Report - www.coinbasetru.com/

Report Overview

Submitted URL
www.coinbasetru.com/
IP
23.224.4.124
ASN
#40065 CNSERVERS
Submitted
2023-03-30 02:51:59
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
www.coinbasetru.com	unknown	2023-03-29T19:21:07Z	2023-03-29T19:21:07Z	800 B	1.1 kB	23.224.4.122
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	63 kB	34.120.237.76
www.coinbasegic.top	unknown	2023-03-28T20:44:51Z	2023-03-29T20:36:04Z	8.8 kB	2.1 MB	198.16.61.251
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.4 kB	6.2 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-30 02:52:12	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-29	medium	www.coinbasetru.com/	Coinbase
2023-03-29	medium	www.coinbasetru.com/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase
2023-03-28	medium	www.coinbasegic.top/	Coinbase

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-30	medium	www.coinbasegic.top/	Phishing
2023-03-30	medium	www.coinbasegic.top/static/js/app.848d755f.js	Phishing
2023-03-30	medium	www.coinbasegic.top/static/js/chunk-vendors.d1595a09.js	Phishing
2023-03-30	medium	www.coinbasegic.top/static/js/chunk-30413ce8.2e1be555.js	Phishing
2023-03-30	medium	www.coinbasegic.top/static/js/chunk-4043fba0.653a0e09.js	Phishing
2023-03-30	medium	www.coinbasegic.top/static/js/chunk-6d7b0fc3.39200c45.js	Phishing
2023-03-30	medium	www.coinbasegic.top/static/js/chunk-4711cb97.4dcaf51b.js	Phishing
2023-03-30	medium	www.coinbasegic.top/api/wallets/1/templates/0	Phishing
2023-03-30	medium	www.coinbasegic.top/api/configs	Phishing
2023-03-30	medium	www.coinbasegic.top/static/img/icon_duigou.455309c2.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	www.coinbasegic.top/static/js/app.848d755f.js	560 kB	2023-03-26	2023-04-01
Pretty URL www.coinbasegic.top/static/js/app.848d755f.js IP 198.16.61.251 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:17:07 Last Seen2023-04-01 10:43:47 Times Seen69 Hash 584bf3f0970b6a9a47251dc1d2ff5800 c9846a236ecb762a7c6c600bc9cb6e9695549872 8cb4e0e133439784a04a019e74fd5933c509b9ae814d3255b7181009c20353e4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f0ffd3b7c2574ac324603ed00488c850	7 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-25 10:59:39 Times Seen20303 Hash f0ffd3b7c2574ac324603ed00488c850 623e76c36aa2a886542011e28412cc761d7ceb01 c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Loading...

HTTP Transactions (40)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Thu, 30 Mar 2023 03:52:16 GMT
Date: Thu, 30 Mar 2023 02:51:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5271
Expires: Thu, 30 Mar 2023 04:19:37 GMT
Date: Thu, 30 Mar 2023 02:51:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5226
Expires: Thu, 30 Mar 2023 04:18:52 GMT
Date: Thu, 30 Mar 2023 02:51:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 02:28:14 GMT
content-type: application/json
age: 1412
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Z0S7f3t6DCGdUP2Fr1vCJGR6oLm95bon87jxouqFwD2fcFhdg7kbKRNBTc1fXUWbsBmmoYXPCdI=
x-amz-request-id: SRZ28W1MZ6XYNJ1K
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 01:56:51 GMT
age: 3295
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.coinbasetru.com/

