coinbasesfo.xyz Open in urlscan Pro
156.229.129.157 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://coinbasesfo.xyz/
Submission: On November 03 via api (November 3rd 2022, 12:04:47 am UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 156.229.129.157, located in United States and belongs to GROUP-IID-01, US. The main domain is coinbasesfo.xyz.

This is the only time coinbasesfo.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
7	156.229.129.157 156.229.129.157	398968 (GROUP-IID-01) (GROUP-IID-01)
1	120.52.95.234 120.52.95.234	133119 (UNICOM-CN...) (UNICOM-CN China Unicom IP network)
6	2606:4700:440... 2606:4700:4400::ac40:9159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:214... 2600:9000:214f:4000:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
23	5

7 156.229.129.157 (United States)

ASN398968 (GROUP-IID-01, US)

coinbasesfo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.52.95.234 (China)

ASN133119 (UNICOM-CN China Unicom IP network, CN)

cdn.bootcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:9159 (United States)

ASN13335 (CLOUDFLARENET, US)

www.coinbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-assets.coinbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.coinbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:4000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	coinbasesfo.xyz coinbasesfo.xyz	210 KB
6	coinbase.com assets.coinbase.com — Cisco Umbrella Rank: 129367 Failed www.coinbase.com — Cisco Umbrella Rank: 35985 static-assets.coinbase.com — Cisco Umbrella Rank: 59700	82 KB
2	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4301	4 KB
1	bootcdn.net cdn.bootcdn.net — Cisco Umbrella Rank: 107719	33 KB
23	4

	Domain	Requested by
7	coinbasesfo.xyz	coinbasesfo.xyz
3	assets.coinbase.com	coinbasesfo.xyz
2	static-assets.coinbase.com	coinbasesfo.xyz
2	images.ctfassets.net	coinbasesfo.xyz
1	www.coinbase.com	coinbasesfo.xyz
1	cdn.bootcdn.net	coinbasesfo.xyz
23	6

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
www.coinbase.com
support.coinbase.com
blog.coinbase.com
twitter.com
www.facebook.com
investor.coinbase.com
wallet.coinbase.com
custody.coinbase.com
assethub.coinbase.com
commerce.coinbase.com
cloud.coinbase.com
developers.coinbase.com
bisontrails.co
walletlink.org
www.rosetta-api.org
www.centre.io
help.coinbase.com
status.coinbase.com

Subject Issuer	Validity	Valid
cdn.bootcdn.net TrustAsia RSA DV TLS CA G2	`2022-06-06` - `2023-06-06`	a year	crt.sh
coinbase.com Cloudflare Inc ECC CA-3	`2022-02-18` - `2023-02-17`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://coinbasesfo.xyz/
Frame ID: CFE6708F1472D4EEC595F9E494CD2FFB
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coinbase – Buy & Sell Bitcoin, Ethereum, and more with trust

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

39 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

329 kB
Transfer

996 kB
Size

2
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.coinbase.android
Title: Android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/coinbase-buy-sell-bitcoin/id886427730
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.coinbase.com/security
Title: Learn how Coinbase keeps your funds safe and secure

Search URL Search Domain Scan URL

URL: https://support.coinbase.com/customer/portal/articles/1662379-how-is-coinbase-insured-
Title: Learn how your crypto is covered by our insurance policy

Search URL Search Domain Scan URL

URL: https://blog.coinbase.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/coinbase
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Coinbase
Title: Facebook

Search URL Search Domain Scan URL

URL: https://investor.coinbase.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://wallet.coinbase.com/
Title: Wallet

Search URL Search Domain Scan URL

URL: https://custody.coinbase.com/
Title: Custody

Search URL Search Domain Scan URL

URL: https://assethub.coinbase.com/
Title: Asset Hub

Search URL Search Domain Scan URL

URL: https://commerce.coinbase.com/
Title: Commerce

Search URL Search Domain Scan URL

URL: https://cloud.coinbase.com/
Title: Coinbase Cloud

Search URL Search Domain Scan URL

URL: https://developers.coinbase.com/docs/wallet/coinbase-connect
Title: Connect

Search URL Search Domain Scan URL

URL: https://commerce.coinbase.com/docs
Title: Commerce

Search URL Search Domain Scan URL

URL: https://developers.coinbase.com/docs/exchange/
Title: Pro

Search URL Search Domain Scan URL

URL: https://bisontrails.co/
Title: Bison Trails

Search URL Search Domain Scan URL

URL: https://walletlink.org/
Title: WalletLink

Search URL Search Domain Scan URL

URL: https://www.rosetta-api.org/
Title: Rosetta

Search URL Search Domain Scan URL

URL: https://www.centre.io/developer-resources
Title: USDC

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en
Title: Help center

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en/coinbase/getting-started/getting-started-with-coinbase/create-a-coinbase-account/
Title: Create account

