Report - coinbasedex.ltd/

Report Overview

Submitted URL
coinbasedex.ltd/
IP
38.55.135.64
ASN
#54600 PEGTECHINC
Submitted
2023-01-29 21:35:29
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
106

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
coinbasedex.me	unknown	2022-09-19T17:00:32Z	2023-03-02T21:12:06Z	2.1 kB	446 kB	104.21.20.193
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	2.0 kB	4.4 kB	23.36.76.226
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	2.0 kB	151.101.130.133
coinbasedex.ltd	unknown	2023-01-27T08:53:18Z	2023-01-28T08:35:18Z	27 kB	3.0 MB	38.55.135.64
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.1 kB	2.1 kB	142.250.74.131
cdn.jsdelivers.com	unknown	2022-06-29T10:37:28Z	2023-03-04T22:41:25Z	314 B	761 B	172.67.128.188
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.36.23.49
bridge.walletconnect.org	34284	2019-08-13T18:49:31Z	2023-03-10T08:42:56Z	607 B	124 B	3.122.104.17
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	386 B	31 kB	151.101.65.229
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	53 kB	34.120.237.76
coinbasedex.cc	unknown	2022-09-20T17:34:57Z	2023-03-06T22:54:15Z	4.1 kB	12 kB	104.21.52.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-29 21:35:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-29 21:35:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-17	medium	coinbasedex.me/	Coinbase
2023-01-17	medium	coinbasedex.me/	Coinbase
2023-01-17	medium	coinbasedex.me/	Coinbase
2023-01-17	medium	coinbasedex.me/	Coinbase
2023-01-17	medium	coinbasedex.me/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase
2023-01-24	medium	coinbasedex.cc/	Coinbase

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	coinbasedex.ltd/	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/bignumber.min.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/evmchain.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/flexible.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/qrcode.min.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/jquery.min.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/layer/layer.js	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/jquery.min.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/w3model.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/web3model.min.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/web3provider.js	Phishing
2023-01-29	medium	coinbasedex.ltd/static/bscstatic/js/web3.min.js	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_4.a34be8fb.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_arrow.2047b042.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_set_menu_2.f293a1e1.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_set.ffd8b768.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_set_menu_3.02247b08.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_qa.526c3b66.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_set_menu_4.025aee4a.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menus.1191d17e.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/public/static/atom.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/public/static/link.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_arrow.d6b67da8.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/static/layer/skin/default/layer.css?v=3.0.11110	Phishing
2023-01-29	medium	coinbasedex.ltd/index/login/loadhomepage.html	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_join.1b4e4267.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/static/fonts/Nunito-Bold.c0844c99.ttf	Phishing
2023-01-29	medium	coinbasedex.ltd/static/fonts/Nunito-SemiBold.876701bc.ttf	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_share.9f8c5982.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_close.594a56d0.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_record.728f5602.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_2.44b770cb.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/coinbase_files/icon_menu_1.375eb58a.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/miningrecord_files/icon_duigou.455309c2.svg	Phishing
2023-01-29	medium	coinbasedex.ltd/index/index/ajaxindexpro1	Phishing
2023-01-29	medium	coinbasedex.ltd/index/index/ajaxindexpro1	Phishing
2023-01-29	medium	coinbasedex.ltd/static/fonts/Inter-SemiBold.ec60b23f.ttf	Phishing
2023-01-29	medium	coinbasedex.ltd/index/index/ajaxindexpro1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	coinbasedex.ltd/static/bscstatic/js/web3provider.js	955 kB	2023-03-13	2024-04-16
Pretty URL coinbasedex.ltd/static/bscstatic/js/web3provider.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2024-04-16 19:51:03 Times Seen14 Hash 7fda9e1a8b81752c801d42f35111fd8f 826acdf69bfe70535b80daf58203329536c0981a b7cd52fb461af30927ddc6fcca70a5eec27dc2081ac69c7764736f6f131e674f Loading...

	coinbasedex.ltd/	888 B	2023-03-13	2023-03-13
Pretty URL coinbasedex.ltd/ IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-03-13 11:47:14 Times Seen1 Hash 85c94240aaf344234aaf754e8f6880df 0661b42ef7ed6e43ad7892c4b4a9925838bd99db c35b45c8340017165fe45d7cc4b3056f0cfe3f5de0bbddca2d2b1254f6991dad Loading...

	cdn.jsdelivers.com/jquery/3.2.1/jquery.js?0.33792239147506953	87 kB	2023-03-07	2024-04-19
Pretty URL cdn.jsdelivers.com/jquery/3.2.1/jquery.js?0.33792239147506953 IP 172.67.128.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 18:05:59 Times Seen61084 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	coinbasedex.ltd/static/bscstatic/js/bignumber.min.js	19 kB	2023-03-07	2024-03-28
Pretty URL coinbasedex.ltd/static/bscstatic/js/bignumber.min.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:15 Last Seen2024-03-28 06:16:09 Times Seen34 Hash 220b87873ab81287f915af82e3ba9a33 ced2ebc27d644716effa64115643dd1770ba04eb 266103c2cedfaf94d60f5a638555639fb2b86f2b66386660fd3d057715ebf463 Loading...

	coinbasedex.ltd/static/bscstatic/js/jquery.min.js	85 kB	2023-03-13	2023-11-03
Pretty URL coinbasedex.ltd/static/bscstatic/js/jquery.min.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-11-03 04:43:14 Times Seen17 Hash 399a886128181590dc10834400ebebe8 5ce657f630b015526abf0dcc228859a5ba8d2c94 7d85d2002f251d9ee66806c1addab6c18e19591fce046a4493af61034ddd9202 Loading...

	coinbasedex.ltd/static/bscstatic/js/web3model.min.js	430 kB	2023-03-07	2024-04-16
Pretty URL coinbasedex.ltd/static/bscstatic/js/web3model.min.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:15 Last Seen2024-04-16 19:51:03 Times Seen90 Hash 365c80971c9efc3f3e8087fc703f7667 de6bd2aadd0984751888f6f59fdc81102e2f816d a4cd4c5feca9f7333052edb99312a899313e1f3f6b8f34ab7f8dcf01fe8d7a74 Loading...

	coinbasedex.ltd/static/bscstatic/js/evmchain.js	23 kB	2023-03-07	2024-04-18
Pretty URL coinbasedex.ltd/static/bscstatic/js/evmchain.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:55 Last Seen2024-04-18 16:44:25 Times Seen352 Hash 103cf7a3766e010c9499d24721aaf984 ca4e27f04aa5be91c32e0942583f39bca5277a1f d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9 Loading...

	coinbasedex.ltd/index/login/loadhomepage.html	528 B	2023-03-13	2023-03-13
Pretty URL coinbasedex.ltd/index/login/loadhomepage.html IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-03-13 11:47:15 Times Seen1 Hash c721c56651f3c81bbcb4243364b642a1 9c0fbcd4b8b66ecc0ae6d7865308870237ea30e4 9d414696a80feaaec8b623e8dd8e13771213b26f56d2011f62c8f4f670d8c7d2 Loading...

	coinbasedex.ltd/static/bscstatic/js/w3model.js	430 kB	2023-03-07	2024-03-28
Pretty URL coinbasedex.ltd/static/bscstatic/js/w3model.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:47 Last Seen2024-03-28 06:16:09 Times Seen52 Hash aac4569bbff2c557800aa919fb86114e d19621d1d38e488b417c28b3efd879b481566d80 5851c751870f4d385689f84d0e346c92234a1c7776f98099222eb30565370864 Loading...

	coinbasedex.ltd/static/layer/layer.js	21 kB	2023-03-07	2024-04-18
Pretty URL coinbasedex.ltd/static/layer/layer.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:02 Last Seen2024-04-18 15:56:05 Times Seen120 Hash 780fa9fee096b7bf72104d7779c5c359 343b5c8e92950b102336bde889f7ce20999a3246 b0324bfc823184920bf852354aef5a8e9fdc95148061b70a72d08793c96ef7af Loading...

	coinbasedex.ltd/coinbase_files/jquery.min.js	84 kB	2023-03-07	2024-04-19
Pretty URL coinbasedex.ltd/coinbase_files/jquery.min.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:04 Last Seen2024-04-19 06:49:25 Times Seen323 Hash 26aae2f13dc332df6e6f01e6657a03a0 8cbb682f32cf5bf8702571399ccb57a77148f27b 0108cf57a5359cdecc80699650b912a11731d0aeaec300d884a9d658ed96b295 Loading...

	coinbasedex.ltd/static/bscstatic/js/flexible.js	3.8 kB	2023-03-13	2023-11-03
Pretty URL coinbasedex.ltd/static/bscstatic/js/flexible.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-11-03 04:43:13 Times Seen10 Hash b1c4af866ecc79beea6dba32dc7da0f3 613bc6f456486a17e3c16665e3790469fa28d14b b1ef4cd2292f52f2540aed6c94d0b45fac3ee53479edf7f34c9541d930ac22f5 Loading...

	coinbasedex.ltd/	2.2 kB	2023-03-13	2023-03-13
Pretty URL coinbasedex.ltd/ IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-03-13 11:47:15 Times Seen1 Hash 18f52cb4e8db51e7302ce34c90320dc6 3d3df34903457025c4a26f723708dd1063405efd f2d3ac541f7e45ecb6a27b95ac81d3f46bd71a463866092fe211928533443b59 Loading...

	coinbasedex.ltd/	16 kB	2023-03-13	2023-03-13
Pretty URL coinbasedex.ltd/ IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-03-13 11:47:15 Times Seen1 Hash 822d92340274fa755e76d1c10b89fe87 139e4ab53e6385fd5a1859eb306d56c49c03f4a7 82a750e67a991e929d2b3e25ca6afaa007b7ee57a6be95e740a52a0f95c10087 Loading...