23.224.4.122

301 Moved Permanently

166 B

URL HTTP/1.1
www.coinbasetru.com/
IP
23.224.4.122:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET / HTTP/1.1
Host: www.coinbasetru.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 30 Mar 2023 02:51:46 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.coinbasetru.com/
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 02:51:46 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae064c74a3769d42109473ad05d56fb9
d48029ab8568cee6ab7416d3b476ed792d780a56
9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17801
Expires: Thu, 30 Mar 2023 07:48:27 GMT
Date: Thu, 30 Mar 2023 02:51:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 02:14:37 GMT
age: 2230
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NA8ns1bmKtCbXNfrbvNfEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xq4sN7HLLe3zzKynH7MPaMUa+dM=
Date: Thu, 30 Mar 2023 02:51:47 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.coinbasetru.com/

23.224.238.51

302 Found

98 B

URL HTTP/1.1
www.coinbasetru.com/
IP
23.224.238.51:0
ASN
#40065 CNSERVERS

File type
HTML document, ASCII text, with no line terminators
Size
98 B (98 bytes)
Hash
510398064d209be352ea5f5f1e34155a
17ada85a44f79638692180325253ec17ede17a07
88fb9a54f39ecb0dac79f86e7eb514b41c752d2b65983ee029974b508ec5ce34

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET / HTTP/1.1
Host: www.coinbasetru.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Thu, 30 Mar 2023 02:51:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 98
Connection: keep-alive
X-Powered-By: Express
Location: https://www.coinbasegic.top
Vary: Accept
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6563
Expires: Thu, 30 Mar 2023 04:41:11 GMT
Date: Thu, 30 Mar 2023 02:51:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6563
Expires: Thu, 30 Mar 2023 04:41:11 GMT
Date: Thu, 30 Mar 2023 02:51:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6563
Expires: Thu, 30 Mar 2023 04:41:11 GMT
Date: Thu, 30 Mar 2023 02:51:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f40de24-4c2f-4f13-abb8-84e43aad114e.jpeg

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f40de24-4c2f-4f13-abb8-84e43aad114e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5115 bytes)
Hash
e6c02d9cb9b751fac2034d6553368741
6a61ae668050ceea617756f9cb93a5448b723e92
84aeedc6f9abdf212ed497d6f1fc2a285f7fb3ee5bfefc9acf440291ec40a852