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en/coinbase/managing-my-account#identity-verification/
Title: ID verification

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en/coinbase/managing-my-account/
Title: Account information

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en/coinbase/getting-started#add-a-payment-method/
Title: Payment methods

Search URL Search Domain Scan URL

URL: https://help.coinbase.com/en/supported-crypto.html
Title: Supported crypto

Search URL Search Domain Scan URL

URL: https://www.coinbase.com/places/
Title: Supported countries

Search URL Search Domain Scan URL

URL: https://status.coinbase.com/
Title: Status

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
coinbasesfo.xyz/ 150 KB
27 KB 579ms
202ms Document
text/html 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a4f9e751289152f9a146cc931d5698a5faf1fd46521ad445c7e740e7ebbf16e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Origin,x-requested-with,content-type,Accept
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Nov 2022 00:04:37 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK index.css
coinbasesfo.xyz/static/common/js/vant/ 141 KB
47 KB 170ms
170ms Stylesheet
text/css 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/static/common/js/vant/index.css
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: 03f2a27c6e38c3e8e38b294c2d0c3536b989ff6285388172542b4bedf10291d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 00:04:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 04:13:40 GMT
Server: nginx
ETag: W/"6115f174-2343f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK vue.min.js Show response
coinbasesfo.xyz/static/common/js/vue/ 92 KB
38 KB 324ms
170ms Script
application/javascript 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/static/common/js/vue/vue.min.js
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 00:04:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 04:13:20 GMT
Server: nginx
ETag: W/"6115f160-16fcc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK vant.min.js Show response
coinbasesfo.xyz/static/common/js/vant/ 270 KB
91 KB 334ms
166ms Script
application/javascript 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/static/common/js/vant/vant.min.js
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: 64907943ad200eba70a44fb13c6201041d3dcaf18a8ee764763a8c93a2b480e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 00:04:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 04:14:02 GMT
Server: nginx
ETag: W/"6115f18a-436d0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
cdn.bootcdn.net/ajax/libs/jquery/1.9.0/ 91 KB
33 KB 2267ms
257ms Script
application/javascript 120.52.95.234
UNICOM-CN China U...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcdn.net/ajax/libs/jquery/1.9.0/jquery.min.js

Requested by

Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

120.52.95.234 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),

Reverse DNS

Software

openresty /

Resource Hash

7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

nginx-hit: 1
date: Thu, 03 Nov 2022 00:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-ccdn-cachettl: 31536000
age: 12931662
via: CHN-HElangfang-AREACUCC1-CACHE50[7],CHN-HElangfang-AREACUCC1-CACHE4[0,TCP_HIT,5],CHN-TJ-GLOBAL1-CACHE15[4],CHN-TJ-GLOBAL1-CACHE4[0,TCP_HIT,2]
cross-origin-resource-policy: cross-origin
nginx-vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33140
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: openresty
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-16b8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF5D7MCAuqbVseL6GaUs3sUwclGjEVM0GWv6TRNTUiwOfohujD1%2BTFaBN5h4DIf9zpau0s2BFGT%2F%2BfgsD%2F7nn4UTI4iAq0F0S1YnUHTxbjJfpOORqCMx2hnWoOsr3zmhJHuK9qgy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
x-ccdn-expires: 21196347
accept-ranges: bytes
cf-ray: 716f9787ffa87be9-LAX
timing-allow-origin: *
x-hcs-proxy-type: 1
expires: Sat, 27 May 2023 07:56:31 GMT

GET CoinbaseIcons-1634070361328.098c80fd24215db84d793155c5829823.woff2
assets.coinbase.com/assets/ 0
0

GET CoinbaseSans-Regular.c9a6e887656f7b1014db3f1a07247ee2.woff2
assets.coinbase.com/assets/ 0
0

GET CoinbaseSans-Medium.b54c6aeed882bdf66df4e5fac9c2340e.woff2
assets.coinbase.com/assets/ 0
0

GET CoinbaseText-Regular.d65a3b1d9255924adbeeabac46787723.woff2
assets.coinbase.com/assets/ 0
0

GET CoinbaseText-Medium.d164398f71705e41d035e25101303347.woff2
assets.coinbase.com/assets/ 0
0

GET CoinbaseDisplay-Regular.62bf1b795c1ad225811afd9715abdc90.woff2
assets.coinbase.com/assets/ 0
0