	coinbasedex.ltd/	174 B	2023-03-13	2023-03-13
Pretty URL coinbasedex.ltd/ IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-03-13 11:47:15 Times Seen1 Hash 7b48abb6070ac011f39ccad4c6067915 6370942eff9c6552cb259771d11e6b44f9401f04 0498c4b784087251f24520922ef5bb5ec8d627cb7b70f20f37d84edbf169851e Loading...

	coinbasedex.ltd/index/login/loadhomepage.html	901 B	2023-03-13	2023-03-13
Pretty URL coinbasedex.ltd/index/login/loadhomepage.html IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:42:32 Last Seen2023-03-13 11:47:15 Times Seen1 Hash 535f730e218179fde23584c8839e43b4 d2bec74099e7fcf5cf2431fe21bf1f2568bfee06 fe8750c53cbb0aeae335a53b42801361659415844bddd533ab8351eec7f663bc Loading...

	coinbasedex.ltd/static/bscstatic/js/qrcode.min.js	20 kB	2023-03-07	2023-11-18
Pretty URL coinbasedex.ltd/static/bscstatic/js/qrcode.min.js IP 38.55.135.64 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:51:26 Last Seen2023-11-18 13:00:13 Times Seen29 Hash 74aeb86c69c3a1e731869e3df76b0798 63b7637a15bfc965def9a343e297712823c90f85 fe994c4b76ff1f508f011112a20da3e42e122bced67f1928972d68b2ec000077 Loading...

HTTP Transactions (115)

URL IP Response Size

coinbasedex.ltd/

38.55.135.64

200 OK

10 kB

URL HTTP/1.1
coinbasedex.ltd/
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3185)
Size
10 kB (10400 bytes)
Hash
383da7d9d060c6d22fe2560f83c7b116
f87d07f5d2e22625af524989f11f304d5dbd5991
a574434360bec0d17468ccb998706dbd8050d37d0c317df78d674d9998cd3f8b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; path=/
think_var=en-us; expires=Sun, 29-Jan-2023 22:35:19 GMT; Max-Age=3600; path=/
think_var=en-us; path=/
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15883
Expires: Mon, 30 Jan 2023 01:59:59 GMT
Date: Sun, 29 Jan 2023 21:35:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15592
Expires: Mon, 30 Jan 2023 01:55:08 GMT
Date: Sun, 29 Jan 2023 21:35:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 20:35:38 GMT
content-type: application/json
age: 3579
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 21:35:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8385
Expires: Sun, 29 Jan 2023 23:55:02 GMT
Date: Sun, 29 Jan 2023 21:35:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: iAVqOSUorLE8LNyguJtdFYFqCTGYEBU+jaGSlUUKq+6EtxuFpmSUvBsTE5/6rFVZCVTAHGon2kflbls3OU1rlg==
x-amz-request-id: CSBGNYBRNTAANPBF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 21:21:32 GMT
age: 825
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/wii3PUaW9pU

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/wii3PUaW9pU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78ad2ff1014a1989f8eb2c2896d4e74a
dc6e767446b5a179160b14ae7f02beb1dda26efd
4c89dc00c09b07b217ab19a8462d27742266435b4062b05a5c40a46de8940219

HTTP Headers

POST /s/gts1p5/wii3PUaW9pU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 21:35:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

coinbasedex.me/images/4be8c590cdeee32ec62b0c9a1d3c39fe.png

104.21.20.193

200 OK

27 kB

URL HTTP/2
coinbasedex.me/images/4be8c590cdeee32ec62b0c9a1d3c39fe.png
IP
104.21.20.193:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 290 x 221, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26723 bytes)
Hash
4be8c590cdeee32ec62b0c9a1d3c39fe
edb859746b6a06a9fb2ef099995aa662b751443f
9b55229eb0c07c6324a22bedf379139667464f87bd384231debc686a79dbdddb

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /images/4be8c590cdeee32ec62b0c9a1d3c39fe.png HTTP/1.1
Host: coinbasedex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:17 GMT
content-type: image/png
content-length: 26723
last-modified: Wed, 01 Jun 2022 03:29:45 GMT
etag: "6296dd29-6863"
cache-control: max-age=14400
cf-cache-status: HIT
age: 29
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vprxSON%2FxO0kq3uNJpwKE1gkOmkyLppe%2FxINY7DVpEYxk18f2qECaunoSsdcjSr2SYOepKAXk1AbeYfpfQbtF0sgXFCmxbTQht9uNd3z7fa5V2EWKed%2FUAmulCZr19d7Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791518c628f6b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.me/images/d5a16ea6c5e936356e829ac43b9e1b39.png

104.21.20.193

200 OK

32 kB

URL HTTP/2
coinbasedex.me/images/d5a16ea6c5e936356e829ac43b9e1b39.png
IP
104.21.20.193:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 252 x 198, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31745 bytes)
Hash
d5a16ea6c5e936356e829ac43b9e1b39
f84507d37072efce7b231cfe9eeb9241b3b0d10c
91a1831116fba98e1f536eb2fa5d0300e5f2b6935f48ea3a9f4468dfb1ae97ee

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /images/d5a16ea6c5e936356e829ac43b9e1b39.png HTTP/1.1
Host: coinbasedex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:17 GMT
content-type: image/png
content-length: 31745
last-modified: Fri, 03 Jun 2022 05:19:06 GMT
etag: "629999ca-7c01"
cache-control: max-age=14400
cf-cache-status: HIT
age: 29
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urHpWIDtVgttSHPD1KyJsLt7LktFdV%2FV%2FOOunFdr%2FaVJMypXawKkJKB9a6W6V9tJwlXpn2JVmfW5J%2FMIwxfgHe%2B6jzJp%2BmhuiGKA51ZAXr1%2B5lflcpk0wnWPZudePXd9DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791518c628f2b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.me/images/259ae9ae82c40b5d236b63d138d15ce9.png

104.21.20.193

200 OK

32 kB

URL HTTP/2
coinbasedex.me/images/259ae9ae82c40b5d236b63d138d15ce9.png
IP
104.21.20.193:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 301 x 202, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (32141 bytes)
Hash
259ae9ae82c40b5d236b63d138d15ce9
965967fc4d681eb05ec88cd39a46f949d2c67b32
98e627981ade70dba9f020ad1463b69bc66ec4ebf65b69cb83a9e8aad96902a3

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /images/259ae9ae82c40b5d236b63d138d15ce9.png HTTP/1.1
Host: coinbasedex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:17 GMT
content-type: image/png
content-length: 32141
last-modified: Thu, 02 Jun 2022 03:41:47 GMT
etag: "6298317b-7d8d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 29
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUWWUKjoJFAjSBdR1OYiEHKUvZ6OJjzWblQBttjMyMScy3tcrpp2gDs01Q3Op0uI9l4WLa9jcvg52AUGP4aiCfUWr30YhO2I%2BAYlu%2BK1YNpQNZjABQCcxTRfin5AEB%2Brlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791518c628f3b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.ltd/coinbase_files/chunk-ec830418.26343261.css

38.55.135.64

200 OK

2.4 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/chunk-ec830418.26343261.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (11656), with no line terminators
Size
2.4 kB (2408 bytes)
Hash
cc609e95e75eb854f50fcdaf7195a114
a9a5884e02929d0160858baec846e32296ad93b8
3b152fa0be5fa8c7d7a7bc392e9aec64ed668607e770ed2fb7e49a3927e925ec

HTTP Headers

GET /coinbase_files/chunk-ec830418.26343261.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:19 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:26:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6334599a-2d88"
Expires: Mon, 30 Jan 2023 09:35:19 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/coinbase_files/chunk-56a70d30.4b33f4a0.css

38.55.135.64

200 OK

845 B

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/chunk-56a70d30.4b33f4a0.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (845), with no line terminators
Size
845 B (845 bytes)
Hash
c23baf0a64d008be2a2382f8db2d1fff
733d5225776c22f5b4d391253addf12abdc5347f
29e631ca80586325ef9c8f81c08ee728c36c609882bca547a1d9e54ca7b2fb3e

HTTP Headers

GET /coinbase_files/chunk-56a70d30.4b33f4a0.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:19 GMT
Content-Type: text/css
Content-Length: 845
Last-Modified: Wed, 28 Sep 2022 14:26:30 GMT
Connection: keep-alive
ETag: "63345996-34d"
Expires: Mon, 30 Jan 2023 09:35:19 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.me/images/5a4596ae13b659f0d61ce00c2a6e7734.png

104.21.20.193

200 OK

176 kB

URL HTTP/2
coinbasedex.me/images/5a4596ae13b659f0d61ce00c2a6e7734.png
IP
104.21.20.193:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 333 x 212, 8-bit/color RGBA, non-interlaced\012- data
Size
176 kB (176045 bytes)
Hash
5a4596ae13b659f0d61ce00c2a6e7734
7ad8f0992a62f5a8994fc8e130260e3cea777d92
9826ed334c348a49dcbe1d2e517b4614ba4c2cca3104840f6670f0e3e4150b74

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /images/5a4596ae13b659f0d61ce00c2a6e7734.png HTTP/1.1
Host: coinbasedex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:17 GMT
content-type: image/png
content-length: 176045
last-modified: Mon, 30 May 2022 03:43:34 GMT
etag: "62943d66-2afad"
cache-control: max-age=14400
cf-cache-status: HIT
age: 29
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lASU1%2BcctvA5sIJGrtBBnB4KR2YLa0UoIeD6kuReZ0oKMNQh7BTl7CgwL5HFrsmMIdxXWUHKDmyahIpis3FdxC27mw0aXTbb%2F9G2LZIpOS%2Fd9prCe2bYWYXOzWDSA248fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791518c628f9b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/wii3PUaW9pU

