{"report_id":"f1361503-c741-4c27-a4c1-0159a6b76cc9","version":0,"status":"done","tags":[],"date":"2026-06-26T12:10:07Z","url":{"schema":"http","addr":"tidua-coinbase.com","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":0,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"tidua-coinbase.com/","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"title":"Checking your connection","dom":{"size":7598,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (305)","md5":"4f9dff842875ec7571bb05a944b565df","sha1":"09304ace23a3e0fc18f438248dad17b95fa78d4e","sha256":"841f2e49a14540f8a91754463fe5065cc0ea21a082e473e209e8f5c7eb98f67e","sha512":"87c7e449b9d99b5f34db5cc9d09cde7625d46fad37a347c547b3c3405ef5f495b07bd5b7470b7422a4647ed4decc10d55df455129403284ee9c276006fffa0f9","ssdeep":"192:MNa4BpnrHN7kkULS2aI+6QY3AxUEuPLZ2pIayErM4:i1br9KCb5uP8yEd","tlshash":"60f1a56636771015a76358983b8b63067035e4072287c8287bdd4248cfe67d8e7e3bee","dom_hash":"domhash0f0e5428059ed9756e11f3d8f1d5b4fa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tidua-coinbase.com","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":0,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-31T12:10:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"tidua-coinbase.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":10,"received_data":90635,"sent_data":5742,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tidua-coinbase.com/","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7c83549037c79d992bec5365adb2488","sha1":"9fbc8fbe075a284644832105769ade9214f2fe92","sha256":"6df3b18f003199ccbb8831d4b826f85d3f91d40a9a7599c4bc989306884e1ba4","sha512":"8d30346cb7fc002767422c94f8ee4d32b0b6fc054b42d4e78405757ad7d125ea15844d7c200b2ba47c2ea7945147f519698aa27127c53a15bbc7757cfdfb424e","ssdeep":"","tlshash":"b271336a3a771139475b60a94707a1053436a44b36c2d8187b6c4210cfe6b6df673bee","size":3666,"data":"","first_seen":"2026-06-26T12:10:11.119204Z","last_seen":"2026-06-26T12:10:11.119204Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Starting visitor logging...","filename":"https://tidua-coinbase.com/","line_number":146,"column_number":17},{"level":"error","text":"Error details:NetworkError when attempting to fetch resource.","filename":"https://tidua-coinbase.com/","line_number":184,"column_number":17}]},"http":[{"url":{"schema":"https","addr":"tidua-coinbase.com/check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:10:00.541Z","timestamp":1782475800541,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T17:32:17.234066Z","times_seen":16799056,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:57.538Z","timestamp":1782475797538,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T17:32:17.234066Z","times_seen":16799056,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:10:03.540Z","timestamp":1782475803540,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T17:32:17.234066Z","times_seen":16799056,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-26T12:09:43.565Z","timestamp":1782475783565,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nset-cookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; path=/; secure\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Jun 2026 20:33:56 