{"report_id":"8d672f0b-e7c5-4105-b9b7-80ef1bf1de3f","version":6,"status":"done","tags":[],"date":"2026-02-18T12:13:27Z","url":{"schema":"http","addr":"access-vault-coinbase.com","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"access-vault-coinbase.com/","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"title":"coinbase vault","dom":{"size":6610,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4650)","md5":"3a6010dfa6ffd2351874552832c6ce1e","sha1":"14636f39ee6f26c83bcc13275ceb356746bb97a2","sha256":"28c8344a3d944b6493805e93c73a597834cdbd0e06eb3a149264b8f422d6ca5e","sha512":"a5a028ef3131b5f81b7f56d7862f6a5f6eeafee36a92a11c3770075d63cc3d7e0a1f38eb65321d2f42b540f4116e2afbc441c349ca19f1d5e095fd84a6f43726","ssdeep":"96:nC291c2YdBIeRLeYcCxdXlphcHCfQtMuMbkBOSkWMJOkWMJOkWMi0OkWMkzFi46o:h91jYjIeRLeQXlphlfpbSMEMEMYMMNV","tlshash":"24d1c83263085d3f5227c7d0e9e1f73994bd924ad22dd064f6a802be67c1d86dc636ac","dom_hash":"domhashec6e1fb6194032352e339af0881edb07","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"access-vault-coinbase.com","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-25T12:13:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"access-vault-coinbase.com","ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2026-02-17","domain_rank":0,"first_seen":"2026-02-18T12:11:37.220923Z","last_seen":"2026-02-18T12:11:37.220923Z","alert_count":26,"request_count":13,"received_data":560000,"sent_data":8879,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"access-vault-coinbase.com/assets/index-B9D2IVcn.js","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8f0d798e935309049a50005481279bb","sha1":"38fd5bc7904d2636824fccfc3b2a83980f2b02ef","sha256":"9051840ac7c6f7da7c86be4887a24642494e7a2dba2f26a165fe20334aa26586","sha512":"19f1f9e6d152595d159ad65969b91df63edc4c6fb823ca37cf3cf01a16fcfd7a64aea606f17fffbf47629ef0c17f9ce2e6e139fdaeec0cb653bbd89bd142f9f3","ssdeep":"12288:eaeCTcJ7eTY2KyuyfLSULetOaunCZW+3OHC8xnVE4TDatrkyd6jn+EMqarjqPMqz:Ucs2KyuyfLSULetOaunCZW+3OHbxnVEY","tlshash":"84946dd87199b57debf349e5502f9006b23d2a06e40e8850f13ced592bb5009a1bbfed","size":438338,"data":"","first_seen":"2026-01-12T18:44:53.838542Z","last_seen":"2026-02-18T12:13:29.186337Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"access-vault-coinbase.com/","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-18T12:13:05.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: private, max-age=0\r\ncontent-length: 2005\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"7d5-19c6d5d8b48\"\r\nexpires: Wed, 18 Feb 2026 12:13:06 GMT\r\nlast-modified: Tue, 17 Feb 2026 20:49:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nset-cookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz; expires=Fri, 20-Mar-2026 12:13:06 GMT; path=/\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: e52c052d2484e962b8e359da32d42e4f;o=1\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2005,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"9835ff1800ac57eb4049599bb54f4a69","sha1":"e337ac03fe36002931e06a62454ac398cae68043","sha256":"acddc38c1435ec86270f5e6df328aa5a100a9079d94303560ec0b7a865cb969e","sha512":"0934b63e2b16fc2baf9182b4cd5a62391fd767d5bcc8f8df6fc74a991ee2859ec48ea70a2a5ab278aae122398906262dd6835d8224be342026459eb6c7362c07","ssdeep":"","tlshash":"33412fb3f298c81712208399a9d1f125cc96a3c753a8e620f198509f1fc0bd6c9a357a","first_seen":"2026-01-12T18:44:53.820462Z","last_seen":"2026-02-18T12:13:29.175474Z","times_seen":3,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":76,"dns":1,"connect":25,"send":0,"wait":218,"receive":1,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/attached_assets/BTC.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /attached_assets/BTC.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-length: 1912\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"778-19c6d5a5310\"\r\nlast-modified: Tue, 17 Feb 2026 20:46:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: ea224457762100e55c6b056a8c55bf27\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1912,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced","md5":"8b8e80e14a5dac9a9affb3f07a08df23","sha1":"a81cf03afe2f66bbab37c9dc3022abdd57c97622","sha256":"4d6564e7fce454155d71ea34c53feb973ba3659b79ab7599055624ccf36563b6","sha512":"111a772e27ffd7f98cc7bd638ddcf113d97b0ddd13fb4ac1a5ed761261dde7e3101acba66be4d8ac65704c2da28f59f6e1a9f42de0c7e9820fb2492e2acb8e7d","ssdeep":"","tlshash":"58412de17f5d11e19b00df2d1ce151d4b4b31d479c16e0d5b550d06b545da2835637d2","first_seen":"2026-01-12T18:44:53.832998Z","last_seen":"2026-02-18T12:13:29.177469Z","times_seen":3,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/attached_assets/SOL.