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/wii3PUaW9pU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78ad2ff1014a1989f8eb2c2896d4e74a
dc6e767446b5a179160b14ae7f02beb1dda26efd
4c89dc00c09b07b217ab19a8462d27742266435b4062b05a5c40a46de8940219

HTTP Headers

POST /s/gts1p5/wii3PUaW9pU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 21:35:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

coinbasedex.me/images/c4f153c9057416664918c4cef52789d9.png

104.21.20.193

200 OK

176 kB

URL HTTP/2
coinbasedex.me/images/c4f153c9057416664918c4cef52789d9.png
IP
104.21.20.193:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 316 x 217, 8-bit/color RGBA, non-interlaced\012- data
Size
176 kB (176045 bytes)
Hash
c4f153c9057416664918c4cef52789d9
7361442ef77d60b08bfef69d96c367c852563730
01865fc32de0e7d8655223af72efd44cd636082433228297e06d7fc64ad0d4e5

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /images/c4f153c9057416664918c4cef52789d9.png HTTP/1.1
Host: coinbasedex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:17 GMT
content-type: image/png
content-length: 176045
last-modified: Tue, 31 May 2022 07:07:58 GMT
etag: "6295bece-2afad"
cache-control: max-age=14400
cf-cache-status: HIT
age: 29
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSO85k192hAylxMHI4YPJoTg0iMq0KXeKEmGzXnJ7zamf1fPyZzBP0sIcphzrZ67%2BEJSTSHd5AUwBZSf9Uw0KO8uzk2VXTPbkWNWSVYA1jApkAA5ThFBu5i3TBka0MRy2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791518c628f8b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/wii3PUaW9pU

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/wii3PUaW9pU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78ad2ff1014a1989f8eb2c2896d4e74a
dc6e767446b5a179160b14ae7f02beb1dda26efd
4c89dc00c09b07b217ab19a8462d27742266435b4062b05a5c40a46de8940219

HTTP Headers

POST /s/gts1p5/wii3PUaW9pU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 21:35:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

coinbasedex.ltd/coinbase_files/app.82ac69f1.css

38.55.135.64

200 OK

901 B

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/app.82ac69f1.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (2388), with no line terminators
Size
901 B (901 bytes)
Hash
dd74c7f0386a857d6e140d2f3dd11660
c369fad0a1d685087eedd5f159191d290b1907ad
3083b2742d75ebab1dda30f6ca0be9f08838ced2977e6b9c993e0e58abedbad8

HTTP Headers

GET /coinbase_files/app.82ac69f1.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:26:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63345995-954"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/bignumber.min.js

38.55.135.64

200 OK

8.7 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/bignumber.min.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
Unicode text, UTF-8 text, with very long lines (18564), with no line terminators
Size
8.7 kB (8734 bytes)
Hash
4cf87faff2315b7dfa03ac3c28c2c274
accbaa24d4957b5810f8a76bd221b423edd36a08
25758784df9b3c7fa937f5fd8e4f5cd37d4e56537d4333f25c53b5c7be818340

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/bignumber.min.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d5-4885"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/evmchain.js

38.55.135.64

200 OK

5.5 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/evmchain.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
Unicode text, UTF-8 text, with very long lines (22655), with no line terminators
Size
5.5 kB (5510 bytes)
Hash
a94e9cb1b70d618532ca64d032d9944b
ee979ce50e263b6fd665d52fb0a009accf6b7d77
61c6f1f408aa74b02e727175db5739b3072897ecf56f4ade1ad2f71bc47734dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/evmchain.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d5-5881"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/coinbase_files/chunk-vendors.6b99b9f1.css

38.55.135.64

200 OK

20 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/chunk-vendors.6b99b9f1.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19948 bytes)
Hash
db54c4082bac36d48923245a5c500d22
43d9781bd86d47bbb4df0c6ce8bd1e2faff03547
66113308374bad97bf6de360a3341ba7ef564098a160f6ae0dd6ab407993f043

HTTP Headers

GET /coinbase_files/chunk-vendors.6b99b9f1.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:26:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6334599c-18e4d"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/flexible.js

38.55.135.64

200 OK

1.4 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/flexible.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
Unicode text, UTF-8 text
Size
1.4 kB (1375 bytes)
Hash
14bacef79876aec70849488ed6764982
289e15db75692315b5b93b24c417af663cb8db2b
a390b28202c8c60ecd52313fa201df441720fc6cfc3c8b31f53876154fe238d7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/flexible.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d5-f02"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 20:49:04 GMT
age: 2774
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14108
Expires: Mon, 30 Jan 2023 01:30:26 GMT
Date: Sun, 29 Jan 2023 21:35:18 GMT
Connection: keep-alive

coinbasedex.ltd/static/bscstatic/js/qrcode.min.js

38.55.135.64

200 OK

7.7 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/qrcode.min.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (19799)
Size
7.7 kB (7676 bytes)
Hash
2f5cb6d8dd6b26cd96ca888be6a7589d
e39a25a36af7b95466c504a0873c7a29a0e7c4c2
f3c04a618e8bf38bc46ca8df42cd8bf7dda61a8170512fd55c734c4e0791036a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/qrcode.min.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d5-4d58"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/jquery.min.js

38.55.135.64

200 OK

34 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/jquery.min.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (32025)
Size
34 kB (33560 bytes)
Hash
5a82c11861804f008934f71966fcb405
2dae42234477e2af786b258d9f1c7ec42bcf7223
0b381074ce793c744d0d10d8064bd4305953e45d9c951d4ba9404b14a44dd820

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/jquery.min.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Sun, 01 May 2022 03:44:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626e0226-14cf6"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/layer/layer.js

38.55.135.64

200 OK

8.1 kB

URL HTTP/1.1
coinbasedex.ltd/static/layer/layer.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
Unicode text, UTF-8 text, with very long lines (21258)
Size
8.1 kB (8103 bytes)
Hash
7dbd483d043d53f8190d9fdb53193621
d8daf0d2d02b2758ee49b635e1223ce823b3ad38
3ac586b7e5b0ae399cb4928638538197ae061cfe00fbd2834f6f68ce78884d5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/layer/layer.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 23 Dec 2019 07:45:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e0070b4-535e"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

push.services.mozilla.com/

52.36.23.49

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.36.23.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /YpopbZ8aUTpH/IDrvBxmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LXw1UxfsKkRAw6iuhJ3bKwWOvi4=

coinbasedex.ltd/coinbase_files/jquery.min.js

38.55.135.64

200 OK

33 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/jquery.min.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (32025), with CRLF line terminators
Size
33 kB (33235 bytes)
Hash
ca5c9da7f5664abccd1cb9026d9d99ec
23d8398b40721e6e639f08a519af3361ea0bd8f0
8ee9149ed92e11ac15a298a0c12d49fe26f5e191f3e64d8bf7436894d0ead638

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/jquery.min.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Wed, 28 Sep 2022 14:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633459a3-1497b"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/w3model.js

38.55.135.64

200 OK

217 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/w3model.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (44112)
Size
217 kB (217089 bytes)
Hash
10fb5ea37f09ee2e75de33ce5fb05dcb
b740d8d46199c68da14eaeb6463a3ce34b97dfc6
90ac837a1d867924f6c401841d3b32d7c58c33fb170e047ca00ea8489731ca6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/w3model.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d6-68f32"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/web3model.min.js

38.55.135.64

200 OK

217 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/web3model.min.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (44112)
Size
217 kB (217218 bytes)
Hash
dd6a0f27e69e8a4a7f526679ea7b7708
8f11cd9b8979e02ff07f6fa723104571f38374de
c4f90a7a0e86ad6d224bfe1a3b68d09325be5d566e044db5c683e856176b88a2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/web3model.min.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d6-69009"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/web3provider.js

38.55.135.64

200 OK

323 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/web3provider.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (64169)
Size
323 kB (322621 bytes)
Hash
0d3e543fa15ccd8175fcc0b1c476c4d6
f6a3ae5076734a135c476f36615273dad9c484a5
7f5f5bad80e46dd76e22e17548a0d7a46f6ecff04e7a82db7c4a68bc9cc614f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/web3provider.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d6-e9366"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/bscstatic/js/web3.min.js

38.55.135.64

200 OK

435 kB

URL HTTP/1.1
coinbasedex.ltd/static/bscstatic/js/web3.min.js
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (63842)
Size
435 kB (434757 bytes)
Hash
c3297e50ff77f5652f8e8fed9d1d1f2c
de7a202eb376a4fc48917208264eb4478a124fe5
ea5750d9fcae93dfd24537079c47f439eec60df831f37614aeebc9774e422b21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bscstatic/js/web3.min.js HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 13:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d2f9d6-146a1c"
Expires: Mon, 30 Jan 2023 09:35:20 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/coinbase_files/icon_menu_4.a34be8fb.svg

38.55.135.64

200 OK

1.5 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_4.a34be8fb.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (953)
Size
1.5 kB (1487 bytes)
Hash
a34be8fbd62a82fcd5918e8abab2b781
c3ed4e808ed09db34256bc7cd137c2cd9be5aea6
05117d1f134df0eb0ae9213ed20ef54872112eb3f83055b370192be95171b208

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_4.a34be8fb.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 1487
Last-Modified: Wed, 28 Sep 2022 14:26:39 GMT
Connection: keep-alive
ETag: "6334599f-5cf"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menu_arrow.2047b042.svg

