{"report_id":"2a987b91-efb1-4ec1-b8d1-a2fab8008b38","version":6,"status":"done","tags":["coinbase","crypto","phishing"],"date":"2026-03-12T13:23:16Z","url":{"schema":"http","addr":"verificationsite.co","fqdn":"verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.verificationsite.co/?email=#","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"title":"coinbase","dom":{"size":6270,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4567)","md5":"fd39ae2aed65d3fd4f672a5026850eea","sha1":"8d8d7901976840747a270caff7ceee8fdb158f33","sha256":"f546711257d20254b080c6b8def73021d6c6260078c523821202e2071419f9ae","sha512":"531a933e5b3f88b058efc8735aba8e122bc677ae341c7683da17480c6e796634c4a52a7a6165d5a4efc246bf28948c7ef78e083adeddb9f90f6a1266a39c4bc6","ssdeep":"96:n27F6m0guM2NXIIhjp4xkxh8l1Wc8EqOW3VcgtJr71JS:2iPJXIWjp4xkAngEAnP1s","tlshash":"78d1c5b253714296a3dbdaf2bdf29b3ef18b9245c687a444b0bc4182dbf3cd05b44608","dom_hash":"domhash7654ca5d2aebb13d651c0d8370cec675","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"verificationsite.co","fqdn":"verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-16T13:23:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]},"summary":[{"fqdn":"verificationsite.co","ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":781,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"www.verificationsite.co","ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":20,"request_count":10,"received_data":815778,"sent_data":4812,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"www.verificationsite.co/assets/index-BgbDtiqI.js","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a431636c4bd41f013e2e5fce555ecbdc","sha1":"c54150f3712e6bc8e04dd6614d48c8c10904814f","sha256":"dd5694dc30429ba1301656646a671806d010553dd7f7f03597c22faebde0f30b","sha512":"537bf0ed31d180e7b9f8cadf4b54408e5fbe81cab72c4927a94bf984e7ef8f8364cbadc4dbd88302d00a8c7dd6fa7277d62325574f8e4252349ad17a63765a66","ssdeep":"6144:TrSHTZjIVX/vMEVth77pEOgJly+QiiqV4MvC/U18INtvWgDUjex:A4DVnWsqV47/08INtOgeex","tlshash":"3d744ce872a9b5665ba352f0407f0507b33c2c27680c8860f154edea3ab554991bbffd","size":354165,"data":"","first_seen":"2026-03-12T13:23:26.655022Z","last_seen":"2026-03-12T13:25:14.585588Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/index-BgbDtiqI.js","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a431636c4bd41f013e2e5fce555ecbdc","sha1":"c54150f3712e6bc8e04dd6614d48c8c10904814f","sha256":"dd5694dc30429ba1301656646a671806d010553dd7f7f03597c22faebde0f30b","sha512":"537bf0ed31d180e7b9f8cadf4b54408e5fbe81cab72c4927a94bf984e7ef8f8364cbadc4dbd88302d00a8c7dd6fa7277d62325574f8e4252349ad17a63765a66","ssdeep":"6144:TrSHTZjIVX/vMEVth77pEOgJly+QiiqV4MvC/U18INtvWgDUjex:A4DVnWsqV47/08INtOgeex","tlshash":"3d744ce872a9b5665ba352f0407f0507b33c2c27680c8860f154edea3ab554991bbffd","size":354165,"data":"","first_seen":"2026-03-12T13:23:26.655022Z","last_seen":"2026-03-12T13:25:14.585588Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"verificationsite.co/","fqdn":"verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T13:22:54.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"verificationsite.