GET CoinbaseDisplay-Medium.88e532b2f6f58aac7f1dbbd3b4731e92.woff2
assets.coinbase.com/assets/ 0
0

GET
H2 200 version-0.30.9-no-fonts.css
www.coinbase.com/assets/sw-cache/web/ 65 KB
12 KB 78ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:9159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coinbase.com/assets/sw-cache/web/version-0.30.9-no-fonts.css

Requested by

Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2191e7bddf9bed16e4d4b5061badef427a60c214885ff8455b024064d46a7062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:04:37 GMT
via: 1.1 1bd7d779bed244375679d82e1821cc3d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-P2
age: 4516
cf-polished: origSize=67241
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 25 Nov 2021 00:37:16 GMT
server: cloudflare
etag: W/"d14e5e4958eda4fbde45a4d550860b90"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=7200
cf-ray: 7640da894ee39a1b-FRA
x-amz-cf-id: xjH1LKf-hV-wlsiop-yMQo0hQbUt-gc72yLdokLNP0Dy1UIdZ45hNw==
expires: Thu, 03 Nov 2022 02:04:37 GMT

GET
H2 200 Consumer_Wordmark.svg
images.ctfassets.net/q5ulk4bp65r7/3TBS4oVkD1ghowTqVQJlqj/2dfd4ea3b623a7c0d8deb2ff445dee9e/ 4 KB
2 KB 96ms
17ms Image
image/svg+xml 2600:9000:214f:4000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/q5ulk4bp65r7/3TBS4oVkD1ghowTqVQJlqj/2dfd4ea3b623a7c0d8deb2ff445dee9e/Consumer_Wordmark.svg
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 03:46:56 GMT
content-encoding: gzip
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified: Fri, 26 Mar 2021 14:21:17 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 73063
etag: W/"78b2915b21e673b15957e22970b36c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: KxYVEzhxQIsJ7XEZ-1yka1xi8uUIBiOd81x9LGPF7liL2ubOq3QICw==

GET
H2 200 asset-logo.svg
static-assets.coinbase.com/earn/campaigns/stellar/ 2 KB
1 KB 150ms
118ms Image
image/svg+xml 2606:4700:4400::ac40:9159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-assets.coinbase.com/earn/campaigns/stellar/asset-logo.svg

Requested by

Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906be79c67910dba20ef537da7350da17bbda512aaf734a896f8208122bc4fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:04:39 GMT
via: 1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
last-modified: Thu, 22 Sep 2022 16:48:31 GMT
server: cloudflare
etag: W/"93ee7541c6cf0a34902a4255d9f4a43b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7640da901ee19a1b-FRA
x-amz-cf-id: HRZNmz6fnUHga5LRm51Rk8pCh6WlAzys1In38uTv2xrbln8H30QlBA==
expires: Fri, 04 Nov 2022 00:04:39 GMT

GET
H/1.1 200
OK init.js Show response
coinbasesfo.xyz/ 530 B
774 B 166ms
165ms Script
application/javascript 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/init.js
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: 90f8204b9f832e15d7825b691c9c44b2f5ed165f46ee62137a3d7dd3e76623ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 00:04:38 GMT
Last-Modified: Sun, 28 Nov 2021 11:00:30 GMT
Server: nginx
ETag: "61a3614e-212"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 530

GET
H2 200 portfolio.352f1ebd5622fb93068757ca3a33b88b.svg
assets.coinbase.com/assets/ 61 KB
17 KB 28ms
27ms Image
image/svg+xml 2606:4700:4400::ac40:9159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.coinbase.com/assets/portfolio.352f1ebd5622fb93068757ca3a33b88b.svg

Requested by

Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e733ce852edc081eb56f3b3ae93d29785af041d46bbfbead6e7daf8f380ba28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:04:40 GMT
content-encoding: gzip
via: 1.1 d13d8a0a456d6aa0acf023a1e3acb2bf.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR52-C1
age: 24428416
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Fri, 21 May 2021 23:51:56 GMT
server: cloudflare
etag: W/"352f1ebd5622fb93068757ca3a33b88b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31556926
cf-ray: 7640da997a7c9a1b-FRA
x-amz-cf-id: PRNDz6jMAycqeOMuT9MNDZI6KjCLpnkAay0drK0yiT0llQtikU0gaA==
expires: Fri, 03 Nov 2023 05:53:26 GMT