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":7812,"size_decoded":3356,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"e6982c21578e2cce77c3b0e5b30f20bc","sha1":"ba939b8af69e658c4cd552b56b6b833d4ef4a0cd","sha256":"8cc9f28ee89cf3c1cafba79e01118505e69e2e216a46189b4ad17e99c04dfdbe","sha512":"d4a5b4e9f76dddea7be036be4a97b31e18843ffce15ece3361007ced5c43edfd89b8dc34291814fa58bca81fbb576ed7625143b6ff8257026725eec77d30f8d7","ssdeep":"192:5q4YEaI3kJmQ8KeB49TQY4AvOyZGLATiJyIn:5q4Y3GFqWzsvZGJJyIn","tlshash":"abf1a6253615241993b357b4bb935309f836a427238281287bed43498ff6784e3a3fed","first_seen":"2026-06-26T12:10:11.116075Z","last_seen":"2026-06-26T12:10:11.116075Z","times_seen":1,"resource_available":true,"data":null}},"time_used":770,"timings":{"blocked":0,"dns":160,"connect":62,"send":0,"wait":419,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/fonts/display.woff2","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:44.552Z","timestamp":1782475784552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET /fonts/display.woff2 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 03 Jul 2026 20:33:56 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Fri, 26 Jun 2026 03:13:36 GMT\r\naccept-ranges: bytes\r\ncontent-length: 40076\r\ndate: Fri, 26 Jun 2026 20:33:56 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":40076,"size_decoded":40469,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40076, version 1.2097","md5":"88e532b2f6f58aac7f1dbbd3b4731e92","sha1":"e95841b0fe50b87199b4abbfd2d10563896e0688","sha256":"a1f75e7f702059493bb74cfcb3178d095b3f6da4d313e92b3ceabc3e63eb914c","sha512":"0c5a54e3bcc57152391a87ddfe4fb3bd13271f2bb0a2aaa605da649f86b301d9ba603c359315bde13420c83651b5e266d6269f51eb5c1ab43823f8851d09b574","ssdeep":"768:UZJnqiM79PCLTjpjMz6R1T1laTnl+rNvatafqvM7B1XOv:UbQ7kly6R1ScQ4iYvev","tlshash":"3e0302b7d657282df92f5fbd6e4c81187840491770f787528a8f2066c162cb8f56fd09","first_seen":"2023-04-22T15:10:15Z","last_seen":"2026-06-28T10:19:37.131253Z","times_seen":1143,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/fonts/text.woff2","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:44.553Z","timestamp":1782475784553,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET /fonts/text.woff2 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 03 Jul 2026 20:33:56 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Fri, 26 Jun 2026 03:13:47 GMT\r\naccept-ranges: bytes\r\ncontent-length: 39128\r\ndate: Fri, 26 Jun 2026 20:33:56 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":39128,"size_decoded":39521,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.2097","md5":"d65a3b1d9255924adbeeabac46787723","sha1":"2f5d6025d09e81ac0a6583f050560013f2b3fcce","sha256":"b2943cf448795751c6a309662c5237904fcb74e31507271deb64437350274b8d","sha512":"5e993defeb28e2a1332a02a017fd096a2b5a5d7d9d5294959e5bd8da51ccdf6b5bbc1b568126a89c350c43029d0e43da49fe14d47f85c6f2e45e87eb2d28e455","ssdeep":"768:r9ukWoIxmQnMtkdq0wReJL2N29X+bbzkoWy2ptCC8m5e5mFLEVy3:r9u7xmxtkAzReJiFbE42bCC8ceUFLEVQ","tlshash":"1f03022fc4b1f3e9a0d05cb96a3733d9e8ef1654318bb75138ae1ee5f8d69061209135","first_seen":"2023-04-22T15:10:15Z","last_seen":"2026-06-28T10:19:37.140614Z","times_seen":579,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/favicon/flare.ico","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:44.745Z","timestamp":1782475784745,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET /favicon/flare.ico HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 03 Jul 2026 20:33:56 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Fri, 26 Jun 2026 03:14:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 908\r\ndate: Fri, 26 Jun 2026 20:33:56 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":908,"size_decoded":1301,"mime_type":"image/x-icon","magic":"PNG image data, 99 x 96, 8-bit colormap, non-interlaced","md5":"f4d4f7e79fd34e08e729580664e75720","sha1":"f11081ef88c0de4ed6b5cc52e54ca12ac6eb1ad9","sha256":"5414bc6e4b3f6e10f99b5d37abf4420da4dcaece66f8f2c08e090e87267adbc5","sha512":"e4be9eee8a947f6cf111bfaa0e60a901a9e2469632b030faa4bbbac835f0cc5de133f934d954335cb9c9919c6bda30c7bd6e2df5532d840b34a4be597bd69145","ssdeep":"","tlshash":"0511b73a70aefde52bef791a56e32e8a6d1b003454840330e3425736c1468594299362","first_seen":"2025-10-16T21:46:37.126967Z","last_seen":"2026-06-28T17:45:12.40164Z","times_seen":8865,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:48.009Z","timestamp":1782475788009,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET /check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Jun 2026 20:33:59 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":316,"mime_type":"application/json","magic":"JSON text data","md5":"457e2a4b0b2ac67a7d4a46c59eb18ef6","sha1":"e77b2c136f1b1efbb67f5c9f9a613e95e2c7ce5b","sha256":"a8e0ba654ce651dc312b81ee49fe54ecc3d8f326dcb8086581341823c2ed4139","sha512":"7b9fc31cc00bfeb8cb1691daf3143545ae5f3e85b06268688e7e856fd43011471840596514c4e3d539d7ea5a7e55bcb0adba3d1fa9bef4878b4d7ad1441d3f31","ssdeep":"","tlshash":"6b700000002002322a800800800002ac2aa08b80002b02a0002c22208a002808208000","first_seen":"2025-06-13T15:25:07.743709Z","last_seen":"2026-06-28T10:19:37.1397Z","times_seen":56,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:51.192Z","timestamp":1782475791192,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET /check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Jun 2026 20:34:02 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":316,"mime_type":"application/json","magic":"JSON text data","md5":"457e2a4b0b2ac67a7d4a46c59eb18ef6","sha1":"e77b2c136f1b1efbb67f5c9f9a613e95e2c7ce5b","sha256":"a8e0ba654ce651dc312b81ee49fe54ecc3d8f326dcb8086581341823c2ed4139","sha512":"7b9fc31cc00bfeb8cb1691daf3143545ae5f3e85b06268688e7e856fd43011471840596514c4e3d539d7ea5a7e55bcb0adba3d1fa9bef4878b4d7ad1441d3f31","ssdeep":"","tlshash":"6b700000002002322a800800800002ac2aa08b80002b02a0002c22208a002808208000","first_seen":"2025-06-13T15:25:07.743709Z","last_seen":"2026-06-28T10:19:37.1397Z","times_seen":56,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tidua-coinbase.com/check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8","fqdn":"tidua-coinbase.com","domain":"tidua-coinbase.com","tld":"com"},"ip":{"addr":"178.16.54.253","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tidua-coinbase.com/","date":"2026-06-26T12:09:54.539Z","timestamp":1782475794539,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tidua-coinbase.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 21:03:55 GMT","end":"Wed, 23 Sep 2026 21:03:54 GMT"},"fingerprint":{"sha1":"AC:2C:4F:98:85:03:F9:B0:59:ED:36:BE:03:24:70:ED:E6:0E:EE:8B","sha256":"C3:E8:1A:D3:DE:44:72:CB:A2:02:33:11:A8:5F:DB:CF:D9:93:57:6C:C0:9F:5D:26:C2:21:82:F6:1B:9E:EB:BE"}}},"request":{"raw":"GET /check_status.php?connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8 HTTP/1.1\r\nHost: tidua-coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tidua-coinbase.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=2aa1e545a00394cba1b6dd46d687f652; connection_id=78E9DC79-6EC5-44FF-9870-A1B3E70106C8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Jun 2026 20:34:05 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20,"size_decoded":316,"mime_type":"application/json","magic":"JSON text data","md5":"457e2a4b0b2ac67a7d4a46c59eb18ef6","sha1":"e77b2c136f1b1efbb67f5c9f9a613e95e2c7ce5b","sha256":"a8e0ba654ce651dc312b81ee49fe54ecc3d8f326dcb8086581341823c2ed4139","sha512":"7b9fc31cc00bfeb8cb1691daf3143545ae5f3e85b06268688e7e856fd43011471840596514c4e3d539d7ea5a7e55bcb0adba3d1fa9bef4878b4d7ad1441d3f31","ssdeep":"","tlshash":"6b700000002002322a800800800002ac2aa08b80002b02a0002c22208a002808208000","first_seen":"2025-06-13T15:25:07.743709Z","last_seen":"2026-06-28T10:19:37.1397Z","times_seen":56,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"tidua-coinbase.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}