38.55.135.64

200 OK

1.2 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_arrow.2047b042.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (406)
Size
1.2 kB (1239 bytes)
Hash
2047b042b6ddd016f0177bd5da0fe488
db9c95d12bffc07ecb48def71622139b8e7ff6b8
e0d0000a5113b88edabe6a48d05c2a986189edb4f124bc64da2dedccf9914544

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_arrow.2047b042.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 1239
Last-Modified: Tue, 25 Oct 2022 06:18:52 GMT
Connection: keep-alive
ETag: "63577fcc-4d7"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_set_menu_2.f293a1e1.svg

38.55.135.64

200 OK

2.5 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_set_menu_2.f293a1e1.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1617)
Size
2.5 kB (2478 bytes)
Hash
f293a1e1ecc11330ca0819a3762b9d80
51ad3a111cc937b38d09205a233f59d26ad9d251
21cba012c4232fc5aaa3ddc99d9d0e18894a636cfe2971aaeb177f6906bc40ba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_set_menu_2.f293a1e1.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 2478
Last-Modified: Tue, 25 Oct 2022 06:18:51 GMT
Connection: keep-alive
ETag: "63577fcb-9ae"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menu_set.ffd8b768.svg

38.55.135.64

200 OK

4.0 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_set.ffd8b768.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3297)
Size
4.0 kB (3994 bytes)
Hash
ffd8b768487708c45d925a08536984d0
1289fabef0d9c48cfe71e868e09311fefb63df47
81a4b22b217a8d571a079b02ff6606e46e57baea12723ec7e0e84e66fce7a5f4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_set.ffd8b768.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 3994
Last-Modified: Wed, 28 Sep 2022 14:26:40 GMT
Connection: keep-alive
ETag: "633459a0-f9a"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_set_menu_3.02247b08.svg

38.55.135.64

200 OK

1.9 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_set_menu_3.02247b08.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1066)
Size
1.9 kB (1898 bytes)
Hash
02247b0803fe370bba6cf5db809644d6
b6e91387224a11b514bf4df0e1ed17f2d13f93be
cc46b2fdc8c5c4884256c3999a3d0df1481b94ec024ca3bd2c9cee8e6c5d96b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_set_menu_3.02247b08.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 1898
Last-Modified: Tue, 25 Oct 2022 06:18:52 GMT
Connection: keep-alive
ETag: "63577fcc-76a"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menu_qa.526c3b66.svg

38.55.135.64

200 OK

1.1 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_qa.526c3b66.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (516)
Size
1.1 kB (1129 bytes)
Hash
526c3b66e11bb31bad54213044a8b204
2eb563b2548b8d5faf9972df94fd1625b5e779b7
7ec34a6879fc7755fb39782371c916acc8e9e76bf512b776aa6f80eb0c6f257b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_qa.526c3b66.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 1129
Last-Modified: Wed, 28 Sep 2022 14:26:40 GMT
Connection: keep-alive
ETag: "633459a0-469"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_set_menu_4.025aee4a.svg

38.55.135.64

200 OK

2.8 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_set_menu_4.025aee4a.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1993)
Size
2.8 kB (2823 bytes)
Hash
025aee4ac93a87e6667ca0c47575a3fd
e6bd49d0aa9b0539330dd529c38703d4092874ca
c2c12e26c8b078b8d027b7b2a602ba93da7ae64ff3d67ffd298d8da4edeca684

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_set_menu_4.025aee4a.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 2823
Last-Modified: Tue, 25 Oct 2022 06:18:52 GMT
Connection: keep-alive
ETag: "63577fcc-b07"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menus.1191d17e.svg

38.55.135.64

200 OK

1.7 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menus.1191d17e.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1080)
Size
1.7 kB (1691 bytes)
Hash
1191d17eed302981bc7b7c0720970943
84029b07fc808c51778997b0f95ffd2778fe1944
d24882c7a939ac36fd063b0f1171f1f06bc24f8fce0a7c3f23f8f06341c2ff8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menus.1191d17e.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 1691
Last-Modified: Wed, 28 Sep 2022 14:26:38 GMT
Connection: keep-alive
ETag: "6334599e-69b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/public/static/atom.svg

38.55.135.64

200 OK

3.1 kB

URL HTTP/1.1
coinbasedex.ltd/public/static/atom.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (745)
Size
3.1 kB (3107 bytes)
Hash
096b0de75530a250ef619db36add0957
19f5232e8a25b37483eafcec80861dc8213dd4a2
54d2458daf5cc75878128311d7a13b44107257bf5cc5ee306ef2de8ee1fe7382

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/static/atom.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 3107
Last-Modified: Wed, 18 Jan 2023 08:19:46 GMT
Connection: keep-alive
ETag: "63c7aba2-c23"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/public/static/eos.png

38.55.135.64

200 OK

8.3 kB

URL HTTP/1.1
coinbasedex.ltd/public/static/eos.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
8.3 kB (8283 bytes)
Hash
0a4fb1b6f80623e3bd053ee73341a0a4
d43151ae04595805f341a154ed4c540658363446
5d45f52020710ec676bdcd4b5b52d0eb180bb445dae7befe6718820a823df850

HTTP Headers

GET /public/static/eos.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 8283
Last-Modified: Mon, 03 Oct 2022 17:38:36 GMT
Connection: keep-alive
ETag: "633b1e1c-205b"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/static/index/img/k1.png

38.55.135.64

200 OK

53 kB

URL HTTP/1.1
coinbasedex.ltd/static/index/img/k1.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1988 x 1205, 8-bit/color RGBA, non-interlaced\012- data
Size
53 kB (53320 bytes)
Hash
a0dba53fcee3d4fc666f0befa3e954a0
3c99f29ac19182881abb7abc7f2285e9cd0c9e3c
7ff13968c8d048fb40132f2957fdfe5866f17dd6ad82f6625a05669d9754f959

HTTP Headers

GET /static/index/img/k1.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 53320
Last-Modified: Tue, 10 Jan 2023 17:25:00 GMT
Connection: keep-alive
ETag: "63bd9f6c-d048"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/public/static/link.svg

38.55.135.64

200 OK

681 B

URL HTTP/1.1
coinbasedex.ltd/public/static/link.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (577)
Size
681 B (681 bytes)
Hash
3cfdbc8f3e987bcf7862cba68cb369cc
56d54bea22c25a2d43176ca784f3b0e8561e9be0
d1abda5be2eca6511387d52e50be65c444b1e39cd5451d9fb601ad28424e3761

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/static/link.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/svg+xml
Content-Length: 681
Last-Modified: Wed, 18 Jan 2023 08:19:48 GMT
Connection: keep-alive
ETag: "63c7aba4-2a9"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/img_home_top.995fdc94.png

38.55.135.64

200 OK

63 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/img_home_top.995fdc94.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 378 x 380, 8-bit/color RGBA, non-interlaced\012- data
Size
63 kB (62664 bytes)
Hash
995fdc9431385b19cb1c8574800d7cce
a20975e66ac50474be6c7d4af9ab9ab551319fc1
099d659ee0c6ad170c2f192e514aae8031412c4c4eed17f09c2237cd665ace93

HTTP Headers

GET /coinbase_files/img_home_top.995fdc94.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 62664
Last-Modified: Wed, 28 Sep 2022 14:26:42 GMT
Connection: keep-alive
ETag: "633459a2-f4c8"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/static/index/img/k4.png

38.55.135.64

200 OK

46 kB

URL HTTP/1.1
coinbasedex.ltd/static/index/img/k4.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1988 x 1205, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46005 bytes)
Hash
2ba3e01929450b9f9bfac0d5bd11a915
1c36f6196a61ef5da1a1c41b274b90f533271149
10989c99cd290877e7e825203bc426ec69c4535cf360c026a5c490d519ee3d7a

HTTP Headers

GET /static/index/img/k4.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 46005
Last-Modified: Tue, 10 Jan 2023 17:24:57 GMT
Connection: keep-alive
ETag: "63bd9f69-b3b5"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/public/static/ltc.png

38.55.135.64

200 OK

10 kB

URL HTTP/1.1
coinbasedex.ltd/public/static/ltc.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10227 bytes)
Hash
c21a6c792da702ab5abfb39ee493b102
51c3249d3c6838aa1496882b1119e40a8378ca3f
8737773018fdb232a6a4f8d5e8203725d7cc8f185d676293bcb2b9e38ddb3cb0

HTTP Headers

GET /public/static/ltc.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 10227
Last-Modified: Mon, 03 Oct 2022 17:38:35 GMT
Connection: keep-alive
ETag: "633b1e1b-27f3"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/public/static/eth.png

38.55.135.64

200 OK

2.7 kB

URL HTTP/1.1
coinbasedex.ltd/public/static/eth.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2679 bytes)
Hash
62ade6f22972078ee3b339e3ed03836b
124b59ea80dcc1a6c7f30f25e6c10d7d0e2739be
c7fd882aba3a920d13ae71867dbb929692b284afc813628ddeccf59b37cffcd7

HTTP Headers

GET /public/static/eth.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 2679
Last-Modified: Mon, 03 Oct 2022 17:38:36 GMT
Connection: keep-alive
ETag: "633b1e1c-a77"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/static/index/img/k3.png

38.55.135.64

200 OK

46 kB

URL HTTP/1.1
coinbasedex.ltd/static/index/img/k3.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1988 x 1205, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45843 bytes)
Hash
2fcbdd7917127565200d8e1ab72d7bcc
634fccf901d90169614148e34e925a53cbc575b0
09341ca6ee0803829c9896bb2cf66116e857770f91876f6e81ddbd490fc6fa27

