coinbase.recoveryaccountloacked.com Open in urlscan Pro
128.199.7.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coinbase.recoveryaccountloacked.com/
Effective URL:
http://coinbase.recoveryaccountloacked.com/signin
Submission: On December 10 via automatic, source openphish (December 10th 2021, 1:01:22 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 128.199.7.188, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is coinbase.recoveryaccountloacked.com.

This is the only time coinbase.recoveryaccountloacked.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2	128.199.7.188 128.199.7.188	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2606:4700::68... 2606:4700::6812:60a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	3

2 128.199.7.188 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

coinbase.recoveryaccountloacked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:60a (United States)

ASN13335 (CLOUDFLARENET, US)

www.coinbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.coinbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	coinbase.com www.coinbase.com assets.coinbase.com	139 KB
2	recoveryaccountloacked.com coinbase.recoveryaccountloacked.com	17 KB
8	2

	Domain	Requested by
3	www.coinbase.com	coinbase.recoveryaccountloacked.com www.coinbase.com
2	coinbase.recoveryaccountloacked.com
1	assets.coinbase.com	coinbase.recoveryaccountloacked.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
coinbase.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://coinbase.recoveryaccountloacked.com/signin
Frame ID: 61916705721A28BF83AD335EF1BBABE0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coinbase - Buy/Sell Cryptocurrency

Page URL History Show full URLs

http://coinbase.recoveryaccountloacked.com/ Page URL
http://coinbase.recoveryaccountloacked.com/signin Page URL

Page Statistics

8
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

156 kB
Transfer

726 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coinbase.recoveryaccountloacked.com/ Page URL
http://coinbase.recoveryaccountloacked.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
coinbase.recoveryaccountloacked.com/ 182 B
563 B 3606ms
3560ms Document
text/html 128.199.7.188
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbase.recoveryaccountloacked.com/
Protocol: HTTP/1.1
Server: 128.199.7.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 3f9b561ab05d186e52c4ecab9f06b4f7ff87fb441a96fa3c1c837969e4dfdfc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 10 Dec 2021 13:01:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK Primary Request signin Show response
coinbase.recoveryaccountloacked.com/ 17 KB
17 KB 524ms
524ms Document
text/html 128.199.7.188
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbase.recoveryaccountloacked.com/signin
Protocol: HTTP/1.1
Server: 128.199.7.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: dfd5f34cddc58fa3026adbcf630280c4de80bc9d37d71b757f1e69b107c53793

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://coinbase.recoveryaccountloacked.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://coinbase.recoveryaccountloacked.com/

Response headers

Date: Fri, 10 Dec 2021 13:01:17 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 application-78af4be1b0d0b4b83ee3ebd72b66ba5cc181fa9729d9094cb56b02ece5c1242a.css
www.coinbase.com/assets/ 299 KB
54 KB 82ms
33ms Stylesheet
text/css 2606:4700::6812:60a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coinbase.com/assets/application-78af4be1b0d0b4b83ee3ebd72b66ba5cc181fa9729d9094cb56b02ece5c1242a.css

Requested by

Host: coinbase.recoveryaccountloacked.com
URL: http://coinbase.recoveryaccountloacked.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:60a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Proof-of-Work

Resource Hash

0af6065fd973522628af4b18d9a5c9536f3e3a1bd75bd278d98e15472a7d1a8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://.online-metrix.net https://.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/ https://cdn.plaid.com/link/ https://.doubleclick.net/ blob: https://www.youtube.com https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://.paypal.com https://pay.google.com/ https://accounts.google.com/ https://transact.atomicfi.com/ https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://.braintree-api.com https://api.braintreegateway.com https://vq0hrc01qb.execute-api.us-east-1.amazonaws.com/api wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://contentful.coinbase.com/ https://api.userleap.com/ https://widgets.marqeta.com/client/api/v1/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://api.kickofflabs.com/; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://asset-metadata-service-production.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px https://atomicfi-public-production.s3.amazonaws.com https://cdn-public.atomicfi.com; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://.google-analytics.com https://www.google.com https://www.gstatic.com https://.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com https://recaptcha.net/ https://www.gstatic.cn/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://cdn.atomicfi.com/transact.js; style-src 'self' 'unsafe-inline' https://assets.coinbase.com https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://coinbase.recoveryaccountloacked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 904294
cf-polished: origSize=309572
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 01:34:32 GMT
server: cloudflare
x-powered-by: Proof-of-Work
expect-ct: enforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob: https://www.youtube.com https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://*.paypal.com https://pay.google.com/ https://accounts.google.com/ https://transact.atomicfi.com/ https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://*.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://*.braintree-api.com https://api.braintreegateway.com https://vq0hrc01qb.execute-api.us-east-1.amazonaws.com/api wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://contentful.coinbase.com/ https://api.userleap.com/ https://widgets.marqeta.com/client/api/v1/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://api.kickofflabs.com/; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://asset-metadata-service-production.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://*.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px https://atomicfi-public-production.s3.amazonaws.com https://cdn-public.atomicfi.com; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com https://recaptcha.net/ https://www.gstatic.cn/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://cdn.atomicfi.com/transact.js; style-src 'self' 'unsafe-inline' https://assets.coinbase.com https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
trace-id: 1423597848269258403
cf-ray: 6bb6a939f90359e9-MXP
expires: Sat, 10 Dec 2022 13:01:17 GMT