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:39:21 GMT","end":"Wed, 10 Jun 2026 11:39:20 GMT"},"fingerprint":{"sha1":"FF:92:A2:E5:DB:90:EA:66:09:DB:C2:C2:AB:9F:70:30:F3:7A:A4:A7","sha256":"2E:90:18:55:F9:C4:7D:7E:C6:EE:AD:62:29:47:C5:8F:4E:C8:36:D9:EF:38:38:DD:A1:EA:DC:5B:AB:72:A7:44"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Thu, 12 Mar 2026 13:22:54 GMT\r\nlocation: https://www.verificationsite.co/\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::l8qpm-1773321774278-c5dc16f932bb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":457,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T06:55:03.618869Z","times_seen":16731264,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":56,"dns":16,"connect":3,"send":0,"wait":10,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/index-BgbDtiqI.js","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.verificationsite.co/","date":"2026-03-12T13:22:54.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /assets/index-BgbDtiqI.js HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 429\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-BgbDtiqI.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 12 Mar 2026 13:22:54 GMT\r\netag: \"ead56092a1ef691259976bd50da46831\"\r\nlast-modified: Thu, 12 Mar 2026 13:15:44 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::vr82m-1773321774713-7453df66dc24\r\ncontent-length: 120649\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":354165,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (42533)","md5":"a431636c4bd41f013e2e5fce555ecbdc","sha1":"c54150f3712e6bc8e04dd6614d48c8c10904814f","sha256":"dd5694dc30429ba1301656646a671806d010553dd7f7f03597c22faebde0f30b","sha512":"537bf0ed31d180e7b9f8cadf4b54408e5fbe81cab72c4927a94bf984e7ef8f8364cbadc4dbd88302d00a8c7dd6fa7277d62325574f8e4252349ad17a63765a66","ssdeep":"6144:TrSHTZjIVX/vMEVth77pEOgJly+QiiqV4MvC/U18INtvWgDUjex:A4DVnWsqV47/08INtOgeex","tlshash":"3d744ce872a9b5665ba352f0407f0507b33c2c27680c8860f154edea3ab554991bbffd","first_seen":"2026-03-12T13:23:26.655022Z","last_seen":"2026-03-12T13:25:14.585588Z","times_seen":2,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/?email=","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T13:22:56.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /?email= HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2805\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 12 Mar 2026 13:22:57 GMT\r\netag: \"6696b206d068bafedc38881f50cbc5ea\"\r\nlast-modified: Thu, 12 Mar 2026 12:36:11 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wvwnj-1773321776974-9a9b1c28662b\r\ncontent-length: 457\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":457,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"6696b206d068bafedc38881f50cbc5ea","sha1":"0e67e73177b61662ec6f57800877e164ecd44fcc","sha256":"dca26cd7b125a032c70705eb882a6d96b0d94533108aed4dd64d9ed082facec7","sha512":"ebe59d8d467f15795a99720093394838a3e6b218a8853be33af210a5c413249f3de9973c7f03a2fc89fb1c9b905f3fddeff4a6562a24a8698b8eeb03148f9a3d","ssdeep":"","tlshash":"06f05c4194e0890552300760aec1f909d943e7878385ad4866ab90bd5fc47c2cedf4b8","first_seen":"2026-03-12T13:23:26.658123Z","last_seen":"2026-03-12T13:25:14.579986Z","times_seen":2,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/a_BJ1-X6Dz-BJ1-X6Dz.woff2","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.verificationsite.co/?email=#","date":"2026-03-12T13:22:57.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /assets/a_BJ1-X6Dz-BJ1-X6Dz.woff2 HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/assets/index-kBg55QFC.