GET
H/1.1 200
OK query.js Show response
coinbasesfo.xyz/ct/ 12 KB
3 KB 171ms
170ms Script
text/javascript 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/ct/query.js
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/init.js
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: 77ebbcdc090eea883b0309d64e5569f817fb832436f7f97f620feb7866ef2f04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 00:04:40 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin,x-requested-with,content-type,Accept
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK main-lroriVcVdxErME8gnOd08fi18vOs3uykhq3BbeEjYZk=.js Show response
coinbasesfo.xyz/ct/ 10 KB
3 KB 172ms
172ms Script
text/javascript 156.229.129.157
GROUP-IID-01

General

Check archive.org

Show headers Download Go to

Full URL: http://coinbasesfo.xyz/ct/main-lroriVcVdxErME8gnOd08fi18vOs3uykhq3BbeEjYZk=.js
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/init.js
Protocol: HTTP/1.1
Server: 156.229.129.157 , United States, ASN398968 (GROUP-IID-01, US),
Reverse DNS
Software: nginx /
Resource Hash: 058c99e6e95f4dcd91904c42bd1e55a4e0ff9e138099882c8491515192f35ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 00:04:40 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin,x-requested-with,content-type,Accept
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Consumer_Wordmark.svg
images.ctfassets.net/q5ulk4bp65r7/3TBS4oVkD1ghowTqVQJlqj/2dfd4ea3b623a7c0d8deb2ff445dee9e/ 4 KB
2 KB 17ms
17ms Image
image/svg+xml 2600:9000:214f:4000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/q5ulk4bp65r7/3TBS4oVkD1ghowTqVQJlqj/2dfd4ea3b623a7c0d8deb2ff445dee9e/Consumer_Wordmark.svg
Requested by: Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/static/common/js/vue/vue.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 03:46:56 GMT
content-encoding: gzip
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified: Fri, 26 Mar 2021 14:21:17 GMT
server: Contentful Images API
x-amz-cf-pop: FRA53-C1
age: 73065
etag: W/"78b2915b21e673b15957e22970b36c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: SORa9S76gTcUg-3pra9rKbjmeEsE6osBNF5716u4llyYZMUtCWVZkQ==

GET
H2 200 portfolio.352f1ebd5622fb93068757ca3a33b88b.svg
assets.coinbase.com/assets/ 61 KB
17 KB 26ms
25ms Image
image/svg+xml 2606:4700:4400::ac40:9159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.coinbase.com/assets/portfolio.352f1ebd5622fb93068757ca3a33b88b.svg

Requested by

Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/static/common/js/vue/vue.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e733ce852edc081eb56f3b3ae93d29785af041d46bbfbead6e7daf8f380ba28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:04:40 GMT
content-encoding: gzip
via: 1.1 d13d8a0a456d6aa0acf023a1e3acb2bf.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR52-C1
age: 24428416
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Fri, 21 May 2021 23:51:56 GMT
server: cloudflare
etag: W/"352f1ebd5622fb93068757ca3a33b88b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31556926
cf-ray: 7640da9c0d989a1b-FRA
x-amz-cf-id: PRNDz6jMAycqeOMuT9MNDZI6KjCLpnkAay0drK0yiT0llQtikU0gaA==
expires: Fri, 03 Nov 2023 05:53:26 GMT

GET
H2 200 asset-logo.svg
static-assets.coinbase.com/earn/campaigns/stellar/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2606:4700:4400::ac40:9159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-assets.coinbase.com/earn/campaigns/stellar/asset-logo.svg

Requested by

Host: coinbasesfo.xyz
URL: http://coinbasesfo.xyz/static/common/js/vue/vue.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906be79c67910dba20ef537da7350da17bbda512aaf734a896f8208122bc4fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:04:40 GMT
via: 1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P1
age: 1
x-cache: Miss from cloudfront
last-modified: Thu, 22 Sep 2022 16:48:31 GMT
server: cloudflare
etag: W/"93ee7541c6cf0a34902a4255d9f4a43b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7640da9c0d999a1b-FRA
x-amz-cf-id: HRZNmz6fnUHga5LRm51Rk8pCh6WlAzys1In38uTv2xrbln8H30QlBA==
expires: Fri, 04 Nov 2022 00:04:40 GMT

GET
H2 200 coinbase-app-mobile.ce6b3771820067349ca07f6debc35f2d.webp
assets.coinbase.com/assets/ 32 KB
33 KB 31ms
31ms Image
image/webp 2606:4700:4400::ac40:9159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.coinbase.com/assets/coinbase-app-mobile.ce6b3771820067349ca07f6debc35f2d.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