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f40de24-4c2f-4f13-abb8-84e43aad114e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5115
x-amzn-requestid: 2964b9f7-8419-449c-ac11-5cea9c0f4f6c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4pFbiIAMFs5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-16d4a2b47860af44397fe9c0;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: AlGGun3SRxV4A7FU43vpQV9ZHnnT9EulphJOeIlpyvrhfQceZ0eoug==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:45:05 GMT
etag: "6a61ae668050ceea617756f9cb93a5448b723e92"
content-type: image/jpeg
age: 18403
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e919c2-25ed-4248-87bf-1a37b955c8fd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6617 bytes)
Hash
9c5fa6813496b7225a394a7b3f1beb49
3e48b96eb1cb0e57fb184810d0c4a46984b1c4f0
f47cca3d35642d45b802c7c37ce3743970a1f45da0c1e22a1fd812ccef739ab5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e919c2-25ed-4248-87bf-1a37b955c8fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6617
x-amzn-requestid: 8f0b0658-5987-471d-807c-3d96c80af4c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA50EXcIAMFfIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424aea4-287d80435637d86b08dc8d2f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ctQzxlf-05AEM3r7ra2ghRDR8UtDUhJ6NYW_jFniVMt3YOjEBGYJ2w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "3e48b96eb1cb0e57fb184810d0c4a46984b1c4f0"
content-type: image/jpeg
age: 18418
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11118 bytes)
Hash
1d109c71a6d804ac43ede46ac74f2065
251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4
de2d781c75abb41ea14c0f4c072df0977562d824d81b5f4ca28c4f635067a17b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11118
x-amzn-requestid: 71508920-b2d8-446d-a498-8bf8708af974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHrpoAMF-0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-5191b68a4c7f1ee042a05583;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3JIDZJcepJFwPc0anfKz5OO8LZY3cFMI4oljiaft8jBgltzp2iYJiA==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:50:13 GMT
age: 18095
etag: "251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12233 bytes)
Hash
db24198518d1a093c5c03e92e53925a2
288898a60e0a029946e7d770d2b0c64b6f3bf51d
4a15da439fa1a3ccdd3d329f250bacaab581287183293c4e367b05c2a83eb66d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12233
x-amzn-requestid: 781fd422-c720-49d7-bc90-6f8b18751caf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAynHgNoAMFvCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-5327bf334c985816289507b9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: xT4yOqmmDOGyZ-ef--AYRxpuzlFou0jf8p4BWB4qUCDXR1VStct5DA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "288898a60e0a029946e7d770d2b0c64b6f3bf51d"
content-type: image/jpeg
age: 18418
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13563 bytes)
Hash
e17677df3c62e2528f78149356f707fa
ed990a670d1b5f33e42e1927266c82d1532b2c75
3f23e0cf1a3b09c3747e5ac9917793d7035b3195a085d1e34777c5f3f09ce72c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13563
x-amzn-requestid: 61cfd396-07a1-451f-81df-868644a5e653
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAymEFOIAMFW3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-7adecc212066dc3c5252eb2f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: BRJ5kSrwZs5uuXG1oJqrGYfy4o9J_g2GtXVBvb67OG4mdMYnpHlAiw==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "ed990a670d1b5f33e42e1927266c82d1532b2c75"
content-type: image/jpeg
age: 18418
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ac043d-a0e8-4634-a2f0-91eb887beb46.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7466 bytes)
Hash
436db05a7bfdea78f479be0c3d48df38
ec1102be8a026e6d3bda038330d0bb40efae697b
336c3e71a8c0a7d24f786d83240f96bed040256e454121276965ebbf9d6887f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ac043d-a0e8-4634-a2f0-91eb887beb46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7466
x-amzn-requestid: c8eb17dd-3fa5-415b-b287-c0844b90246e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA6dFovoAMFb7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424aea9-682a6e4245ec88a62c46dcc3;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: LvRY4vhFUYngIFNO_4UduVVlvIlu7-R06U803FFpxoxSW7AYXgoB0w==
via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "ec1102be8a026e6d3bda038330d0bb40efae697b"
content-type: image/jpeg
age: 18418
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.coinbasegic.top/

198.16.61.251

200 OK

1.2 kB

URL HTTP/1.1
www.coinbasegic.top/
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1749)
Size
1.2 kB (1223 bytes)
Hash
143ad4030f84f932758e0086e7c2bcc3
8293e74070f9042dbafabcccb6fa92fde9593057
2cbdff738c6578df0d40fe4156c6fbb286b0f100417e7b348827f9517c785f77

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 02:12:22 GMT
Vary: Accept-Encoding
ETag: W/"640a9206-b41"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Content-Encoding: gzip
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

www.coinbasegic.top/static/css/chunk-vendors.08fce731.css

198.16.61.251

200 OK

40 kB

URL HTTP/1.1
www.coinbasegic.top/static/css/chunk-vendors.08fce731.css
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (39682 bytes)
Hash
60d9355b4ab0ed2b9437160e4245c4d8
520eedd0fe57b153ece9dc7da4b4ff4cabff25cd
ac4221f5a07b82992bea77b1a8ea2e86d0e9debfe21702b59234d90cac61412e

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-vendors.08fce731.css HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 08:10:02 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63b685da-1958d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/css/app.5776d6ee.css

198.16.61.251

200 OK

76 kB

URL HTTP/1.1
www.coinbasegic.top/static/css/app.5776d6ee.css
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (75654 bytes)
Hash
af4634205a1e261d78bf7c9806e2b245
5d21dc9c5d1a7ebfceeaef99c379bc6e7ed6d916
b72833cffd63d5d8b836e712cafb8c25cd1e9aba768e24c8d37a9b175d8eebc5

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/app.5776d6ee.css HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Mar 2023 10:23:24 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6405bf1c-486f3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/js/app.848d755f.js