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 430\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"a_BJ1-X6Dz-BJ1-X6Dz.woff2\"\r\ncontent-type: font/woff2\r\ndate: Thu, 12 Mar 2026 13:22:57 GMT\r\netag: \"d65a3b1d9255924adbeeabac46787723\"\r\nlast-modified: Thu, 12 Mar 2026 13:15:46 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::vtqw6-1773321777229-4e1e6f7eb4c1\r\ncontent-length: 39128\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.2097","md5":"d65a3b1d9255924adbeeabac46787723","sha1":"2f5d6025d09e81ac0a6583f050560013f2b3fcce","sha256":"b2943cf448795751c6a309662c5237904fcb74e31507271deb64437350274b8d","sha512":"5e993defeb28e2a1332a02a017fd096a2b5a5d7d9d5294959e5bd8da51ccdf6b5bbc1b568126a89c350c43029d0e43da49fe14d47f85c6f2e45e87eb2d28e455","ssdeep":"768:r9ukWoIxmQnMtkdq0wReJL2N29X+bbzkoWy2ptCC8m5e5mFLEVy3:r9u7xmxtkAzReJiFbE42bCC8ceUFLEVQ","tlshash":"1f03022fc4b1f3e9a0d05cb96a3733d9e8ef1654318bb75138ae1ee5f8d69061209135","first_seen":"2023-04-22T15:10:15Z","last_seen":"2026-06-18T16:19:58.111192Z","times_seen":575,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/images.ico","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.verificationsite.co/?email=#","date":"2026-03-12T13:22:57.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /images.ico HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/?email=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2545\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"images.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Thu, 12 Mar 2026 13:22:57 GMT\r\netag: \"5baa56ce0241eb7c894beb107cf501bc\"\r\nlast-modified: Thu, 12 Mar 2026 12:40:32 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::vtqw6-1773321777251-9efe444261fa\r\ncontent-length: 1780\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1776,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 225 x 225, 8-bit colormap, non-interlaced","md5":"5baa56ce0241eb7c894beb107cf501bc","sha1":"9861b69fc1d836939b4f1cd309e9cba59b12a03c","sha256":"d5757db47d858692a0ba73afbffa729142008f6967b62c783d2a103a8ec45265","sha512":"ff8cdb53c5032515cef721848f13fa0a405fc16bb464a6787fcf26f960d7ccb40f81f96b497783d6e31196a76a16e7559979b756a95c89ced7f48041b18eb8d0","ssdeep":"","tlshash":"64310b0dd2e51cf90ac37dacfa3adb3fdf86645a46116d82a59892266f4137c781221c","first_seen":"2026-02-22T02:11:02.415559Z","last_seen":"2026-03-12T13:25:14.583081Z","times_seen":4,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T13:22:54.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2803\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 12 Mar 2026 13:22:54 GMT\r\netag: \"6696b206d068bafedc38881f50cbc5ea\"\r\nlast-modified: Thu, 12 Mar 2026 12:36:11 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lz5g9-1773321774502-e27f69c9548d\r\ncontent-length: 457\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":457,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"6696b206d068bafedc38881f50cbc5ea","sha1":"0e67e73177b61662ec6f57800877e164ecd44fcc","sha256":"dca26cd7b125a032c70705eb882a6d96b0d94533108aed4dd64d9ed082facec7","sha512":"ebe59d8d467f15795a99720093394838a3e6b218a8853be33af210a5c413249f3de9973c7f03a2fc89fb1c9b905f3fddeff4a6562a24a8698b8eeb03148f9a3d","ssdeep":"","tlshash":"06f05c4194e0890552300760aec1f909d943e7878385ad4866ab90bd5fc47c2cedf4b8","first_seen":"2026-03-12T13:23:26.658123Z","last_seen":"2026-03-12T13:25:14.579986Z","times_seen":2,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":190,"dns":163,"connect":1,"send":0,"wait":11,"receive":8,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/index-kBg55QFC.css","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.verificationsite.co/","date":"2026-03-12T13:22:54.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /assets/index-kBg55QFC.css HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 430\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-kBg55QFC.