HTTP Headers

GET /static/index/img/k3.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 45843
Last-Modified: Tue, 10 Jan 2023 17:24:56 GMT
Connection: keep-alive
ETag: "63bd9f68-b313"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/static/index/img/k2.png

38.55.135.64

200 OK

41 kB

URL HTTP/1.1
coinbasedex.ltd/static/index/img/k2.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1988 x 1205, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (40973 bytes)
Hash
82dbdf47290467a1dfb10c4452717da0
639472d8d75898be65fda7d569f2bbd2ba057816
f31f772361d2299744de05f18e53a764862b9e0a1c8d7fef6f9c271e96d7139a

HTTP Headers

GET /static/index/img/k2.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 40973
Last-Modified: Tue, 10 Jan 2023 17:24:55 GMT
Connection: keep-alive
ETag: "63bd9f67-a00d"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_arrow.d6b67da8.svg

38.55.135.64

200 OK

1.3 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_arrow.d6b67da8.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (671)
Size
1.3 kB (1286 bytes)
Hash
d6b67da88054aadb526204ed1350eaf3
3551f718f52c377077feb2b95dabf0261d6f2c9f
3a19d906b2571ad4baf05f92c12ae3f0481cc34a1e6deae0cdba5bbe1ad20f33

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_arrow.d6b67da8.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/svg+xml
Content-Length: 1286
Last-Modified: Wed, 28 Sep 2022 14:26:37 GMT
Connection: keep-alive
ETag: "6334599d-506"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/public/static/btc.png

38.55.135.64

200 OK

4.2 kB

URL HTTP/1.1
coinbasedex.ltd/public/static/btc.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
4.2 kB (4224 bytes)
Hash
8452f85bf6782e6306cf6f8961d876f7
dd21a7f9507dc2d3f12bde8f3a957227ef95c2ec
c390cdef67061690934d0e53344240e279d87a0fbcdefde8b8212bd7698e31d5

HTTP Headers

GET /public/static/btc.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/png
Content-Length: 4224
Last-Modified: Mon, 03 Oct 2022 17:38:36 GMT
Connection: keep-alive
ETag: "633b1e1c-1080"
Expires: Tue, 28 Feb 2023 21:35:22 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/static/layer/skin/default/layer.css?v=3.0.11110

38.55.135.64

200 OK

3.3 kB

URL HTTP/1.1
coinbasedex.ltd/static/layer/skin/default/layer.css?v=3.0.11110
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (14296), with no line terminators
Size
3.3 kB (3307 bytes)
Hash
d3268e8fa1d73f4b55c33bcf916d6449
1feb5caf167ff0bb76e6bf3cd67408dc06fc35cd
5866bf1a49dfa65a9df349b510ff99b55627b14f361d1b22e109aa39e6de7778

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/layer/skin/default/layer.css?v=3.0.11110 HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Last-Modified: Fri, 26 Jun 2020 07:37:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ef5a5bc-37d8"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/public/static/xrp.png

38.55.135.64

200 OK

15 kB

URL HTTP/1.1
coinbasedex.ltd/public/static/xrp.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15215 bytes)
Hash
c541259f800abb813643ba52c0893101
eba23e1823aa5ab5274422438a34c454c35f5bf3
ee1c3af94eeb9c815f0fbf750e03e12b30e82ff94175b2f2056a0f0da1abf4a9

HTTP Headers

GET /public/static/xrp.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:21 GMT
Content-Type: image/png
Content-Length: 15215
Last-Modified: Mon, 03 Oct 2022 17:38:36 GMT
Connection: keep-alive
ETag: "633b1e1c-3b6f"
Expires: Tue, 28 Feb 2023 21:35:21 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/img_banner_2.9195caba.png

38.55.135.64

200 OK

102 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/img_banner_2.9195caba.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1176 x 404, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (101856 bytes)
Hash
9195caba4de48dd17d8bca4b73617fa7
c1c9151730b9ec3394c5794857315c8ea738a880
dbd07ead68534b67b44f0e7145fb689c411a10a071a6dea96d528ce3841ace74

HTTP Headers

GET /coinbase_files/img_banner_2.9195caba.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/png
Content-Length: 101856
Last-Modified: Wed, 28 Sep 2022 14:26:41 GMT
Connection: keep-alive
ETag: "633459a1-18de0"
Expires: Tue, 28 Feb 2023 21:35:22 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 21:35:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 21:35:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 21:35:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5594 bytes)
Hash
4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 23971
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 2942
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8652 bytes)
Hash
43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 53150
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7417 bytes)
Hash
6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcMmFeQIAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:16:35 GMT
age: 65924
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 85113
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11470 bytes)
Hash
10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 63244
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

coinbasedex.ltd/index/login/loadhomepage.html

38.55.135.64

200 OK

2.6 kB

URL HTTP/1.1
coinbasedex.ltd/index/login/loadhomepage.html
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2574 bytes)
Hash
94768d564b89a3f21f92f3a514a2a209
08fbeb1cb63c362ab094c33dd40c1a482b1a0273
6fadeb50ad93669a05ecc106587d58b7da83d4ba05e568aee7dfa8ab45fa74f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/login/loadhomepage.html HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/coinbase_files/icon_join.1b4e4267.svg

38.55.135.64

200 OK

2.0 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_join.1b4e4267.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1270)
Size
2.0 kB (2000 bytes)
Hash
1b4e42679a38390892105727d220e88d
78203c315e4773735319c976798d04a162ff2846
44a592cf156fc064853f03cf5c50f7e3f231f0fc7d79f4a0585a6d995fc3c78e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_join.1b4e4267.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/svg+xml
Content-Length: 2000
Last-Modified: Wed, 28 Sep 2022 14:26:38 GMT
Connection: keep-alive
ETag: "6334599e-7d0"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/coinbase-logo.6f3a2e3f.png

38.55.135.64

200 OK

16 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/coinbase-logo.6f3a2e3f.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 496 x 88, 8-bit/color RGB, non-interlaced\012- data
Size
16 kB (15669 bytes)
Hash
6f3a2e3fad81a41b62bc27f2b5602811
cb0cd6b00085515e6e480cd72a25098def303990
ed42a6d7b984992bb3cd7746e507bc75b8ad1bfa2d24dea0f8991eb1a86625b8

HTTP Headers

GET /coinbase_files/coinbase-logo.6f3a2e3f.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/png
Content-Length: 15669
Last-Modified: Wed, 28 Sep 2022 14:26:37 GMT
Connection: keep-alive
ETag: "6334599d-3d35"
Expires: Tue, 28 Feb 2023 21:35:22 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/app.82ac69f1.css

38.55.135.64

200 OK

901 B

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/app.82ac69f1.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (2388), with no line terminators
Size
901 B (901 bytes)
Hash
dd74c7f0386a857d6e140d2f3dd11660
c369fad0a1d685087eedd5f159191d290b1907ad
3083b2742d75ebab1dda30f6ca0be9f08838ced2977e6b9c993e0e58abedbad8

HTTP Headers

GET /miningrecord_files/app.82ac69f1.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Oct 2022 16:37:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c6136-954"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/coinbase_files/img_invite.bee59aa5.png

38.55.135.64

200 OK

79 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/img_invite.bee59aa5.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1078 x 424, 8-bit/color RGBA, non-interlaced\012- data
Size
79 kB (79301 bytes)
Hash
bee59aa58487114ccbdf797bdc6e63fc
f9f651c50275f1ba4a326db388e7ede4d8e20065
edacfcdd011e7dd49f0c441291c90ba917b31b61566e1fbb805a9939e4c0365c

HTTP Headers

GET /coinbase_files/img_invite.bee59aa5.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/png
Content-Length: 79301
Last-Modified: Wed, 28 Sep 2022 14:26:43 GMT
Connection: keep-alive
ETag: "633459a3-135c5"
Expires: Tue, 28 Feb 2023 21:35:22 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/static/fonts/Nunito-Bold.c0844c99.ttf

38.55.135.64

200 OK

153 kB

URL HTTP/1.1
coinbasedex.ltd/static/fonts/Nunito-Bold.c0844c99.ttf
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)NunitoBold3.601\012- data
Size
153 kB (152748 bytes)
Hash
c0844c990ecaaeb9f124758d38df4f3f
231df28194a466da9e8ad72532164f50ad5f8750
8b9e27ba172e5b535b1d0564b4882f74aecc77a4dc4d20fc400bd2b2bc4418c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/Nunito-Bold.c0844c99.ttf HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/coinbase_files/app.82ac69f1.css
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: application/octet-stream
Content-Length: 152748
Last-Modified: Tue, 13 Dec 2022 18:54:09 GMT
Connection: keep-alive
ETag: "6398ca51-254ac"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/chunk-vendors.6b99b9f1.css

38.55.135.64

200 OK

20 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/chunk-vendors.6b99b9f1.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19948 bytes)
Hash
db54c4082bac36d48923245a5c500d22
43d9781bd86d47bbb4df0c6ce8bd1e2faff03547
66113308374bad97bf6de360a3341ba7ef564098a160f6ae0dd6ab407993f043

HTTP Headers

GET /miningrecord_files/chunk-vendors.6b99b9f1.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Oct 2022 16:37:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c613e-18e4d"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/fonts/Nunito-SemiBold.876701bc.ttf