198.16.61.251

200 OK

194 kB

URL HTTP/1.1
www.coinbasegic.top/static/js/app.848d755f.js
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text, with very long lines (65475), with no line terminators
Size
194 kB (193753 bytes)
Hash
1de20bb095d0f4b6bb709e03611d41a2
96d165fdd8170bc73d6fee0b2df493a27f057ba0
e05c676fd3cc21a51b765376a97d046e7eec9fe22208335ec7110830050b9b4d

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/js/app.848d755f.js HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 02:12:22 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"640a9206-88ace"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/js/chunk-vendors.d1595a09.js

198.16.61.251

200 OK

1.7 MB

URL HTTP/1.1
www.coinbasegic.top/static/js/chunk-vendors.d1595a09.js
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (60607)
Size
1.7 MB (1730123 bytes)
Hash
31b58d937a0e09a7e03662af085502ae
1991a3593272c251364fff975dce609b86edb1a6
70939c1648f86eacc330faf25b735b0cf8d66ae4a05cbb3b98cec2590ded3deb

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/js/chunk-vendors.d1595a09.js HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 03:57:31 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63c61cab-4a63fd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/favicon.ico

198.16.61.251

403 Forbidden

105 B

URL HTTP/1.1
www.coinbasegic.top/favicon.ico
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
105 B (105 bytes)
Hash
370aff3a893dd840025c9fcadcf7bf55
7dab33980e3d1c2aadcc5dcca5873a3cecee736d
b555194207d6a1b3baa84ca969cdbea4abb5e0ee0cc908fc9009a9e5ffd87c50

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 403 Forbidden
Date: Thu, 30 Mar 2023 02:51:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

www.coinbasegic.top/static/css/chunk-6d7b0fc3.d92afbd1.css

198.16.61.251

200 OK

585 B

URL HTTP/1.1
www.coinbasegic.top/static/css/chunk-6d7b0fc3.d92afbd1.css
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (585), with no line terminators
Size
585 B (585 bytes)
Hash
ed60012e29d80ead974959557e6b6437
64047681bac245fae5722eb8a309631805123ede
e853c556e4f842a643a6b183681714b49d750308c533e2cb5b48be9f500f1646

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-6d7b0fc3.d92afbd1.css HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:53 GMT
Content-Type: text/css
Content-Length: 585
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 08:10:02 GMT
Vary: Accept-Encoding
ETag: "63b685da-249"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes

www.coinbasegic.top/static/css/chunk-30413ce8.5c62c78e.css

198.16.61.251

200 OK

713 B

URL HTTP/1.1
www.coinbasegic.top/static/css/chunk-30413ce8.5c62c78e.css
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (2680), with no line terminators
Size
713 B (713 bytes)
Hash
6be8463570459c6c2d3847dc8c7bc790
b7c86764dab192febd293f4c017113f7d388cd3a
b1fc597c2458bec105afa7cb0c36f6e77e825af296a4444b91ada0c20314fefc

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-30413ce8.5c62c78e.css HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 02:12:22 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"640a9206-a78"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/js/chunk-30413ce8.2e1be555.js

198.16.61.251

200 OK

4.5 kB

URL HTTP/1.1
www.coinbasegic.top/static/js/chunk-30413ce8.2e1be555.js
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text, with very long lines (10780), with no line terminators
Size
4.5 kB (4459 bytes)
Hash
8728c9eea0cf639769f18156b10f1e09
e701747341e09b73c2eec4de8b06cd82183ab30d
fc907910aca8c7cba1b1dc619fa1c1974d946643e01c5242ab028c75136b2973

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/js/chunk-30413ce8.2e1be555.js HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:53 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 02:12:22 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"640a9206-2a20"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/css/chunk-4043fba0.efdd0cba.css

