urlscan.io logo urlscan.io
SecurityTrails logo

cbrewards.online Open in urlscan Pro
31.31.196.192  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://coinbaserewards.online/
Effective URL: https://cbrewards.online/
Submission: On September 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 20 HTTP transactions. The main IP is 31.31.196.192, located in Russian Federation and belongs to AS-REG, RU. The main domain is cbrewards.online.
TLS certificate: Issued by R3 on September 17th 2023. Valid for: 3 months.
This is the only time cbrewards.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 2 31.31.196.101 197695 (AS-REG)
8 31.31.196.192 197695 (AS-REG)
1 18.244.28.109 16509 (AMAZON-02)
4 13.107.21.200 8068 (MICROSOFT...)
1 108.138.36.8 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 104.18.26.46 ()
20 10
2    31.31.196.101 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: server138.hosting.reg.ru
coinbaserewards.online
8    31.31.196.192 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: server190.hosting.reg.ru
cbrewards.online
1    18.244.28.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-28-109.cdg52.r.cloudfront.net
images.ctfassets.net
4    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    108.138.36.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-8.muc50.r.cloudfront.net
cdn.ethers.io
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
api-testing.online
2    104.18.26.46 (None, )

ASN- ()
explorer-api.walletconnect.com
Apex Domain
Subdomains		 Transfer
8 cbrewards.online
cbrewards.online
10 MB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 421
1 KB
2 walletconnect.com
explorer-api.walletconnect.com
10 KB
2 coinbaserewards.online
coinbaserewards.online
326 B
1 api-testing.online
api-testing.online
267 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 248
14 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
92 KB
1 ethers.io
cdn.ethers.io — Cisco Umbrella Rank: 730034
184 KB
1 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3899
2 KB
20 9
Domain Requested by
8 cbrewards.online cbrewards.online
4 bat.bing.com cbrewards.online
2 explorer-api.walletconnect.com api-testing.online
2 coinbaserewards.online 1 redirects
1 api-testing.online cbrewards.online
1 cdnjs.cloudflare.com cbrewards.online
1 cdn.jsdelivr.net cbrewards.online
1 cdn.ethers.io cbrewards.online
1 images.ctfassets.net cbrewards.online
20 9
Subject Issuer Validity Valid
coinbaserewards.online
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
cbrewards.online
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-16		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
ethers.io
Amazon RSA 2048 M02		 2023-02-21 -
2023-11-28		 9 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
api-testing.online
GTS CA 1P5		 2023-09-10 -
2023-12-09		 3 months crt.sh
walletconnect.com
GTS CA 1P5		 2023-09-03 -
2023-12-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cbrewards.online/
Frame ID: B94E9CFC78949D9385767F7A6A64C12E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coinbase Wallet | Claim Rewards

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

10
IPs

4
Countries

10827 kB
Transfer

13492 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://coinbaserewards.online/ HTTP 301
  • https://coinbaserewards.online/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
coinbaserewards.online/
Redirect Chain
  • http://coinbaserewards.online/
  • https://coinbaserewards.online/
0
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://coinbaserewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.101 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server138.hosting.reg.ru
Software
nginx / PHP/8.0.17
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 17:47:29 GMT
refresh
0; URL=https://cbrewards.online/
server
nginx
x-powered-by
PHP/8.0.17

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 17 Sep 2023 17:47:28 GMT
Location
https://coinbaserewards.online:443/
Server
nginx
Transfer-Encoding
chunked
Primary Request /
cbrewards.online/ 		250 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
af282d0b8f886353fe11ae479b1dd29183ab9d93e7784fdde3e017d79ab18fc5

Request headers

Referer
https://coinbaserewards.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 17 Sep 2023 17:47:30 GMT
server
nginx
vary
Accept-Encoding
04385265cb71a9e1.woff2
cbrewards.online/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/fonts/04385265cb71a9e1.woff2
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
26a245975bdd554dcce87dd9f6f426819c2af25d36c4973af2edc0b7f8ab8d00

