coinbase.com.borrowapp.pro Open in urlscan Pro
194.50.153.48 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coinbase.com.borrowapp.pro/
Submission Tags: @phishunt_io
Submission: On July 24 via api (July 24th 2023, 5:05:47 pm UTC) from DE — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 194.50.153.48, located in Russian Federation and belongs to WAICORE-TRANSIT, RU. The main domain is coinbase.com.borrowapp.pro.
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.

This is the only time coinbase.com.borrowapp.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

	IP Address		AS Autonomous System
16	194.50.153.48 194.50.153.48		202973 (WAICORE-T...) (WAICORE-TRANSIT)
16	1

16 194.50.153.48 (Russian Federation)

ASN202973 (WAICORE-TRANSIT, RU)

coinbase.com.borrowapp.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	borrowapp.pro coinbase.com.borrowapp.pro	288 KB
16	1

	Domain	Requested by
16	coinbase.com.borrowapp.pro	coinbase.com.borrowapp.pro
16	1

This site contains no links.

Subject Issuer	Validity	Valid
coinbase.com.borrowapp.pro R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://coinbase.com.borrowapp.pro/
Frame ID: 35E412D54CDD08006BA0917FFF7A34D0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coinbase

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

288 kB
Transfer

876 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response coinbase.com.borrowapp.pro/	6 KB 2 KB	2863ms 44ms	Document text/html	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Next.js Resource Hash `820b45f37e6c5bfc4d5267f18b486eac18eaf1f5d18232354192d8d0c1c6d324` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=utf-8 Date Mon, 24 Jul 2023 17:05:42 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked content-encoding gzip etag "icg18o2s874nf" vary Accept-Encoding x-powered-by Next.js
GET H/1.1	200 OK	84b8ad28acc25855-s.p.woff2 coinbase.com.borrowapp.pro/_next/static/media/	25 KB 25 KB	69ms 69ms	Font font/woff2	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/media/84b8ad28acc25855-s.p.woff2 Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `cb35aa21e65beb523dc45f95beef46320cb0fb8cf02414707e78a8dea105c9cf` Request headers Referer https://coinbase.com.borrowapp.pro/ Origin https://coinbase.com.borrowapp.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"6240-189410f5d20" Content-Type font/woff2 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes Content-Length 25152
GET H/1.1	200 OK	335ed26c2a759467.css coinbase.com.borrowapp.pro/_next/static/css/	90 KB 14 KB	77ms 77ms	Stylesheet text/css	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/css/335ed26c2a759467.css Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `f1ebf1a64cd020c1dc5a19f2343197af9f3ad284708d41043cc9b3e56e0026d7` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"167b5-189410f5d20" Transfer-Encoding chunked vary Accept-Encoding Content-Type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	webpack-0fca1534235a17f9.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/	4 KB 2 KB	109ms 41ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/webpack-0fca1534235a17f9.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `2d8531b2fbebf2e434e0256835fa49cf47f78fd1c38e40383abe8787052f9ee3` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"fd9-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	framework-5e8ac8dd643904dd.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/	138 KB 45 KB	131ms 56ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/framework-5e8ac8dd643904dd.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4597e5bece2391cd49b4e24d79d82bde3caab62b7db061d9b6dc771f9f8db231` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"226f5-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	main-5ac831401d78e836.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/	94 KB 28 KB	159ms 49ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/main-5ac831401d78e836.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4c381b9029f8077a86c0c5a7ac696ccba7f23e4a9a9b6479e875916b4e51f6e7` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"1771a-189410f5d20" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	_app-3b99882354c0aa70.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/pages/	400 KB 129 KB	211ms 53ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/pages/_app-3b99882354c0aa70.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4a9c03f9433e6cbfb013354475f4805d88dc89171696937ce8b02ee0a9b85132` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"640dc-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	81-fe512148664386e9.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/	70 KB 21 KB	165ms 48ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/81-fe512148664386e9.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `da504b9a73fbef8855c28d53e34eadc2c17967640583979dbe99cf3a475d2dea` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"119e9-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	555-fdc2786f2649bb5b.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/	11 KB 2 KB	200ms 42ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/555-fdc2786f2649bb5b.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `a3e79d01211bb7e0dc36d1e36e74635d45ae343d2e43ff7f4b34f03b2047880f` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"2ad7-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	index-8e4d40b743cb80ee.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/pages/	23 KB 6 KB	197ms 44ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/pages/index-8e4d40b743cb80ee.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `dd1cf0310a4d6b27407345cc54fbe33ba954688642530082fdb409c9e21fe455` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"5b3b-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	_buildManifest.js Show response coinbase.com.borrowapp.pro/_next/static/exwaBwL1RKZndh0DLoiwi/	665 B 1020 B	159ms 41ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/exwaBwL1RKZndh0DLoiwi/_buildManifest.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `3d7535fc10b05943456486d50143cf42df813e92a3ccd23161ebd0f4e4b1df9b` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"299-189410f5d20" vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes Content-Length 665
GET H/1.1	200 OK	_ssgManifest.js Show response coinbase.com.borrowapp.pro/_next/static/exwaBwL1RKZndh0DLoiwi/	77 B 430 B	165ms 42ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/exwaBwL1RKZndh0DLoiwi/_ssgManifest.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"4d-189410f5d20" vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes Content-Length 77
GET H/1.1	200 OK	logo.svg coinbase.com.borrowapp.pro/	4 KB 2 KB	126ms 42ms	Image image/svg+xml	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.com.borrowapp.pro/logo.svg Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 15:25:11 GMT Server nginx/1.18.0 (Ubuntu) etag W/"ecc-18940681a03" Transfer-Encoding chunked vary Accept-Encoding Content-Type image/svg+xml cache-control public, max-age=0 Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	data Show response coinbase.com.borrowapp.pro/api/client/	6 KB 6 KB	65ms 46ms	XHR application/json	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/api/client/data Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/_next/static/chunks/pages/_app-3b99882354c0aa70.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash `fde0cd35abc0caa67ed989238e622c56e0556a1b8ae520dc9fa354412cdc6359` Request headers Accept application/json, text/plain, / Referer https://coinbase.com.borrowapp.pro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"161e-D4ar9g6yCPcHuo/segnRQR9r+ik" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 5662
GET H/1.1	200 OK	markets-d973b32d0522f009.js coinbase.com.borrowapp.pro/_next/static/chunks/pages/	0 2 KB	67ms 43ms	Other application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/pages/markets-d973b32d0522f009.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/_next/static/chunks/main-5ac831401d78e836.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"18a4-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes
GET H/1.1	200 OK	markets-d973b32d0522f009.js Show response coinbase.com.borrowapp.pro/_next/static/chunks/pages/	6 KB 2 KB	42ms 41ms	Script application/javascript	194.50.153.48 WAICORE-TRANSIT
General Check archive.org Show headers Download Go to Full URL https://coinbase.com.borrowapp.pro/_next/static/chunks/pages/markets-d973b32d0522f009.js Requested by Host: coinbase.com.borrowapp.pro URL: https://coinbase.com.borrowapp.pro/_next/static/chunks/main-5ac831401d78e836.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.50.153.48 , Russian Federation, ASN202973 (WAICORE-TRANSIT, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `c6b6486185fe58b68abd73be5eaee68704d70eff7b14b8cb048271a47ccbb698` Request headers accept-language de-DE,de;q=0.9 Referer https://coinbase.com.borrowapp.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 17:05:42 GMT content-encoding gzip last-modified Mon, 10 Jul 2023 18:27:53 GMT Server nginx/1.18.0 (Ubuntu) etag W/"18a4-189410f5d24" Transfer-Encoding chunked vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable Connection keep-alive accept-ranges bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coinbase.com.borrowapp.pro
194.50.153.48
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
2d8531b2fbebf2e434e0256835fa49cf47f78fd1c38e40383abe8787052f9ee3
3d7535fc10b05943456486d50143cf42df813e92a3ccd23161ebd0f4e4b1df9b
4597e5bece2391cd49b4e24d79d82bde3caab62b7db061d9b6dc771f9f8db231
4a9c03f9433e6cbfb013354475f4805d88dc89171696937ce8b02ee0a9b85132
4c381b9029f8077a86c0c5a7ac696ccba7f23e4a9a9b6479e875916b4e51f6e7
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
820b45f37e6c5bfc4d5267f18b486eac18eaf1f5d18232354192d8d0c1c6d324
a3e79d01211bb7e0dc36d1e36e74635d45ae343d2e43ff7f4b34f03b2047880f
c6b6486185fe58b68abd73be5eaee68704d70eff7b14b8cb048271a47ccbb698
cb35aa21e65beb523dc45f95beef46320cb0fb8cf02414707e78a8dea105c9cf
da504b9a73fbef8855c28d53e34eadc2c17967640583979dbe99cf3a475d2dea
dd1cf0310a4d6b27407345cc54fbe33ba954688642530082fdb409c9e21fe455
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ebf1a64cd020c1dc5a19f2343197af9f3ad284708d41043cc9b3e56e0026d7
fde0cd35abc0caa67ed989238e622c56e0556a1b8ae520dc9fa354412cdc6359

coinbase.com.borrowapp.pro Open in urlscan Pro 194.50.153.48 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

288 kBTransfer

876 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

coinbase.com.borrowapp.pro Open in urlscan Pro
194.50.153.48 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

288 kB
Transfer

876 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!