198.16.61.251

200 OK

672 B

URL HTTP/1.1
www.coinbasegic.top/static/css/chunk-4043fba0.efdd0cba.css
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (2296), with no line terminators
Size
672 B (672 bytes)
Hash
f0b7a51406ee012060349e393c0a3209
adc9a85305fb0a5444ed384e19f518920038e7df
2c59a12934d7c087ad3fb35bb77df0a9b4b2e63ce493618254d7665e9ad60bab

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-4043fba0.efdd0cba.css HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-8f8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/css/chunk-4711cb97.dcfaad6a.css

198.16.61.251

200 OK

446 B

URL HTTP/1.1
www.coinbasegic.top/static/css/chunk-4711cb97.dcfaad6a.css
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (1070), with no line terminators
Size
446 B (446 bytes)
Hash
c9f4a655337892f971be32d2813f55ad
acf9b49b5076b954652fa9ff0137d06b32f28e25
6a4c00ba7b5896e0e1445aa769b3b0a92bcdc2089526cd57b6416fc2f43c23ec

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-4711cb97.dcfaad6a.css HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-42e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/api/identify?domain=coinbasegic.top

198.16.61.251

200 OK

169 B

URL HTTP/1.1
www.coinbasegic.top/api/identify?domain=coinbasegic.top
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
JSON data\012- , ASCII text, with no line terminators
Size
169 B (169 bytes)
Hash
6db659bb4b1014d7d3fe9b0c0200a1ad
10a7e55821922afc4dc581436856bb21f07d75ab
08ba0b9e3afb103fea0193075d539bdcbfc4aa0f78e5e2d8da561df46e882440

HTTP Headers

GET /api/identify?domain=coinbasegic.top HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: undefined
Device-Id: h5
Request-Date: 1680144738
Signature: 2b137cd38825df071fd1a032eb93bf12
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

www.coinbasegic.top/static/js/chunk-4043fba0.653a0e09.js

198.16.61.251

200 OK

1.5 kB

URL HTTP/1.1
www.coinbasegic.top/static/js/chunk-4043fba0.653a0e09.js
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (3694), with no line terminators
Size
1.5 kB (1457 bytes)
Hash
94fb5f7510aded3a3fe3a0179d01b5fd
4038473e84f40267ecc48e156d51e5dec3b38582
bf86f618e5ee0c96870665e7b639e37a81012697769b7c533d4ea26952e0f050

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/js/chunk-4043fba0.653a0e09.js HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-e6e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/js/chunk-6d7b0fc3.39200c45.js

198.16.61.251

200 OK

808 B

URL HTTP/1.1
www.coinbasegic.top/static/js/chunk-6d7b0fc3.39200c45.js
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (1452), with no line terminators
Size
808 B (808 bytes)
Hash
ef5bda5e400f8ec6f10bd716d584bb55
47a2d8c898536326989f1c6d3b7c67bbba9454c8
94d161b124b4e2695f6fd910f022fccab20143e2b4fc3ebb6db0f3bf8ba8b50f

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/js/chunk-6d7b0fc3.39200c45.js HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 08:10:03 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63b685db-5ac"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/static/js/chunk-4711cb97.4dcaf51b.js

198.16.61.251

200 OK

2.8 kB

URL HTTP/1.1
www.coinbasegic.top/static/js/chunk-4711cb97.4dcaf51b.js
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (5490), with no line terminators
Size
2.8 kB (2803 bytes)
Hash
ccdb1e0105c88d01ad7985b4ee6793fe
7d7ba1d9863aad1eb35a0dc257d67408d7a3cbfc
e5a05ed398bee0bc62484f51bc059dfe573fd731c26ee166982a3ee287fe73e5