38.55.135.64

200 OK

153 kB

URL HTTP/1.1
coinbasedex.ltd/static/fonts/Nunito-SemiBold.876701bc.ttf
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)Nunito SemiBold\012- data
Size
153 kB (153116 bytes)
Hash
876701bc4fbf6166f07f152691b15159
91ab95e4bfedccb234e05305eeb2de76e5f5f66a
f1e4f2f2fc3d7c308dd2c7535c10c26020928a3e424a93712392d05429945cef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/Nunito-SemiBold.876701bc.ttf HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/coinbase_files/app.82ac69f1.css
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: application/octet-stream
Content-Length: 153116
Last-Modified: Tue, 13 Dec 2022 18:54:08 GMT
Connection: keep-alive
ETag: "6398ca50-2561c"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/chunk-ec830418.26343261.css

38.55.135.64

200 OK

2.4 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/chunk-ec830418.26343261.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (11656), with no line terminators
Size
2.4 kB (2408 bytes)
Hash
cc609e95e75eb854f50fcdaf7195a114
a9a5884e02929d0160858baec846e32296ad93b8
3b152fa0be5fa8c7d7a7bc392e9aec64ed668607e770ed2fb7e49a3927e925ec

HTTP Headers

GET /miningrecord_files/chunk-ec830418.26343261.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Oct 2022 16:37:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c613c-2d88"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/miningrecord_files/chunk-56a70d30.4b33f4a0.css

38.55.135.64

200 OK

845 B

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/chunk-56a70d30.4b33f4a0.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (845), with no line terminators
Size
845 B (845 bytes)
Hash
c23baf0a64d008be2a2382f8db2d1fff
733d5225776c22f5b4d391253addf12abdc5347f
29e631ca80586325ef9c8f81c08ee728c36c609882bca547a1d9e54ca7b2fb3e

HTTP Headers

GET /miningrecord_files/chunk-56a70d30.4b33f4a0.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Content-Length: 845
Last-Modified: Tue, 04 Oct 2022 16:37:11 GMT
Connection: keep-alive
ETag: "633c6137-34d"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/chunk-58eee0a2.0d35c383.css

38.55.135.64

200 OK

907 B

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/chunk-58eee0a2.0d35c383.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (907), with no line terminators
Size
907 B (907 bytes)
Hash
b3bd330cc704dee66a7bad56b776111a
40df8ccbba80e5b4e7d276555d8a4f97dc654a5b
c1e406716654ebd324d26fd76a5787ed4b66e399b2ae5eac849db1750402ea45

HTTP Headers

GET /miningrecord_files/chunk-58eee0a2.0d35c383.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Content-Length: 907
Last-Modified: Tue, 04 Oct 2022 16:37:12 GMT
Connection: keep-alive
ETag: "633c6138-38b"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/chunk-11dd5532.97ae293f.css

38.55.135.64

200 OK

932 B

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/chunk-11dd5532.97ae293f.css
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (3695), with no line terminators
Size
932 B (932 bytes)
Hash
e990e2c57048ef31030608416ea8993f
6266a019920492b86b93500be99f0ce8838a76b7
2833a03936eb41fc295d7ee869be12a330b20c73848ccdd3ab523e5beb73f5ce

HTTP Headers

GET /miningrecord_files/chunk-11dd5532.97ae293f.css HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Oct 2022 16:37:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c6136-e6f"
Expires: Mon, 30 Jan 2023 09:35:22 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/coinbase_files/icon_menu_share.9f8c5982.svg

38.55.135.64

200 OK

1.8 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_share.9f8c5982.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1195)
Size
1.8 kB (1808 bytes)
Hash
9f8c59827bd7120c6c12a5fc6942b022
6059ac7c494e7cc6f7241d89a754d658132f50b8
2e020ec75159f0f16847f6bfa17ca373f2681e5edd1e4b19a77154de84e723e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_share.9f8c5982.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/svg+xml
Content-Length: 1808
Last-Modified: Wed, 28 Sep 2022 14:26:40 GMT
Connection: keep-alive
ETag: "633459a0-710"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_close.594a56d0.svg

38.55.135.64

200 OK

1.4 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_close.594a56d0.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (780)
Size
1.4 kB (1401 bytes)
Hash
594a56d03261db0e8a72dee4f3e7d677
dd20df230e037316cce8b3f051ae2db1d50ae34a
23322a5decd0f6148b907855308dcec0426b4cfaa5f6a49735b6c3863177579a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_close.594a56d0.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/svg+xml
Content-Length: 1401
Last-Modified: Tue, 04 Oct 2022 16:12:53 GMT
Connection: keep-alive
ETag: "633c5b85-579"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menu_record.728f5602.svg

38.55.135.64

200 OK

3.1 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_record.728f5602.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2462)
Size
3.1 kB (3123 bytes)
Hash
728f5602f87188e8d48ce5b691d2b1d4
f1b598e2e48077bfc769381cb35079a87d73123c
d0fd71acbe5377bee1eb4ced0b66080d8cd09c15b33048447b4af5e48b2fdb9c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_record.728f5602.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/svg+xml
Content-Length: 3123
Last-Modified: Wed, 28 Sep 2022 14:26:40 GMT
Connection: keep-alive
ETag: "633459a0-c33"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menu_2.44b770cb.svg

38.55.135.64

200 OK

5.4 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_2.44b770cb.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2932)
Size
5.4 kB (5378 bytes)
Hash
44b770cb402621f26a223e192f1fc2c4
b2269dbc6193c55f28077f586d706b772ee2f764
e895c6df97459d1081b304c528a37a9be52a2a2f4ee92531fe32e30fe56a3c88

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_2.44b770cb.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: image/svg+xml
Content-Length: 5378
Last-Modified: Wed, 28 Sep 2022 14:26:39 GMT
Connection: keep-alive
ETag: "6334599f-1502"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/coinbase_files/icon_menu_1.375eb58a.svg

38.55.135.64

200 OK

1.6 kB

URL HTTP/1.1
coinbasedex.ltd/coinbase_files/icon_menu_1.375eb58a.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (573)
Size
1.6 kB (1563 bytes)
Hash
375eb58aec5d06875add1f3c34a7d278
c8e3eee7f3e636b9619f025bc70d662b765e44aa
e9b0e83bef3709ff4e138a3e24f13bb5f16f49b1b57de3e6e30d7e46484c21e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /coinbase_files/icon_menu_1.375eb58a.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/svg+xml
Content-Length: 1563
Last-Modified: Wed, 28 Sep 2022 14:26:39 GMT
Connection: keep-alive
ETag: "6334599f-61b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/img_coinbase.29795107.png

38.55.135.64

200 OK

13 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/img_coinbase.29795107.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 450 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12660 bytes)
Hash
29795107c169eb9bbcabdbf9549929f9
c9643656f957ae51ca5f5981aea041776c79ffc8
adb5d1b1eb058f2f393730f020967dccf2201994212ab41ae48de25d676a2211

HTTP Headers

GET /miningrecord_files/img_coinbase.29795107.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/png
Content-Length: 12660
Last-Modified: Tue, 10 Jan 2023 17:46:16 GMT
Connection: keep-alive
ETag: "63bda468-3174"
Expires: Tue, 28 Feb 2023 21:35:23 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/icon_duigou.455309c2.svg

38.55.135.64

200 OK

1.7 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/icon_duigou.455309c2.svg
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1089)
Size
1.7 kB (1717 bytes)
Hash
455309c29bf7626df47507c12fe7926d
131a81271e6b29b6a370087cfb2db2b5ff6aece4
b1303fa2dc2a0e950c8d8510e4a73d70cfa5d5a9a28fbfa60c06ddbd6962b4f4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /miningrecord_files/icon_duigou.455309c2.svg HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/svg+xml
Content-Length: 1717
Last-Modified: Tue, 10 Jan 2023 17:46:20 GMT
Connection: keep-alive
ETag: "63bda46c-6b5"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/icon_googlePlay.ca316662.png

38.55.135.64

200 OK

18 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/icon_googlePlay.ca316662.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 464 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17936 bytes)
Hash
ca31666265780a8a13eb9d9f9e1f8435
9b61218b5e53a20bf344317506c2eaf7395c548d
866ab92c80fab3bb478b4591abda11ad2d134e70a71223c4dfcd6d96f9d6cf43

HTTP Headers

GET /miningrecord_files/icon_googlePlay.ca316662.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/png
Content-Length: 17936
Last-Modified: Tue, 10 Jan 2023 17:46:14 GMT
Connection: keep-alive
ETag: "63bda466-4610"
Expires: Tue, 28 Feb 2023 21:35:23 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/icon_appStore.041db9cd.png

38.55.135.64

200 OK

14 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/icon_appStore.041db9cd.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 464 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14260 bytes)
Hash
041db9cdca2df4cce76b0a4ace1c3e8f
75380bbb6a39a92cc6d776ef31dd13bf173324ec
1b227c45d8a352696099d1fc2ea62a90dd63c2db4b639d8b6f3b5af7ce7c85e6

HTTP Headers

GET /miningrecord_files/icon_appStore.041db9cd.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/png
Content-Length: 14260
Last-Modified: Tue, 10 Jan 2023 17:46:19 GMT
Connection: keep-alive
ETag: "63bda46b-37b4"
Expires: Tue, 28 Feb 2023 21:35:23 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/index/index/ajaxindexpro1

38.55.135.64

200 OK

759 B

URL HTTP/1.1
coinbasedex.ltd/index/index/ajaxindexpro1
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (9128), with no line terminators
Size
759 B (759 bytes)
Hash
1f896980a70737537ec1f30ec2b80786
543e11075b2d1887042d2f1ea43bca6eff4c0787
f0b491421b6b180db565b8b603a7133933a35aeb70f8458ce7f4051635271012

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/index/ajaxindexpro1 HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: pid1=23069.608; path=/
pid2=1583.212; path=/
pid3=75.121; path=/
pid303=6.753; path=/
pid302=0.4127; path=/
pid5=0.37692; path=/
pid4=0.9723; path=/
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/index/img/k5.png