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Thu, 12 Mar 2026 13:22:54 GMT\r\netag: \"c4b0098293c7ad218665b93c8b111c10\"\r\nlast-modified: Thu, 12 Mar 2026 13:15:44 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::tw9w5-1773321774716-2fd16b4131d1\r\ncontent-length: 3064\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9658,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (9655)","md5":"62549990cba32aadd521c29f3a5cb732","sha1":"511e04f381f27673ec2e834e511f16ed1ed23dce","sha256":"6184b346a3d3c67a2f6762503972f2a759230cbd3acba798a9ba464c6b737463","sha512":"bb92f6ca02eee5f4b653363477fc4f74311f6e42d70e13d10b806162120ed2021dd3fe555293d037dc9fecc1627a89bdaa310e757b3773f4610029879bb4db3f","ssdeep":"96:PgMx/ADnrg7ur8vhYmDG2fOeieuOXR7I4uf0B/kYOs/GJwUwpOLPo+yGRKkNqeSH:Hx/G8YvgR/GeTpaPo+yGRKqhRS1bA4Bv","tlshash":"5912a9b9a336d87dec334c7b735cfc5c5218a282c9619becfa122611cac66f12a5171d","first_seen":"2026-01-21T18:04:42.558985Z","last_seen":"2026-03-12T13:25:14.588143Z","times_seen":5,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/a_BJ1-X6Dz-BJ1-X6Dz.woff2","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.verificationsite.co/","date":"2026-03-12T13:22:54.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /assets/a_BJ1-X6Dz-BJ1-X6Dz.woff2 HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/assets/index-kBg55QFC.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 428\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"a_BJ1-X6Dz-BJ1-X6Dz.woff2\"\r\ncontent-type: font/woff2\r\ndate: Thu, 12 Mar 2026 13:22:54 GMT\r\netag: \"d65a3b1d9255924adbeeabac46787723\"\r\nlast-modified: Thu, 12 Mar 2026 13:15:46 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::nbzvh-1773321774848-aa51c1cfd262\r\ncontent-length: 39128\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.2097","md5":"d65a3b1d9255924adbeeabac46787723","sha1":"2f5d6025d09e81ac0a6583f050560013f2b3fcce","sha256":"b2943cf448795751c6a309662c5237904fcb74e31507271deb64437350274b8d","sha512":"5e993defeb28e2a1332a02a017fd096a2b5a5d7d9d5294959e5bd8da51ccdf6b5bbc1b568126a89c350c43029d0e43da49fe14d47f85c6f2e45e87eb2d28e455","ssdeep":"768:r9ukWoIxmQnMtkdq0wReJL2N29X+bbzkoWy2ptCC8m5e5mFLEVy3:r9u7xmxtkAzReJiFbE42bCC8ceUFLEVQ","tlshash":"1f03022fc4b1f3e9a0d05cb96a3733d9e8ef1654318bb75138ae1ee5f8d69061209135","first_seen":"2023-04-22T15:10:15Z","last_seen":"2026-06-18T16:19:58.111192Z","times_seen":575,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/images.ico","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.verificationsite.co/","date":"2026-03-12T13:22:54.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /images.ico HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2542\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"images.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Thu, 12 Mar 2026 13:22:54 GMT\r\netag: \"5baa56ce0241eb7c894beb107cf501bc\"\r\nlast-modified: Thu, 12 Mar 2026 12:40:32 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::tw9w5-1773321774876-eeb8478e6384\r\ncontent-length: 1780\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1776,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 225 x 225, 8-bit colormap, non-interlaced","md5":"5baa56ce0241eb7c894beb107cf501bc","sha1":"9861b69fc1d836939b4f1cd309e9cba59b12a03c","sha256":"d5757db47d858692a0ba73afbffa729142008f6967b62c783d2a103a8ec45265","sha512":"ff8cdb53c5032515cef721848f13fa0a405fc16bb464a6787fcf26f960d7ccb40f81f96b497783d6e31196a76a16e7559979b756a95c89ced7f48041b18eb8d0","ssdeep":"","tlshash":"64310b0dd2e51cf90ac37dacfa3adb3fdf86645a46116d82a59892266f4137c781221c","first_seen":"2026-02-22T02:11:02.415559Z","last_seen":"2026-03-12T13:25:14.583081Z","times_seen":4,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/index-BgbDtiqI.js","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.verificationsite.co/?email=#","date":"2026-03-12T13:22:57.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /assets/index-BgbDtiqI.js HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/?email=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 432\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-BgbDtiqI.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 12 Mar 2026 13:22:57 GMT\r\netag: \"ead56092a1ef691259976bd50da46831\"\r\nlast-modified: Thu, 12 Mar 2026 13:15:44 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wvwnj-1773321777097-2ae63313eda0\r\ncontent-length: 120649\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":354165,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (42533)","md5":"a431636c4bd41f013e2e5fce555ecbdc","sha1":"c54150f3712e6bc8e04dd6614d48c8c10904814f","sha256":"dd5694dc30429ba1301656646a671806d010553dd7f7f03597c22faebde0f30b","sha512":"537bf0ed31d180e7b9f8cadf4b54408e5fbe81cab72c4927a94bf984e7ef8f8364cbadc4dbd88302d00a8c7dd6fa7277d62325574f8e4252349ad17a63765a66","ssdeep":"6144:TrSHTZjIVX/vMEVth77pEOgJly+QiiqV4MvC/U18INtvWgDUjex:A4DVnWsqV47/08INtOgeex","tlshash":"3d744ce872a9b5665ba352f0407f0507b33c2c27680c8860f154edea3ab554991bbffd","first_seen":"2026-03-12T13:23:26.655022Z","last_seen":"2026-03-12T13:25:14.585588Z","times_seen":2,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.verificationsite.co/assets/index-kBg55QFC.css","fqdn":"www.verificationsite.co","domain":"verificationsite.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.verificationsite.co/?email=#","date":"2026-03-12T13:22:57.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.verificationsite.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:34:01 GMT","end":"Wed, 10 Jun 2026 11:34:00 GMT"},"fingerprint":{"sha1":"20:E1:20:6A:4D:66:3B:3F:E4:C8:FC:4C:3D:C6:D9:3E:05:C8:D0:84","sha256":"F2:CF:CB:6D:98:BE:70:22:99:70:13:8D:94:D9:68:28:6B:BA:DD:B3:A5:2F:FB:9F:B6:5A:40:FC:9E:79:8B:67"}}},"request":{"raw":"GET /assets/index-kBg55QFC.css HTTP/1.1\r\nHost: www.verificationsite.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verificationsite.co/?email=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 432\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-kBg55QFC.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Thu, 12 Mar 2026 13:22:57 GMT\r\netag: \"c4b0098293c7ad218665b93c8b111c10\"\r\nlast-modified: Thu, 12 Mar 2026 13:15:44 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::rwt4v-1773321777101-20893646ef53\r\ncontent-length: 3064\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9658,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (9655)","md5":"62549990cba32aadd521c29f3a5cb732","sha1":"511e04f381f27673ec2e834e511f16ed1ed23dce","sha256":"6184b346a3d3c67a2f6762503972f2a759230cbd3acba798a9ba464c6b737463","sha512":"bb92f6ca02eee5f4b653363477fc4f74311f6e42d70e13d10b806162120ed2021dd3fe555293d037dc9fecc1627a89bdaa310e757b3773f4610029879bb4db3f","ssdeep":"96:PgMx/ADnrg7ur8vhYmDG2fOeieuOXR7I4uf0B/kYOs/GJwUwpOLPo+yGRKkNqeSH:Hx/G8YvgR/GeTpaPo+yGRKqhRS1bA4Bv","tlshash":"5912a9b9a336d87dec334c7b735cfc5c5218a282c9619becfa122611cac66f12a5171d","first_seen":"2026-01-21T18:04:42.558985Z","last_seen":"2026-03-12T13:25:14.588143Z","times_seen":5,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"www.verificationsite.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Coinbase","verdict":"phishing","severity":"medium","comment":"Associated with Coinbase phishing","tags":["coinbase","crypto","phishing"],"meta":null}]}}]}