GET
H2 200 core-194274e3cb03df677717cc2d37549f83ee5cd31c2a7eb86a3d70e445c8bc1834.css
www.coinbase.com/assets/ 331 KB
66 KB 78ms
30ms Stylesheet
text/css 2606:4700::6812:60a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coinbase.com/assets/core-194274e3cb03df677717cc2d37549f83ee5cd31c2a7eb86a3d70e445c8bc1834.css

Requested by

Host: coinbase.recoveryaccountloacked.com
URL: http://coinbase.recoveryaccountloacked.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:60a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Proof-of-Work

Resource Hash

64f7bca2ffd1adb6fbbc8d7e006a07b766f984fd31e5be3739e7c1c5719e17ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://.online-metrix.net https://.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/ https://cdn.plaid.com/link/ https://.doubleclick.net/ blob: https://www.youtube.com https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://.paypal.com https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://dynamic-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://.braintree-api.com https://api.braintreegateway.com https://vq0hrc01qb.execute-api.us-east-1.amazonaws.com/api wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://api.userleap.com/ https://widgets.marqeta.com/client/api/v1/ https://images.ctfassets.net/; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://.google-analytics.com https://www.google.com https://www.gstatic.com https://.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com https://recaptcha.net/ https://www.gstatic.cn/ https://images.ctfassets.net/; style-src 'self' 'unsafe-inline' https://assets.coinbase.com https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://coinbase.recoveryaccountloacked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7549398
x-powered-by: Proof-of-Work
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Sep 2021 01:34:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: enforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=341523
content-security-policy: default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob: https://www.youtube.com https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://*.paypal.com https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://*.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://dynamic-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://*.braintree-api.com https://api.braintreegateway.com https://vq0hrc01qb.execute-api.us-east-1.amazonaws.com/api wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://api.userleap.com/ https://widgets.marqeta.com/client/api/v1/ https://images.ctfassets.net/; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://*.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com https://recaptcha.net/ https://www.gstatic.cn/ https://images.ctfassets.net/; style-src 'self' 'unsafe-inline' https://assets.coinbase.com https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
cf-ray: 6bb6a939f90759e9-MXP
expires: Sat, 10 Dec 2022 13:01:17 GMT

GET
H2 200 cds.4ca32533953caaac2a59.css
assets.coinbase.com/assets/ 78 KB
13 KB 79ms
31ms Stylesheet
text/css 2606:4700::6812:60a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.coinbase.com/assets/cds.4ca32533953caaac2a59.css

Requested by

Host: coinbase.recoveryaccountloacked.com
URL: http://coinbase.recoveryaccountloacked.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:60a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2744d8b42ccf6af9ad21e2b96ec37011e1809a6213d556ad335ab26d912beb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://coinbase.recoveryaccountloacked.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:01:17 GMT
via: 1.1 6e780f6f347aa057e7aceacd8c7029bf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 835431
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 30 Nov 2021 20:55:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-bgj: minify
server: cloudflare
etag: W/"8a0c31e7a77b348c8fb644f778a359a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556926
cf-polished: origSize=80376
x-amz-cf-pop: MIA3-P2
cf-ray: 6bb6a939fdfa0f5e-MXP
x-amz-cf-id: eO--l-oRPiBBf6Ws3HqZPLcPNdZaeGKfvrxZJlxm4zsiO0SUfe4ExA==
expires: Sat, 10 Dec 2022 18:50:03 GMT

GET
H2 200 icon-visible-active-402d81fd99fe281230bdf39a8bf63c1d3012f790fb521b1c1f0624296eac4be7.svg
www.coinbase.com/assets/app/ 591 B
5 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:60a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coinbase.com/assets/app/icon-visible-active-402d81fd99fe281230bdf39a8bf63c1d3012f790fb521b1c1f0624296eac4be7.svg

Requested by

Host: www.coinbase.com
URL: https://www.coinbase.com/assets/application-78af4be1b0d0b4b83ee3ebd72b66ba5cc181fa9729d9094cb56b02ece5c1242a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:60a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Proof-of-Work