38.55.135.64

200 OK

48 kB

URL HTTP/1.1
coinbasedex.ltd/static/index/img/k5.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 1988 x 1205, 8-bit/color RGBA, non-interlaced\012- data
Size
48 kB (48282 bytes)
Hash
3c727be99cc4452f104a3fa860c1ed2c
b301c291823d6dc2e9f9b609018bd4672d1cf0c0
3273d6c2af5577772e302e1609f1f80c7a69129a0137702c3c2a8dfad0f04252

HTTP Headers

GET /static/index/img/k5.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us; pid1=23069.608; pid2=1583.212; pid3=75.121; pid303=6.753; pid302=0.4127; pid5=0.37692; pid4=0.9723

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/png
Content-Length: 48282
Last-Modified: Tue, 10 Jan 2023 17:24:59 GMT
Connection: keep-alive
ETag: "63bd9f6b-bc9a"
Expires: Tue, 28 Feb 2023 21:35:23 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/icons/apple-touch-icon-80x80.png

38.55.135.64

404 Not Found

146 B

URL HTTP/1.1
coinbasedex.ltd/icons/apple-touch-icon-80x80.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /icons/apple-touch-icon-80x80.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us; pid1=23069.608; pid2=1583.212; pid3=75.121; pid303=6.753; pid302=0.4127; pid5=0.37692; pid4=0.9723

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

coinbasedex.ltd/favicon.ico

38.55.135.64

404 Not Found

5.3 kB

URL HTTP/1.1
coinbasedex.ltd/favicon.ico
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (354)
Size
5.3 kB (5324 bytes)
Hash
5177161462f887294c38990eeda5d28f
6f00f40057723548f8d442a26caf81d743df8ea4
44c29d30d36fa781fcb0ed0311616fcf8f3d50e5cab234339a91926a1b3d9c5b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us; pid1=23069.608; pid2=1583.212; pid3=75.121; pid303=6.753; pid302=0.4127; pid5=0.37692; pid4=0.9723

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

coinbasedex.ltd/index/index/ajaxindexpro1

38.55.135.64

200 OK

808 B

URL HTTP/1.1
coinbasedex.ltd/index/index/ajaxindexpro1
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (9156), with no line terminators
Size
808 B (808 bytes)
Hash
6a270d1a54662a9e6f837fa19c419184
ffe9f9516bfc6064850ca06a369e5f8003833742
e471f2404ddb5f2c551b3fccdd3c65cb9c3cf1625ac7026eaa5c38b67c26064b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/index/ajaxindexpro1 HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us; pid1=23069.608; pid2=1583.212; pid3=75.121; pid303=6.753; pid302=0.4127; pid5=0.37692; pid4=0.9723

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: pid1=23068.786; path=/
pid2=1583.012; path=/
pid3=75.141; path=/
pid303=6.735; path=/
pid302=0.3737; path=/
pid5=0.37673; path=/
pid4=1.0003; path=/
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

coinbasedex.ltd/static/fonts/Inter-SemiBold.ec60b23f.ttf

38.55.135.64

200 OK

293 kB

URL HTTP/1.1
coinbasedex.ltd/static/fonts/Inter-SemiBold.ec60b23f.ttf
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
TrueType Font data, 16 tables, 1st "GDEF", 32 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)Inter SemiBoldRegular3.0\012- data
Size
293 kB (293028 bytes)
Hash
ec60b23f3405050f546f4765a9e90fec
76662bdb665197e1dd3f2f8933d4d8b4a5dfba80
98542636e6c900d04e987ca7a37e160a407df344be073fb041fd88f2cd90085a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/Inter-SemiBold.ec60b23f.ttf HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/coinbase_files/app.82ac69f1.css
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:22 GMT
Content-Type: application/octet-stream
Content-Length: 293028
Last-Modified: Tue, 13 Dec 2022 18:54:09 GMT
Connection: keep-alive
ETag: "6398ca51-478a4"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

coinbasedex.ltd/miningrecord_files/img_coinbase_phone.70f3a67b.png

38.55.135.64

200 OK

444 kB

URL HTTP/1.1
coinbasedex.ltd/miningrecord_files/img_coinbase_phone.70f3a67b.png
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 982 x 860, 8-bit/color RGBA, non-interlaced\012- data
Size
444 kB (444473 bytes)
Hash
70f3a67b96031bc821b89bfb77cd6fff
14436981a1d5f5c90c3c01dc984ec9e97f81164d
060c53036a1ab3381f9cdea7e322b982e0d8305e40dce70167a17386d91148c4

HTTP Headers

GET /miningrecord_files/img_coinbase_phone.70f3a67b.png HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/index/login/loadhomepage.html
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:23 GMT
Content-Type: image/png
Content-Length: 444473
Last-Modified: Tue, 10 Jan 2023 17:46:18 GMT
Connection: keep-alive
ETag: "63bda46a-6c839"
Expires: Tue, 28 Feb 2023 21:35:23 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

cdn.jsdelivers.com/jquery/3.2.1/jquery.js?0.33792239147506953

172.67.128.188

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn.jsdelivers.com/jquery/3.2.1/jquery.js?0.33792239147506953
IP
172.67.128.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jquery/3.2.1/jquery.js?0.33792239147506953 HTTP/1.1
Host: cdn.jsdelivers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coinbasedex.ltd/

HTTP/1.1 302 Moved Temporarily
Date: Sun, 29 Jan 2023 21:35:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIO8htHFU1HBFSu8IyHL3%2BkFWcS%2BezENRmLdvtraC6JUg242FZVbd0FQJC%2FnG1kveJhcVrcrTr4i8mvMGK9BSGo3SrEkfh14yT1hcOdZK4YhPKMUaFM4Lkkx0ET8R0X5THwpmcM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791518e33da80b4d-OSL
alt-svc: h2=":443"; ma=60

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
95396151747ee57e0d0504de315147a8
38f8d1c9a5daa1c8a29a655dc69dddbd2aef127f
9e993eb196d8c87e15a5cbc000b0c6fd17032e8d0bedf5ac757d3fc62e5cec58

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E993EB196D8C87E15A5CBC000B0C6FD17032E8D0BEDF5AC757D3FC62E5CEC58"
Last-Modified: Fri, 27 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 03:35:22 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
95396151747ee57e0d0504de315147a8
38f8d1c9a5daa1c8a29a655dc69dddbd2aef127f
9e993eb196d8c87e15a5cbc000b0c6fd17032e8d0bedf5ac757d3fc62e5cec58

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E993EB196D8C87E15A5CBC000B0C6FD17032E8D0BEDF5AC757D3FC62E5CEC58"
Last-Modified: Fri, 27 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 30 Jan 2023 03:34:27 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
57c37c18ef0204830ff65765137ccf14
f2a433f820e75fd80e5d435b30f8edabdee15932
e654df27dbdc10bb5d130f3782dcd2b2e428b345b0901dc59325bf7e11588010

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E654DF27DBDC10BB5D130F3782DCD2B2E428B345B0901DC59325BF7E11588010"
Last-Modified: Sun, 29 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Mon, 30 Jan 2023 03:34:32 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7f9a63b359105c50821f4c958eb1120
2ec29cc8087a719ffd97cdfc57da8a1a49ab1e7f
ac75656152f830388978c8d530f522b52849773de2d3cc4655d870e0b68ef7dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC75656152F830388978C8D530F522B52849773DE2D3CC4655D870E0B68EF7DC"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16559
Expires: Mon, 30 Jan 2023 02:11:21 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
95396151747ee57e0d0504de315147a8
38f8d1c9a5daa1c8a29a655dc69dddbd2aef127f
9e993eb196d8c87e15a5cbc000b0c6fd17032e8d0bedf5ac757d3fc62e5cec58

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E993EB196D8C87E15A5CBC000B0C6FD17032E8D0BEDF5AC757D3FC62E5CEC58"
Last-Modified: Fri, 27 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 03:35:22 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

bridge.walletconnect.org/?env=browser&host=coinbasedex.ltd&protocol=wc&version=1

3.122.104.17

200 OK

0 B

URL HTTP/2
bridge.walletconnect.org/?env=browser&host=coinbasedex.ltd&protocol=wc&version=1
IP
3.122.104.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?env=browser&host=coinbasedex.ltd&protocol=wc&version=1 HTTP/1.1
Host: bridge.walletconnect.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://coinbasedex.ltd
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yumLS/alB7HA99Dcu8foLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/2 200 OK
sec-websocket-accept: pUb0Yb89RP9Ydbu5sUxGfLybNoY=
date: Sun, 29 Jan 2023 21:35:21 GMT
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
57c37c18ef0204830ff65765137ccf14
f2a433f820e75fd80e5d435b30f8edabdee15932
e654df27dbdc10bb5d130f3782dcd2b2e428b345b0901dc59325bf7e11588010

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E654DF27DBDC10BB5D130F3782DCD2B2E428B345B0901DC59325BF7E11588010"
Last-Modified: Sun, 29 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Mon, 30 Jan 2023 03:34:49 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js

151.101.65.229

200 OK

30 kB

URL HTTP/2
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32058)
Size
30 kB (30180 bytes)
Hash
20532f68850fbf98301ee064978fe500
baa841180e3a637eec908fbe16446a1d3270c6f8
421607c7298f63a23569c71a3269c5ae3cfe15a36290039735c3ae3533de2c68

HTTP Headers

GET /npm/jquery@3.2.1/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://coinbasedex.ltd/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.2.1
x-jsd-version-type: version
etag: W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 21:35:22 GMT
age: 4127046
x-served-by: cache-fra-eddf8230126-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30180
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