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/js/chunk-4711cb97.4dcaf51b.js HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 08:06:51 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63bfbf9b-1572"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip

www.coinbasegic.top/api/wallets/1/templates/0

198.16.61.251

200 OK

246 B

URL HTTP/1.1
www.coinbasegic.top/api/wallets/1/templates/0
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
JSON data\012- , ASCII text, with very long lines (315), with no line terminators
Size
246 B (246 bytes)
Hash
bbcf4dac63aac2f174f5abcba9e9d493
ca996923f45c174539372998d2f767628ebdeff7
f879aaba5f1fb4dbdee8b3b387510d742dde9a72180a46d4f8424e94b9c9c605

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /api/wallets/1/templates/0 HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: 02edea11-b276-4402-83b5-630259d51b26
Device-Id: h5
Request-Date: 1680144738
Signature: 18ab7b4fd65e6c44c831ca06fd1da062
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

www.coinbasegic.top/api/configs

198.16.61.251

200 OK

1.1 kB

URL HTTP/1.1
www.coinbasegic.top/api/configs
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
JSON data\012- , ASCII text, with very long lines (2994), with no line terminators
Size
1.1 kB (1134 bytes)
Hash
3339f38f49f70e7869223d44f7d77a26
ce3734ba5b9b47e21e5d1cc6ace803416d61dbd7
77e3eaa42285b8efe2141752a046e61e7287f4e4ba2e6c73254784f7102231f9

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /api/configs HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Version: 1.0.0
Platform: Linux x86_64
Lang: en-US
Agent-Identify: 02edea11-b276-4402-83b5-630259d51b26
Device-Id: h5
Request-Date: 1680144739
Signature: 3d1860e8328e69b067b27617cbab3dbe
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

www.coinbasegic.top/static/img/icon_appStore.89f0eb05.png

198.16.61.251

200 OK

14 kB

URL HTTP/1.1
www.coinbasegic.top/static/img/icon_appStore.89f0eb05.png
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
PNG image data, 464 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14006 bytes)
Hash
89f0eb0533a76fcf8a2714e6945cb344
faf2cd0dc10a9f06388f51998f399732e901f61b
8dc4749e2ea6917da79d553571aadc8ab4dff908a1b48bb2582be80247aa2213

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/img/icon_appStore.89f0eb05.png HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:55 GMT
Content-Type: image/png
Content-Length: 14006
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
ETag: "637f3fdb-36b6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes

www.coinbasegic.top/static/img/icon_googlePlay.c4282a5f.png

198.16.61.251

200 OK

17 kB

URL HTTP/1.1
www.coinbasegic.top/static/img/icon_googlePlay.c4282a5f.png
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
PNG image data, 464 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17300 bytes)
Hash
c4282a5f16443fd4493ced29810ef78d
350cb5059ba98aa2305ba0d959fec205c30d0f86
7036016f1b71023def76c780104605b32a3f61bcf0bbc4e851b58ddef0582f01

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/img/icon_googlePlay.c4282a5f.png HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:55 GMT
Content-Type: image/png
Content-Length: 17300
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
ETag: "637f3fdb-4394"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes

www.coinbasegic.top/static/img/icon_duigou.455309c2.svg

198.16.61.251

200 OK

1.7 kB

URL HTTP/1.1
www.coinbasegic.top/static/img/icon_duigou.455309c2.svg
IP
198.16.61.251:0
ASN
#40065 CNSERVERS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1089)
Size
1.7 kB (1717 bytes)
Hash
455309c29bf7626df47507c12fe7926d
131a81271e6b29b6a370087cfb2db2b5ff6aece4
b1303fa2dc2a0e950c8d8510e4a73d70cfa5d5a9a28fbfa60c06ddbd6962b4f4

Detections

Analyzer	Verdict	Alert
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /static/img/icon_duigou.455309c2.svg HTTP/1.1
Host: www.coinbasegic.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.coinbasegic.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 02:51:55 GMT
Content-Type: image/svg+xml
Content-Length: 1717
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:56:43 GMT
Vary: Accept-Encoding
ETag: "637f3fdb-6b5"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (40)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/2