Z","times_seen":512191,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":41,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459W1hyyTn89ddpROi.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:57.124Z","timestamp":1780923357124,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459W1hyyTn89ddpROi.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://coinbaseru.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23776\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 04 Jun 2026 05:11:50 GMT\r\nexpires: Fri, 04 Jun 2027 05:11:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 373447\r\nlast-modified: Thu, 04 Sep 2025 17:11:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":23776,"size_decoded":24589,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23776, version 1.0","md5":"61611e47a80abeae7bab6335b074c70b","sha1":"6902954d25cbd00a037f12421a0d25580a0a81f7","sha256":"6e310df94df0c3e75cd1c6ecd08e22cc559eb0667d54013afdc469671ef4614a","sha512":"8207ee33de460e5f705a53a54ed45f4ad921141672b995584b2718a9bee837ae3331647f0f8fa9b62b812e6b54f9397e1da11160f9b3bf51ae39fc1ec32bb07b","ssdeep":"384:uEEi3OYr7g0sF91UG3qkcKtr40D/w18XHu3Nr/UL2s+HSeSN/Z26s6A296:fEieY/gfj1UVKSow1TVs+HY/Z/a","tlshash":"d4b2e142401cf0b1e7c76f7daacf24c095d613bacf3f95981145db7855ad5932c9c88a","first_seen":"2025-09-05T05:16:31.285834Z","last_seen":"2026-06-13T19:10:14.738307Z","times_seen":8522,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":34,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.870Z","timestamp":1780923356870,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 10 Apr 2024 15:27:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6616afdd-15601\"\r\nexpires: Mon, 15 Jun 2026 12:55:56 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87553,"size_decoded":30753,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-06-13T21:32:31.833923Z","times_seen":905208,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.873Z","timestamp":1780923356873,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/themes/reboot/assets/fonts/wpshop-core.ttf HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://coinbaseru.ru/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 58668\r\nlast-modified: Wed, 10 Apr 2024 16:35:38 GMT\r\netag: \"6616bfda-e52c\"\r\nexpires: Wed, 08 Jul 2026 12:55:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58668,"size_decoded":58998,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, wpshop-core","md5":"2fcda07cf0f6e04e36a23362734caea2","sha1":"c596aa516e5cf216fdc514679b4a6abe337eed13","sha256":"973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde","sha512":"42b1bb8dc70bd0b65d2586a6a11131db5f604d8e16c1669efe4687f26f1e65705bcc02e911e88e07fb8d3a27999d76b62cbc6a31b7069772dd8edf50a5cd52a4","ssdeep":"1536:I5LQRM0CsPnjQegTDHjNWOPRaEXhHRfI4TgrAw0L5Tq2wsuQugFB9yjxwBGDx0Eb:uLQRM0CsPnUTDHjsOPsEXhHRfnTiAw0s","tlshash":"9c43295ab34bff1fdb6aad3ba80162a20ee9d425931fb14b59851d03460dcb84c8c7c9","first_seen":"2023-04-07T13:41:48Z","last_seen":"2026-06-13T10:58:26.153569Z","times_seen":931,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/uploads/2024/04/appstore.png","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.904Z","timestamp":1780923356904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/uploads/2024/04/appstore.png HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nReferer: https://coinbaseru.ru/\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 2249\r\nlast-modified: Wed, 10 Apr 2024 16:54:43 GMT\r\netag: \"6616c453-8c9\"\r\nexpires: Wed, 08 Jul 2026 12:55:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2249,"size_decoded":2562,"mime_type":"image/png","magic":"PNG image data, 139 x 52, 8-bit/color RGBA, non-interlaced","md5":"afe571a30e30ba31a25e22e06d277aae","sha1":"410ad7602c7f5f8667f71851885303b968ff1a45","sha256":"fc878a90ed006befa2d134e78427d8a5f16d3ad15523ab7bd5ce42a1bc659995","sha512":"a66e8fe96cf553bdfcb49b1e0cf708bcb6995b1f304faff22a07fd5fa02a2e7373c7a5b786f12dad2ea37c26b1afcf9f883c7f6c4e39942e96fe5fa82585214f","ssdeep":"","tlshash":"514129dbccb66f00cb28a9679a070263633acafc04642d5fb87a2a081f94607d746496","first_seen":"2025-09-18T16:21:05.715022Z","last_seen":"2026-06-10T14:06:09.513194Z","times_seen":4,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:57.327Z","timestamp":1780923357327,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=7.0 HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:57 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 03 Dec 2025 09:04:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692ffd0e-58ea\"\r\nexpires: Mon, 15 Jun 2026 12:55:57 