151.101.130.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
dd9730a24fb276c36d32f14c23675e33
69eb5870d9fa6ce806468ce3c093ab5ae19e16e4
89c2babf048e7734a5b12d192c245f0d9bb4dfec650b447ab55a60c530bca4e3

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "07E438848E0429A63E9C8B798CD6F48A2A05D629"
Expires: Mon, 30 Jan 2023 09:00:00 UTC
Last-Modified: Sun, 29 Jan 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 21:35:22 GMT
Via: 1.1 varnish
Age: 256
X-Served-By: cache-bma1672-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1675028123.612741,VS0,VE1

coinbasedex.ltd/index/index/ajaxindexpro1

38.55.135.64

200 OK

812 B

URL HTTP/1.1
coinbasedex.ltd/index/index/ajaxindexpro1
IP
38.55.135.64:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (9153), with no line terminators
Size
812 B (812 bytes)
Hash
8fb0175e29922c2b9dae65ca9f4fb590
d90b6f63e1d64dcbace318d81bc505b8ac3e0bf2
b53cd8090a12c40d9ad90cf58768480ac67ea214dec5fcb85089b6134f2b8d3b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/index/ajaxindexpro1 HTTP/1.1
Host: coinbasedex.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Cookie: PHPSESSID=efbndf3iaj1jruc3rvcdm61qg2; think_var=en-us; pid1=23068.786; pid2=1583.012; pid3=75.141; pid303=6.735; pid302=0.3737; pid5=0.37673; pid4=1.0003

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 21:35:25 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: pid1=23068.938; path=/
pid2=1583.912; path=/
pid3=75.128; path=/
pid303=6.741; path=/
pid302=0.4077; path=/
pid5=0.37677; path=/
pid4=0.9723; path=/
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
95396151747ee57e0d0504de315147a8
38f8d1c9a5daa1c8a29a655dc69dddbd2aef127f
9e993eb196d8c87e15a5cbc000b0c6fd17032e8d0bedf5ac757d3fc62e5cec58

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E993EB196D8C87E15A5CBC000B0C6FD17032E8D0BEDF5AC757D3FC62E5CEC58"
Last-Modified: Fri, 27 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 03:35:22 GMT
Date: Sun, 29 Jan 2023 21:35:22 GMT
Connection: keep-alive

coinbasedex.cc/static/css/chunk-443a9cc1.e30c389d.css

104.21.52.25

200 OK

2.3 kB

URL HTTP/2
coinbasedex.cc/static/css/chunk-443a9cc1.e30c389d.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (8340), with no line terminators
Size
2.3 kB (2260 bytes)
Hash
c1c6f454efd464032c2535dc6f6c7fb0
b30672dafc1ddc7c75827da519d9c93d357e1243
42b88953347acc12c5f86f5737c0c131847303760dbd49dfcfa7c1a8e2482a36

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-443a9cc1.e30c389d.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:23 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:12 GMT
vary: Accept-Encoding
etag: W/"6306dc5c-2094"
expires: Mon, 30 Jan 2023 09:35:23 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDdAKYAOcFGKoDh1Z2FFBKs1Z%2Fq%2Bdw2VI10CBIIDQJMu8OOSwdID8wpd2Jsxm%2FVfJdenh61lOp9vWqfzwxnDgWclsKxx6aOKqagKRvy8PE4vqhq7rzf7%2B6LfdIcqrUCQjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e7bcfab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-24674274.1272a080.css

104.21.52.25

200 OK

2.5 kB

URL HTTP/2
coinbasedex.cc/static/css/chunk-24674274.1272a080.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2829), with no line terminators
Size
2.5 kB (2492 bytes)
Hash
9b46840d990c7b0826f41b91e3438229
ab5e085703f20e15e2d3d8efa245a2378b7271cf
5f6881c7e9beb9a9cf4397fcb59cacfffe98ccae45c98e7eea9cb89df32d4545

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-24674274.1272a080.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:23 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:12 GMT
vary: Accept-Encoding
etag: W/"6306dc5c-b0d"
expires: Mon, 30 Jan 2023 09:35:23 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSlxYiA%2BTjsy69vCtXDpZXCgRgEaqpD3x4CT4w5O5ZAC46Erd1Opg8HnAZ150DuxqjxsjLLg11jaL1I8Swead774jJQ8W2bpXTNQ3A7s5kXIR1TxJUo0NhNDo6HNs%2FW74w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e77c9fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-440b8115.195697b4.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-440b8115.195697b4.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-440b8115.195697b4.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:23 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:12 GMT
vary: Accept-Encoding
etag: W/"6306dc5c-408"
expires: Mon, 30 Jan 2023 09:35:23 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIHip64n7xyA%2BIFwaSmX8MIfBQNGgntUpWf5BVhsgCwBU1pk2Ms2PvIwrc7dXFL0Zkj5oFMa4r279%2FNkT02te6vMOd4OIpkXw457XgVtNYaDNOnnLXQ3I1WYjIAXiuBObw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e7bcf5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-01a3a429.aec4fdd8.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-01a3a429.aec4fdd8.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-01a3a429.aec4fdd8.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:22 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:11 GMT
vary: Accept-Encoding
etag: W/"6306dc5b-e19"
expires: Mon, 30 Jan 2023 09:35:22 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSf4G2%2F%2BTQrx14yL6A1ViXC4bQdbTVjU6ts8etvsNG09dQIyhVvYpMorPRwvebmwHInkPW7iAlokC4EN%2FC1UrVp4A8dfr9yFAnmcCkgBaFiWWQvlO78comenkEJZywP9hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e4381bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-095669ea.8cd2e252.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-095669ea.8cd2e252.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-095669ea.8cd2e252.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:22 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:11 GMT
vary: Accept-Encoding
etag: W/"6306dc5b-fc3"
expires: Mon, 30 Jan 2023 09:35:22 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeQV0wxzinjPGwtP4sMzmpL29q0CO0ie%2ByFQ7G411xuk1F%2FinknnKWzJBDQz%2FiksxCX0V36X2UEsyQkE2U3UZqK1xjyg14Ntr0sv1l946btdRxnLTzQG0wp13GAEn8zWKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e44823b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-220c5140.8a933fd5.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-220c5140.8a933fd5.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-220c5140.8a933fd5.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:22 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:12 GMT
vary: Accept-Encoding
etag: W/"6306dc5c-d62"
expires: Mon, 30 Jan 2023 09:35:22 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yIFjNUzn%2Fz9EyL4AYmS2impj3NHkUxb%2FkrlhkmdzY0dJGgHpg6vvZOf%2BLXKY8ujiAMIaaq%2BU2v0d%2FdULppHK8LXwaMu0DIVl28lYhLJJVLeKTQ8NenQqZatM2YXbcPenA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e4685cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-10311cbd.1c3d6370.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-10311cbd.1c3d6370.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-10311cbd.1c3d6370.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:22 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:13 GMT
vary: Accept-Encoding
etag: W/"6306dc5d-15b5"
expires: Mon, 30 Jan 2023 09:35:22 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8MfJ2vsoVJmsxiAY1LDRopo2DyNTRZVULuOSkB0XoDAskyQdSWPww4kYK6zNOJ4n7rEvdWPhPNadFd%2Bfqvzzl8HzvuDIt3Z5ZVhNjDAta4e944ioTjGSy6y8Lv2OhjLkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e5aa53b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-0cc4dadc.db9a37f4.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-0cc4dadc.db9a37f4.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-0cc4dadc.db9a37f4.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:22 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:12 GMT
vary: Accept-Encoding
etag: W/"6306dc5c-172e"
expires: Mon, 30 Jan 2023 09:35:22 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ffrxn2cArm5aufwqDa6BJ1pe2AVH2HS1S9Br5M%2F9t3zENlNTGjnFsOXi3VY6Okvii72VIAjCtcEVZTkaxujgUjK%2F92DGKGvjrlWXcd0InHFf64zfCWWLg%2Fmn2W%2BCOwDKRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e45846b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-12b70972.601dfe9a.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-12b70972.601dfe9a.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-12b70972.601dfe9a.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:22 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:12 GMT
vary: Accept-Encoding
etag: W/"6306dc5c-67d"
expires: Mon, 30 Jan 2023 09:35:22 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGvK3Cgaw8MaUAqCmX2ubdO2FeYmcHczXMQ%2FsNNDtloBhSTGE%2FWjHFB%2B5NJoEDL0JTg3o66K%2BOOfbabK%2FqWhvvQINcsFUmMv0KSp0ARx5%2BM8js2azKIk8RIjA5EpGmkPfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e46859b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coinbasedex.cc/static/css/chunk-2979ec30.37fe0223.css

104.21.52.25

200 OK

0 B

URL HTTP/2
coinbasedex.cc/static/css/chunk-2979ec30.37fe0223.css
IP
104.21.52.25:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET /static/css/chunk-2979ec30.37fe0223.css HTTP/1.1
Host: coinbasedex.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: http://coinbasedex.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 21:35:23 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 02:20:13 GMT
vary: Accept-Encoding
etag: W/"6306dc5d-2f10"
expires: Mon, 30 Jan 2023 09:35:23 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxm%2FYqpKYcdeYlDPn9nKsqSyvqDMZrUrrgMrxUs4cjwWr%2BHx2H%2B%2BRMrtUNd6Rt0f3ViNI5%2FdOpBqE%2BTZTm5QDExs0oS0QzumZ8M7fqSZNyqZkk5r5Kpc%2BrwaoHuwJijDUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791518e7bce4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML