coinbase.com.borrowapp.pro
Open in
urlscan Pro
194.50.153.48
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On July 24 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.
This is the only time coinbase.com.borrowapp.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Coinbase (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 194.50.153.48 194.50.153.48 | 202973 (WAICORE-T...) (WAICORE-TRANSIT) | |
16 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
borrowapp.pro
coinbase.com.borrowapp.pro |
288 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
16 | coinbase.com.borrowapp.pro |
coinbase.com.borrowapp.pro
|
16 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
coinbase.com.borrowapp.pro R3 |
2023-07-24 - 2023-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://coinbase.com.borrowapp.pro/
Frame ID: 35E412D54CDD08006BA0917FFF7A34D0
Requests: 16 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
coinbase.com.borrowapp.pro/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
84b8ad28acc25855-s.p.woff2
coinbase.com.borrowapp.pro/_next/static/media/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
335ed26c2a759467.css
coinbase.com.borrowapp.pro/_next/static/css/ |
90 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webpack-0fca1534235a17f9.js
coinbase.com.borrowapp.pro/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
framework-5e8ac8dd643904dd.js
coinbase.com.borrowapp.pro/_next/static/chunks/ |
138 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-5ac831401d78e836.js
coinbase.com.borrowapp.pro/_next/static/chunks/ |
94 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_app-3b99882354c0aa70.js
coinbase.com.borrowapp.pro/_next/static/chunks/pages/ |
400 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
81-fe512148664386e9.js
coinbase.com.borrowapp.pro/_next/static/chunks/ |
70 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
555-fdc2786f2649bb5b.js
coinbase.com.borrowapp.pro/_next/static/chunks/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-8e4d40b743cb80ee.js
coinbase.com.borrowapp.pro/_next/static/chunks/pages/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_buildManifest.js
coinbase.com.borrowapp.pro/_next/static/exwaBwL1RKZndh0DLoiwi/ |
665 B 1020 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_ssgManifest.js
coinbase.com.borrowapp.pro/_next/static/exwaBwL1RKZndh0DLoiwi/ |
77 B 430 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
coinbase.com.borrowapp.pro/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
data
coinbase.com.borrowapp.pro/api/client/ |
6 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
markets-d973b32d0522f009.js
coinbase.com.borrowapp.pro/_next/static/chunks/pages/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
markets-d973b32d0522f009.js
coinbase.com.borrowapp.pro/_next/static/chunks/pages/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Coinbase (Crypto Exchange)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
coinbase.com.borrowapp.pro
194.50.153.48
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
2d8531b2fbebf2e434e0256835fa49cf47f78fd1c38e40383abe8787052f9ee3
3d7535fc10b05943456486d50143cf42df813e92a3ccd23161ebd0f4e4b1df9b
4597e5bece2391cd49b4e24d79d82bde3caab62b7db061d9b6dc771f9f8db231
4a9c03f9433e6cbfb013354475f4805d88dc89171696937ce8b02ee0a9b85132
4c381b9029f8077a86c0c5a7ac696ccba7f23e4a9a9b6479e875916b4e51f6e7
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
820b45f37e6c5bfc4d5267f18b486eac18eaf1f5d18232354192d8d0c1c6d324
a3e79d01211bb7e0dc36d1e36e74635d45ae343d2e43ff7f4b34f03b2047880f
c6b6486185fe58b68abd73be5eaee68704d70eff7b14b8cb048271a47ccbb698
cb35aa21e65beb523dc45f95beef46320cb0fb8cf02414707e78a8dea105c9cf
da504b9a73fbef8855c28d53e34eadc2c17967640583979dbe99cf3a475d2dea
dd1cf0310a4d6b27407345cc54fbe33ba954688642530082fdb409c9e21fe455
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ebf1a64cd020c1dc5a19f2343197af9f3ad284708d41043cc9b3e56e0026d7
fde0cd35abc0caa67ed989238e622c56e0556a1b8ae520dc9fa354412cdc6359