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /attached_assets/SOL.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-length: 3091\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"c13-19c6d5a5310\"\r\nlast-modified: Tue, 17 Feb 2026 20:46:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: b3076fee69e9d7865c6b056a8c55b985\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3091,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 49, 8-bit/color RGBA, non-interlaced","md5":"cca4aa1437583195e82820bb5e140e08","sha1":"edaf82d36eed6e045f7209e302cb879d9c7ee798","sha256":"6e96d599414f053e8f644abe4dce63526baf0550b4f0fba96842c60240fdb1fb","sha512":"3d54e93288c3608adaa49642e373a5cb36e08f8a757b71a0b02e47865f9c1d82a30a524d1dd92362a0270841c016a489e3441ba94865f214a34d554fdbc43325","ssdeep":"","tlshash":"11513ddf84b86d47ed746eb9b433c804b7ad0e958664053d21f8422c67c32d26d40552","first_seen":"2026-01-12T18:44:53.824808Z","last_seen":"2026-02-18T12:13:29.179387Z","times_seen":3,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/api/balances","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:07.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /api/balances HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 936\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 18 Feb 2026 12:13:07 GMT\r\netag: W/\"3a8-/HscK6IFEiI7GReuTUA+XUbbJug\"\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: f61b541bc164aa425c6b056a8c55b194\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":936,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5728023a0cd7f7ab4860ff8038424328","sha1":"fc7b1c2ba20512223b1917ae4d403e5d46db26e8","sha256":"36d023170366db25790da0d136fa933106c42e4bce39c501847be9446accafb3","sha512":"9f0e4567a97bbe1ad89d79034b98afc71ba5f93b0b513783c1f28fa2e04b2c3424d226d65b4e7290f7e128ce1b980a4a4522f548ccc032145784957d57c29b56","ssdeep":"","tlshash":"0711c6b6717c5d3bc1a09d41e947362aa000f916c9e6ce4b50dcc0b41955873216b750","first_seen":"2026-01-12T18:44:53.830134Z","last_seen":"2026-02-18T12:13:29.181473Z","times_seen":3,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/attached_assets/ETH.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /attached_assets/ETH.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-length: 1788\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"6fc-19c6d5a5310\"\r\nlast-modified: Tue, 17 Feb 2026 20:46:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 4727e8e7c8a7d3d05c6b056a8c55bc56\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1788,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 55 x 48, 8-bit/color RGBA, non-interlaced","md5":"d1248b15a8fa3b400d49a00e48a67f42","sha1":"111725ee0b7ac013ed615de98b78d54424b59865","sha256":"2930303ee5402f144a4f385d46c8d75098bb9e72e1cbf458d83badeab985b9d3","sha512":"046086d07540e8c495d4a8deb48768c00646c76669b76289e47dfb202952c26efc11adf55ea86fcd523fe657cb10a0554c5549c9fb4d808a5b141636796acbb3","ssdeep":"","tlshash":"95314d9339e08408f292167a1098260474caf551fc45a342380bcb737e4d1ebf2f7afa","first_seen":"2026-01-12T18:44:53.822969Z","last_seen":"2026-02-18T12:13:29.183567Z","times_seen":3,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/attached_assets/XRP.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /attached_assets/XRP.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-length: 1828\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"724-19c6d5a5310\"\r\nlast-modified: Tue, 17 Feb 2026 20:46:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 4c38e94b070f5eeb5c6b056a8c55b70b\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1828,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 57 x 49, 8-bit/color RGBA, non-interlaced","md5":"a1815db7810fc16ad6ebd77190d8daf2","sha1":"029d1376c0b2cf3f2e56248853e34c12c1a1c251","sha256":"5e9014854d20e453496f6b2fd425db00004ff1964fbdbc028fe9084090d9d365","sha512":"40631fcbaf4e0e83e715e01ed4b4b3f8676467e0ef1fea1a154bccd32be25b6f038cac3b24011c3200e2e40d110c653c0abb3274afff10fbb66fc28de875b557","ssdeep":"","tlshash":"2e3109bb3d0b3427976c843bb82600121af31979762a3937c0277294021fff096a8385","first_seen":"2026-01-12T18:44:53.837103Z","last_seen":"2026-02-18T12:13:29.185235Z","times_seen":3,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/assets/index-B9D2IVcn.js","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /assets/index-B9D2IVcn.js HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-length: 438338\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"6b042-19c6d5d8b48\"\r\nlast-modified: Tue, 17 Feb 2026 20:49:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 78b9b811f79438615c6b056a8c55b43a\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":438338,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37534)","md5":"e8f0d798e935309049a50005481279bb","sha1":"38fd5bc7904d2636824fccfc3b2a83980f2b02ef","sha256":"9051840ac7c6f7da7c86be4887a24642494e7a2dba2f26a165fe20334aa26586","sha512":"19f1f9e6d152595d159ad65969b91df63edc4c6fb823ca37cf3cf01a16fcfd7a64aea606f17fffbf47629ef0c17f9ce2e6e139fdaeec0cb653bbd89bd142f9f3","ssdeep":"12288:eaeCTcJ7eTY2KyuyfLSULetOaunCZW+3OHC8xnVE4TDatrkyd6jn+EMqarjqPMqz:Ucs2KyuyfLSULetOaunCZW+3OHbxnVEY","tlshash":"84946dd87199b57debf349e5502f9006b23d2a06e40e8850f13ced592bb5009a1bbfed","first_seen":"2026-01-12T18:44:53.838542Z","last_seen":"2026-02-18T12:13:29.186337Z","times_seen":3,"resource_available":true,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/crypto/CB.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:07.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /crypto/CB.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-length: 929\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:07 GMT\r\netag: W/\"3a1-19c6d5d8760\"\r\nlast-modified: Tue, 17 Feb 2026 20:49:32 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 2155063e13bccd595c6b056a8c55b465\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":929,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 43, 8-bit/color RGBA, non-interlaced","md5":"41eaf9fd265a6f9ea1b4ff9d82986978","sha1":"d00f6be90ca18808862ba50753b05815ab5fc59b","sha256":"69f9c1e82128ee22a26cbf6ed40f90cc9fcdc3d2a789a44f7e8de58c7001cfb2","sha512":"7c2b6f11fd4309ac6b1aa74643dbee9148be9cd118c43538a3f0a995f783aaf5e1a760b029ca5bbc2abe8f4f0a1c602d002c409ce1b7075b75d5e9fc8146e219","ssdeep":"","tlshash":"b01184f9094c2f48ee4b023de876a68c206e70e7740c0a16e84d6d411a4ae9806f06b4","first_seen":"2026-01-12T18:44:53.82852Z","last_seen":"2026-02-18T12:13:29.187292Z","times_seen":3,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/api/prices","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:07.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /api/prices HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 1223\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 18 Feb 2026 12:13:07 GMT\r\netag: W/\"4c7-TSy0ZsoqklcwJrgG012mjS4hnDM\"\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 608f8bed957f36da5c6b056a8c55bec3\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1223,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"67d17f1dfdeb33ead61d8e5c447958cd","sha1":"4d2cb466ca2a92573026b806d35da68d2e219c33","sha256":"ffca9ac22117803ea6d6a5678fa2517edb8e5b3aec2c231157f29f21fe1a161f","sha512":"c1b0bcdc30bd5b0e45b8d29cce1de1d4686218367488dfceacef36ef344e2ecd84a198119dc415a2f6df010ce4e17d42ccea1c73d5ba046098c1be560de42146","ssdeep":"","tlshash":"482111c25ad247f4c6a9706a6db1b2f03813738e95dd4ec3d098cdb6f0d04e97b16824","first_seen":"2026-02-18T12:13:29.188606Z","last_seen":"2026-02-18T12:13:29.188606Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/attached_assets/USDC.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /attached_assets/USDC.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-length: 2177\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"881-19c6d5a5310\"\r\nlast-modified: Tue, 17 Feb 2026 20:46:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 2fa4c1a9f5c17d815c6b056a8c55b3e3\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":2177,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 54 x 49, 8-bit/color RGBA, non-interlaced","md5":"aab1489732a071f38d778e3ded511c14","sha1":"43af746e3c5b1bc707291f04faea25aef4c9b554","sha256":"2665d1a1f27586ead13b478a7519f99e05f2c4705551d87f9ded12a54724c884","sha512":"9d802634da1dfae1cc7b3ad9a13d2cfd1f7d92ae81511ad2323378bdbfc6e8af448d894eaf4e221a1d3bfea673b628a00b86a5cc57cab9e2f5ca521b64c5ac37","ssdeep":"","tlshash":"5f411ac37d3be49d4e53e129138f75f11c00ca24083a769c3a97a42ea72bb9a7705929","first_seen":"2026-01-12T18:44:53.826656Z","last_seen":"2026-02-18T12:13:29.192233Z","times_seen":3,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/attached_assets/Tether.PNG","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /attached_assets/Tether.PNG HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-length: 1605\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: image/png\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"645-19c6d5a5310\"\r\nlast-modified: Tue, 17 Feb 2026 20:46:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 0c9c873cedfac7245c6b056a8c55b9dc\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1605,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"d0c56eaeca571e3567231a8b130ac31a","sha1":"2b1f31984ca6d3d89942cd84b8250b30e1fbb578","sha256":"986c88d1d319dce018990081b6ab32d376053391f9f3b88d3ef4cadbda79385b","sha512":"93f6466df0315a28083336d5f152eb7eabe686742b9f7a28764e53aa997a658bd363af0ddff0df8613709b1048dbdabd77903c8ca745cff57c89f1b7be5bb848","ssdeep":"","tlshash":"d131ea4d31cf89d98a3a5ce94053994566af608732a171c8d6f8753c6c1e4689b129d8","first_seen":"2026-01-12T18:44:53.8356Z","last_seen":"2026-02-18T12:13:29.19331Z","times_seen":3,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/assets/index-DG_HyvED.css","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:06.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /assets/index-DG_HyvED.css HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-length: 88019\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Wed, 18 Feb 2026 12:13:06 GMT\r\netag: W/\"157d3-19c6d5d8b48\"\r\nlast-modified: Tue, 17 Feb 2026 20:49:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: e70696cd834e96445c6b056a8c55b89f\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":88019,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"91c1920d78fb0581493296dbec793ffd","sha1":"cd9e5b30475353c7454918affce3ce206a8625cd","sha256":"d813d19aa93290bfbef0c8cfc1e00a65ca2c26db1544b37095d53782f698bf24","sha512":"6fc277a69d4745bf16d0b92ccb5a0e2dada15d9a54cb1a9358969c8b32e7fb7a480a54120ef3b26e41e13b314464e23aa3f5cfcd336a8eaedc92d39cfaafbf0c","ssdeep":"1536:Mofh+fEcBiw866WUZMG3fF378VQZkt5FJPbJ6FZ:Mofh+fEBw8KUZMG3fF378VQZkt5F5167","tlshash":"e683742dba59503f3c6791f4d38cbaaca10af1c0de3a05eabd86413166c37f25ca7654","first_seen":"2026-01-12T18:44:53.8177Z","last_seen":"2026-02-18T12:13:29.19423Z","times_seen":3,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"access-vault-coinbase.com/favicon.ico","fqdn":"access-vault-coinbase.com","domain":"access-vault-coinbase.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://access-vault-coinbase.com/","date":"2026-02-18T12:13:07.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"access-vault-coinbase.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Feb 2026 20:08:32 GMT","end":"Mon, 18 May 2026 20:08:31 GMT"},"fingerprint":{"sha1":"D8:4A:89:D0:88:A6:36:75:49:74:D3:B3:9E:AA:64:61:6E:A7:6E:79","sha256":"E8:82:E6:91:B8:73:D7:5A:05:A1:47:76:36:53:C5:7F:AC:51:37:DF:0F:5C:6D:96:22:70:C0:C3:B2:00:57:3C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: access-vault-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://access-vault-coinbase.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDA1ZWI2OTc0YzFhYmUxNzY1Mzg3NjgwZTU0M2Q1MDBjMzVlNGMzMGY0YzBiMGRkN2JhNTY4OTFmMDFlM2IyOTExMzAyNTlkZmY0MTY0ZGM3ZTM3ZDNkOGRmOGZkOTlhNzQ0MTdiODY4NGE5YTc4YmVkMjUxMGM0NDRhZDdkOWNjNDRhOGRmZDNmMzlkMzU4ZjA0Y2IxYjg3MjIyZWIQo6qshccz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-length: 2005\r\ncontent-security-policy: default-src 'self'; connect-src 'self' https://api.coingecko.com https://pro-api.coingecko.com https://*.coingecko.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 18 Feb 2026 12:13:07 GMT\r\netag: W/\"7d5-19c6d5d8b48\"\r\nlast-modified: Tue, 17 Feb 2026 20:49:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: febaf6d1c27871a85c6b056a8c55bec9\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-frame-options: DENY\r\nx-xss-protection: 1; mode=block\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":2005,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"9835ff1800ac57eb4049599bb54f4a69","sha1":"e337ac03fe36002931e06a62454ac398cae68043","sha256":"acddc38c1435ec86270f5e6df328aa5a100a9079d94303560ec0b7a865cb969e","sha512":"0934b63e2b16fc2baf9182b4cd5a62391fd767d5bcc8f8df6fc74a991ee2859ec48ea70a2a5ab278aae122398906262dd6835d8224be342026459eb6c7362c07","ssdeep":"","tlshash":"33412fb3f298c81712208399a9d1f125cc96a3c753a8e620f198509f1fc0bd6c9a357a","first_seen":"2026-01-12T18:44:53.820462Z","last_seen":"2026-02-18T12:13:29.175474Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"access-vault-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}