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22762,"size_decoded":5701,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-13T21:33:54.973253Z","times_seen":268869,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/uploads/2024/04/Screenshot_26.png","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.876Z","timestamp":1780923356876,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/uploads/2024/04/Screenshot_26.png HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 168814\r\nlast-modified: Wed, 10 Apr 2024 16:51:53 GMT\r\netag: \"6616c3a9-2936e\"\r\nexpires: Wed, 08 Jul 2026 12:55:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":168814,"size_decoded":169131,"mime_type":"image/png","magic":"PNG image data, 493 x 995, 8-bit/color RGBA, non-interlaced","md5":"4e7bf45ad91cba07cb549c66ddf6ba22","sha1":"f982d3e0434559b6bf0314d2227e6010261b78bf","sha256":"d05111ce39e18046d3e462216adc28a5be0d0611c86430acc72d09a6c6a336ed","sha512":"31e6b7b4a43d95908240b8399ffd1079b5904883946e784d41eb93d43f9d90ac70d71ecc9f35d5e92ba03d0d510ee436864392bd7f5cbfbebc8491f85dfb46c0","ssdeep":"3072:WuNqaKElOAc+emb2WntME+XWA+gBwr6I+Pk23xFqwYilCobz8bS3+XH:gXenSvXWA+dr1+PXBFqwPlCG8bO4","tlshash":"6ef312022231f78b1235f455e6ab2e17908951a6edc9f01dae0e910d66dfe432c36b3b","first_seen":"2025-09-18T16:21:05.712959Z","last_seen":"2026-06-10T14:06:09.518192Z","times_seen":4,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:57.120Z","timestamp":1780923357120,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:21 GMT","end":"Mon, 10 Aug 2026 18:37:20 GMT"},"fingerprint":{"sha1":"C7:04:EC:03:CB:34:6A:7A:0E:8D:12:AC:D9:6E:0C:1E:55:11:32:16","sha256":"0F:52:5C:58:54:41:2C:98:66:96:39:47:DA:6E:60:9C:3B:CB:A3:E8:B6:42:AB:BD:CB:29:94:AA:03:FE:9D:54"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://coinbaseru.ru\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 05 Jun 2026 18:05:25 GMT\r\nexpires: Sat, 05 Jun 2027 18:05:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 240632\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":37756,"size_decoded":38569,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-06-13T21:29:37.575431Z","times_seen":512191,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":3,"connect":31,"send":0,"wait":26,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/favicon.ico","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:57.226Z","timestamp":1780923357226,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:57 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1407\r\nlast-modified: Wed, 10 Apr 2024 16:49:59 GMT\r\netag: \"6616c337-57f\"\r\nexpires: Wed, 08 Jul 2026 12:55:57 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1407,"size_decoded":1723,"mime_type":"image/x-icon","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"0159013d66d2faae87108f8fbe0774d3","sha1":"8e40c19b25a599225dc71516e42ebc62a223d796","sha256":"cff522c4172060185280e9b5b4175d1a4eea259266abbb21980909b36a658574","sha512":"e8dbb2e22342893de3988d0f6d4825ef004d21e293fd358dc528706173cbd5c821de64331eee3c7e57b9b94ef962c94a3339a450d8cdb8466a34a2aea3cdfb55","ssdeep":"","tlshash":"9d21196daf47559868ab203a902b6b22dc07eb0cbf701208150d98e0c01242a8f1f555","first_seen":"2025-09-18T16:21:05.715981Z","last_seen":"2026-06-10T14:06:09.519247Z","times_seen":4,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat:400,400i,700\u0026subset=cyrillic\u0026display=swap\u0026ver=7.0","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.865Z","timestamp":1780923356865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:37:22 GMT","end":"Mon, 10 Aug 2026 18:37:21 GMT"},"fingerprint":{"sha1":"09:D4:FC:2F:81:37:26:42:91:15:6F:27:1B:72:A7:D2:1A:FC:31:72","sha256":"E9:45:95:A3:A1:F2:6E:F0:08:73:C1:35:32:67:E6:72:BB:89:C7:27:C0:8F:D7:48:6F:0A:88:7E:8B:00:2F:B9"}}},"request":{"raw":"GET /css?family=Montserrat:400,400i,700\u0026subset=cyrillic\u0026display=swap\u0026ver=7.0 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 08 Jun 2026 12:55:56 GMT\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5841,"size_decoded":1357,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f0c13d0dc1c0a336c76ffabccd1e4b3a","sha1":"94569bfe32b6118ce88ca49a0bbefce1621a7999","sha256":"820828db3aafbac7eec042e34f13691ed35afc73898c8f05c2203fbbcae2488f","sha512":"899ae5786befb9983085c36b1360fd756e99ef20c434f5399756fc989b438d492b1b1a6de3f7eb731c9217ef779e364e84b0d8d798fc25124c95a0c563ea6805","ssdeep":"96:AOYgEadwOYgEaTFZOhOYgEa7/OYgEaEJc+udOYgEaBNtOOEaRwOOEaOFZOhOOEam:AOdwOqFOnOAuOjRo7TbOmu6RB7W+Oju8","tlshash":"86c1ef91005ba500e6471cca23cf7e36de4e65627494c5797ffe2ca8addac224325b3d","first_seen":"2025-09-06T08:04:03.872189Z","last_seen":"2026-06-10T14:06:09.536531Z","times_seen":528,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":32,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/uploads/so-css/so-css-reboot.css?ver=1712768712","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.874Z","timestamp":1780923356874,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/uploads/so-css/so-css-reboot.css?ver=1712768712 HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Apr 2024 17:05:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6616c6c8-1b1\"\r\nexpires: Mon, 15 Jun 2026 12:55:56 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":433,"size_decoded":501,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"47c046b8fa93f793f3547aa027a6048e","sha1":"82e7630f988bdd9295d12b3e0322bb5d917941bc","sha256":"8e423151a8c471d821b1b713684151453ce7de37a55341bb49fa456a781c21ea","sha512":"3c33d5dbd621a848d66e49f34ead3416a5ad95c98b0dbac8d8bd6ea6ee864838bb058e03a36aedd529f4b6acdd72c064799ab1c83c1134eaab69c58566867fff","ssdeep":"","tlshash":"d4e0a0f8acef21021331df747b11ac926a4c50212c1292a6b7d0642960c9a6826b0f0d","first_seen":"2025-09-18T16:21:05.71402Z","last_seen":"2026-06-10T14:06:09.515111Z","times_seen":4,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/themes/reboot/assets/js/scripts.min.js?ver=1.5.1","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.878Z","timestamp":1780923356878,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/themes/reboot/assets/js/scripts.min.js?ver=1.5.1 HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://coinbaseru.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 10 Apr 2024 16:35:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6616bfda-d4df\"\r\nexpires: Mon, 15 Jun 2026 12:55:56 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54495,"size_decoded":10242,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54459), with no line terminators","md5":"451beb716b342f45e555c085bfb62ad7","sha1":"fb8f175c8f6d95c7e4a9bd0d551529956ac8b67e","sha256":"bebaebbd3ba0e572d77248a464216e8dfbee7624ecf262869d961f902b0e8eb1","sha512":"81662597168dea3217e94962eab616f672dfc677dda463765aa8bba7e59a4fe066d2d7489442cfe82e3a8993595d05981d7ad07d177b23c17b3c0943d8aba7de","ssdeep":"768:JlLxyK/VahplIWMftV9/HUW6JPdtQLdKQUFv+rUz1I1E4erM+ZenQKM/lTWTl90E:JlLxjafljUkyrxr","tlshash":"7d3382907241b0b50aab51154bbfb30ff07a6b166cd6c400d06a8eb42e64ee7b167ff5","first_seen":"2024-08-19T19:48:09.812667Z","last_seen":"2026-06-10T14:06:09.530605Z","times_seen":26,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinbaseru.ru/wp-content/uploads/2024/04/coinbase1.png","fqdn":"coinbaseru.ru","domain":"coinbaseru.ru","tld":"ru"},"ip":{"addr":"87.236.16.13","port":443,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinbaseru.ru/","date":"2026-06-08T12:55:56.903Z","timestamp":1780923356903,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbaseru.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 08:05:02 GMT","end":"Sat, 22 Aug 2026 08:05:01 GMT"},"fingerprint":{"sha1":"C1:96:1F:43:D1:50:75:5A:B0:22:26:0C:0C:FC:6C:4F:D9:27:1E:64","sha256":"D5:5A:63:90:39:1B:30:82:D7:CF:E0:5E:B8:77:2F:40:7D:B3:97:BD:DE:C8:5C:01:86:37:CD:16:23:F3:3B:CF"}}},"request":{"raw":"GET /wp-content/uploads/2024/04/coinbase1.png HTTP/1.1\r\nHost: coinbaseru.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nReferer: https://coinbaseru.ru/\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx-reuseport/1.21.1\r\ndate: Mon, 08 Jun 2026 12:55:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 284461\r\nlast-modified: Wed, 10 Apr 2024 16:41:36 GMT\r\netag: \"6616c140-4572d\"\r\nexpires: Wed, 08 Jul 2026 12:55:56 GMT\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":284461,"size_decoded":284778,"mime_type":"image/png","magic":"PNG image data, 1693 x 902, 8-bit/color RGBA, non-interlaced","md5":"97ec640e1ae9d3e7b87fa8016d28550e","sha1":"3aa152c130c172139566abc93acbc9a50d713439","sha256":"df12f1ebf894473f2ad44d46db3043f86ce1e516a98aad5035cc76c96b5ca987","sha512":"ffb906b71d4e3868cecef8c074ce1e2e8103f8858f4529d9b039b0c9d78dff67d77c0c80ad0d6b439cce57793b71efb388a980ebc8fb052d1546a9d7abc8c364","ssdeep":"6144:0DHXWYvZN2qgHyQGzQHVmwMnth+PjNuyTfmZpmG7hujQPQZBIfJkq+J:0LvZcqgHyzQ1m5thcjNuyTfimAhu8PsL","tlshash":"f154120c9af0ca87acab1273ac581b8357f6059ba9c1736f98d3b60d4d01ebe071595f","first_seen":"2025-09-18T16:21:05.708958Z","last_seen":"2026-06-10T14:06:09.53539Z","times_seen":4,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"coinbaseru.ru","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"coinbaseru.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}