585af0e032aca02ae35cbc54f06aa3636f8f1a1e4db3574e32314b7a4a35b1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://coinbasesfo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 00:04:41 GMT
via: 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR50-C1
age: 24336453
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 33112
last-modified: Tue, 25 May 2021 14:45:45 GMT
server: cloudflare
etag: "ce6b3771820067349ca07f6debc35f2d"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7640da9c5ddc9a1b-FRA
x-amz-cf-id: EdUI9jEx2VzSRwStUVIuOcqKF_c2-OwNFxtyOaL0j0MXEzW9ad1sXg==
expires: Fri, 03 Nov 2023 05:53:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseIcons-1634070361328.098c80fd24215db84d793155c5829823.woff2

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseSans-Regular.c9a6e887656f7b1014db3f1a07247ee2.woff2

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseSans-Medium.b54c6aeed882bdf66df4e5fac9c2340e.woff2

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseText-Regular.d65a3b1d9255924adbeeabac46787723.woff2

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseText-Medium.d164398f71705e41d035e25101303347.woff2

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseDisplay-Regular.62bf1b795c1ad225811afd9715abdc90.woff2

Domain: assets.coinbase.com
URL: https://assets.coinbase.com/assets/CoinbaseDisplay-Medium.88e532b2f6f58aac7f1dbbd3b4731e92.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			coinbasesfo.xyz/	1969-12-31 23:59:59	Name: s61f0ab9e Value: rlfch503vo7tanavdafvdr4t28
			.coinbase.com/	1970-01-20 07:10:35	Name: __cf_bm Value: 0j2QSfPZQV8nhrUVTUNxcgii6B6LIatmQz9BY8Po_DY-1667433877-0-AYimLAKVuual6YhHdIhSCDTvglkvxtXCVvDj4wuFpwtgvqXMVUZnR2zJBOBDluuN+wGpFZm9l/7lGH9Cu9d0iO4=

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseSans-Medium.b54c6aeed882bdf66df4e5fac9c2340e.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseSans-Medium.b54c6aeed882bdf66df4e5fac9c2340e.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseText-Medium.d164398f71705e41d035e25101303347.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseText-Medium.d164398f71705e41d035e25101303347.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseDisplay-Regular.62bf1b795c1ad225811afd9715abdc90.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseDisplay-Regular.62bf1b795c1ad225811afd9715abdc90.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseText-Regular.d65a3b1d9255924adbeeabac46787723.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseText-Regular.d65a3b1d9255924adbeeabac46787723.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseDisplay-Medium.88e532b2f6f58aac7f1dbbd3b4731e92.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseDisplay-Medium.88e532b2f6f58aac7f1dbbd3b4731e92.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseSans-Regular.c9a6e887656f7b1014db3f1a07247ee2.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseSans-Regular.c9a6e887656f7b1014db3f1a07247ee2.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://coinbasesfo.xyz/ Message: Access to font at 'https://assets.coinbase.com/assets/CoinbaseIcons-1634070361328.098c80fd24215db84d793155c5829823.woff2' from origin 'http://coinbasesfo.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.coinbase.com/assets/CoinbaseIcons-1634070361328.098c80fd24215db84d793155c5829823.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.coinbase.com
cdn.bootcdn.net
coinbasesfo.xyz
images.ctfassets.net
static-assets.coinbase.com
www.coinbase.com
assets.coinbase.com
120.52.95.234
156.229.129.157
2600:9000:214f:4000:12:94b3:c380:93a1
2606:4700:4400::ac40:9159
03f2a27c6e38c3e8e38b294c2d0c3536b989ff6285388172542b4bedf10291d5
058c99e6e95f4dcd91904c42bd1e55a4e0ff9e138099882c8491515192f35ab0
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
2191e7bddf9bed16e4d4b5061badef427a60c214885ff8455b024064d46a7062
3e733ce852edc081eb56f3b3ae93d29785af041d46bbfbead6e7daf8f380ba28
585af0e032aca02ae35cbc54f06aa3636f8f1a1e4db3574e32314b7a4a35b1a3
64907943ad200eba70a44fb13c6201041d3dcaf18a8ee764763a8c93a2b480e1
77ebbcdc090eea883b0309d64e5569f817fb832436f7f97f620feb7866ef2f04
7a4f9e751289152f9a146cc931d5698a5faf1fd46521ad445c7e740e7ebbf16e
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
906be79c67910dba20ef537da7350da17bbda512aaf734a896f8208122bc4fab
90f8204b9f832e15d7825b691c9c44b2f5ed165f46ee62137a3d7dd3e76623ae
e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d

coinbasesfo.xyz Open in urlscan Pro 156.229.129.157 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

39 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

329 kBTransfer

996 kBSize

2 Cookies

29 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

2 Cookies

14 Console Messages

Indicators

coinbasesfo.xyz Open in urlscan Pro
156.229.129.157 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

39 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

329 kB
Transfer

996 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!