Resource Hash

402d81fd99fe281230bdf39a8bf63c1d3012f790fb521b1c1f0624296eac4be7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://fast.wistia.net https://.online-metrix.net https://.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://cdn.plaid.com/link/ https://.doubleclick.net/ blob:; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://api2.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://dynamic-assets.coinbase.com/ https://events-service.coinbase.com/amp static.coinbase.com wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: static.coinbase.com; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://.google-analytics.com https://www.google.com https://www.gstatic.com https://.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; style-src 'self' 'unsafe-inline' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; report-uri /csp-report, default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://.online-metrix.net https://.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://cdn.plaid.com/link/ https://.doubleclick.net/ blob: https://www.youtube.com https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://.paypal.com https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://dynamic-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://.braintree-api.com https://api.braintreegateway.com wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://api.userleap.com/ https://widgets.marqeta.com/client/api/v1/; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://.paypal.com; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://.google-analytics.com https://www.google.com https://www.gstatic.com https://.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com; style-src 'self' 'unsafe-inline' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.coinbase.com/assets/application-78af4be1b0d0b4b83ee3ebd72b66ba5cc181fa9729d9094cb56b02ece5c1242a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 9825291
x-powered-by: Proof-of-Work
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 May 2021 21:33:52 GMT
server: cloudflare
x-frame-options: DENY, SAMEORIGIN
expect-ct: enforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
vary: Origin,Accept-Encoding
x-download-options: noopen
content-type: image/svg+xml
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob:; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://api2.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://dynamic-assets.coinbase.com/ https://events-service.coinbase.com/amp static.coinbase.com wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: static.coinbase.com; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; style-src 'self' 'unsafe-inline' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; report-uri /csp-report, default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob: https://www.youtube.com https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://*.paypal.com https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://*.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://dynamic-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://*.braintree-api.com https://api.braintreegateway.com wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://api.userleap.com/ https://widgets.marqeta.com/client/api/v1/; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://*.paypal.com; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com; style-src 'self' 'unsafe-inline' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
cf-ray: 6bb6a93a7a1d59e9-MXP
expires: Sat, 10 Dec 2022 13:01:17 GMT

GET Graphik-Regular-Web-aeabadfcbec89b7a55d9a65893d93f275b406984811f8236b60bc9d9a7653360.woff2
www.coinbase.com/assets/graphik/ 0
0

GET Graphik-Regular-Web-7dfd8a5140355bdddf118fb75ad563f47fd8d4fd85d4f185c8bd894cf821069b.woff
www.coinbase.com/assets/graphik/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.coinbase.com
URL: https://www.coinbase.com/assets/graphik/Graphik-Regular-Web-aeabadfcbec89b7a55d9a65893d93f275b406984811f8236b60bc9d9a7653360.woff2

Domain: www.coinbase.com
URL: https://www.coinbase.com/assets/graphik/Graphik-Regular-Web-7dfd8a5140355bdddf118fb75ad563f47fd8d4fd85d4f185c8bd894cf821069b.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			coinbase.recoveryaccountloacked.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3005b7a303ca25a9ee441b358467113c
			.coinbase.com/	1970-01-19 23:19:03	Name: __cf_bm Value: Jd_wBpNMQZhZJ5WXJkcL_VTEAEpQsjqWHtgHL3FWQnY-1639141277-0-AfS82IJrpVxOEnzECdt26/mgm+uemLfUEOa2LnU3fr9uplo0Jm28Yo/qHA8dHPZG1oxnX6mxcnt13Z1AeHuURxE=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://coinbase.recoveryaccountloacked.com/signin Message: Access to font at 'https://www.coinbase.com/assets/graphik/Graphik-Regular-Web-aeabadfcbec89b7a55d9a65893d93f275b406984811f8236b60bc9d9a7653360.woff2' from origin 'http://coinbase.recoveryaccountloacked.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.coinbase.com/assets/graphik/Graphik-Regular-Web-aeabadfcbec89b7a55d9a65893d93f275b406984811f8236b60bc9d9a7653360.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbase.recoveryaccountloacked.com/signin Message: Access to font at 'https://www.coinbase.com/assets/graphik/Graphik-Regular-Web-7dfd8a5140355bdddf118fb75ad563f47fd8d4fd85d4f185c8bd894cf821069b.woff' from origin 'http://coinbase.recoveryaccountloacked.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.coinbase.com/assets/graphik/Graphik-Regular-Web-7dfd8a5140355bdddf118fb75ad563f47fd8d4fd85d4f185c8bd894cf821069b.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.coinbase.com
coinbase.recoveryaccountloacked.com
www.coinbase.com
www.coinbase.com
128.199.7.188
2606:4700::6812:60a
0af6065fd973522628af4b18d9a5c9536f3e3a1bd75bd278d98e15472a7d1a8c
2744d8b42ccf6af9ad21e2b96ec37011e1809a6213d556ad335ab26d912beb74
3f9b561ab05d186e52c4ecab9f06b4f7ff87fb441a96fa3c1c837969e4dfdfc0
402d81fd99fe281230bdf39a8bf63c1d3012f790fb521b1c1f0624296eac4be7
64f7bca2ffd1adb6fbbc8d7e006a07b766f984fd31e5be3739e7c1c5719e17ac
dfd5f34cddc58fa3026adbcf630280c4de80bc9d37d71b757f1e69b107c53793

coinbase.recoveryaccountloacked.com Open in urlscan Pro 128.199.7.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

50 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

156 kBTransfer

726 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

2 Cookies

4 Console Messages

Indicators

coinbase.recoveryaccountloacked.com Open in urlscan Pro
128.199.7.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

156 kB
Transfer

726 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!