Request headers

Referer
https://cbrewards.online/
Origin
https://cbrewards.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
last-modified
Thu, 07 Sep 2023 23:52:28 GMT
server
nginx
accept-ranges
bytes
etag
"167f8-604cd8d700700"
content-length
92152
build.js
cbrewards.online/ 		1 MB
556 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/build.js
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
42ffd3cc78f24677acd9645a1636a72b95c9ebb980db05e74f814828f6359cfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
content-encoding
gzip
last-modified
Sun, 17 Sep 2023 16:42:37 GMT
server
nginx
etag
W/"65072c7d-16ba14"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
expires
Wed, 01 Nov 2023 17:47:30 GMT
Consumer_Wordmark.svg
images.ctfassets.net/q5ulk4bp65r7/3TBS4oVkD1ghowTqVQJlqj/2dfd4ea3b623a7c0d8deb2ff445dee9e/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/q5ulk4bp65r7/3TBS4oVkD1ghowTqVQJlqj/2dfd4ea3b623a7c0d8deb2ff445dee9e/Consumer_Wordmark.svg
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.28.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-28-109.cdg52.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 02:15:48 GMT
content-encoding
gzip
via
1.1 e18d0ef7b0c2f6ba6a8588eb87b7dee6.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 14:21:17 GMT
server
Contentful Images API
x-amz-cf-pop
CDG52-P5
age
55903
etag
W/"78b2915b21e673b15957e22970b36c40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
k-tmy6svivh9_t0E85zHa-B_RJLs8UdbGXH4X1O_EsAlUrUyPbQbUQ==
1.gif
cbrewards.online/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbrewards.online/1.gif
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
ff66f2b7e0101c1649bf59d56da288b2118036cc8f914dad1a9cd9b46581bbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
last-modified
Sun, 10 Sep 2023 07:20:22 GMT
server
nginx
etag
"64fd6e36-92fc64"
content-type
image/gif
cache-control
max-age=3888000
accept-ranges
bytes
content-length
9632868
expires
Wed, 01 Nov 2023 17:47:30 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=157095205&Ver=2&mid=203e95d0-a14a-4066-ac50-1c8300fabf9c&sid=6553dfd04dd511ee9140830129a88984&vid=655407704dd511ee84bbe9d653744f1e&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=Coinbase%20Wallet%20quests&p=https%3A%2F%2Fwww.coinbase.com%2Fwallet%2Fquests&r=https%3A%2F%2Fwww.coinbase.com%2Fwallet%2Flearn-web3&lt=885&evt=pageLoad&sv=1&rn=496314
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 17 Sep 2023 17:47:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4E42A51B936840939DC6017F376DCA49 Ref B: FRAEDGE1122 Ref C: 2023-09-17T17:47:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=157095205&Ver=2&mid=203e95d0-a14a-4066-ac50-1c8300fabf9c&sid=6553dfd04dd511ee9140830129a88984&vid=655407704dd511ee84bbe9d653744f1e&vids=0&msclkid=N&ea=track&el=depth%20scrolled&el2=depth%20scrolled&p=https%3A%2F%2Fwww.coinbase.com%2Fwallet%2Fquests&sw=1920&sh=1080&sc=24&evt=custom&rn=623444
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 17 Sep 2023 17:47:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4BA9CD6FE2EB47BCAE75E52E8A908103 Ref B: FRAEDGE1122 Ref C: 2023-09-17T17:47:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=157095205&Ver=2&mid=203e95d0-a14a-4066-ac50-1c8300fabf9c&sid=6553dfd04dd511ee9140830129a88984&vid=655407704dd511ee84bbe9d653744f1e&vids=0&msclkid=N&ea=track&el=depth%20scrolled&el2=depth%20scrolled&p=https%3A%2F%2Fwww.coinbase.com%2Fwallet%2Fquests&sw=1920&sh=1080&sc=24&evt=custom&rn=546664
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 17 Sep 2023 17:47:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E67E3A43B0C64C7E8AFFB98E706B4227 Ref B: FRAEDGE1122 Ref C: 2023-09-17T17:47:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=157095205&Ver=2&mid=203e95d0-a14a-4066-ac50-1c8300fabf9c&sid=6553dfd04dd511ee9140830129a88984&vid=655407704dd511ee84bbe9d653744f1e&vids=0&msclkid=N&ea=track&el=depth%20scrolled&el2=depth%20scrolled&p=https%3A%2F%2Fwww.coinbase.com%2Fwallet%2Fquests&sw=1920&sh=1080&sc=24&evt=custom&rn=714803
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 17 Sep 2023 17:47:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6653F3EB5F3F4EBFB3E9882F8FAC0F63 Ref B: FRAEDGE1122 Ref C: 2023-09-17T17:47:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1afb81123baff3ee.woff2
cbrewards.online/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/fonts/1afb81123baff3ee.woff2
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
5db56ddf9ab991fc7a3a5b188b6b0c92331213ec4991b71d9821c36dcbcdb687

Request headers

Referer
https://cbrewards.online/
Origin
https://cbrewards.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
last-modified
Thu, 07 Sep 2023 23:52:38 GMT
server
nginx
accept-ranges
bytes
etag
"9e20-604cd8e089d80"
content-length
40480
05d2153dba2045ba.woff2
cbrewards.online/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/fonts/05d2153dba2045ba.woff2
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
81368223143520415fe7fbdc3792d2d52ad7e422d8b214661ff932afe577b779

Request headers

Referer
https://cbrewards.online/
Origin
https://cbrewards.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
last-modified
Thu, 07 Sep 2023 23:52:45 GMT
server
nginx
accept-ranges
bytes
etag
"9c50-604cd8e736d40"
content-length
40016
ad7693bb415d25ef.woff2
cbrewards.online/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/fonts/ad7693bb415d25ef.woff2
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
881387e5619f45f03a99e2fa88a752237343c0bef2414425c3219031653ce45f

Request headers

Referer
https://cbrewards.online/
Origin
https://cbrewards.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
last-modified
Thu, 07 Sep 2023 23:52:51 GMT
server
nginx
accept-ranges
bytes
etag
"9eb8-604cd8ecefac0"
content-length
40632
ec8b63007fcc272a.woff2
cbrewards.online/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cbrewards.online/fonts/ec8b63007fcc272a.woff2
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.196.192 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server190.hosting.reg.ru
Software
nginx /
Resource Hash
a1f75e7f702059493bb74cfcb3178d095b3f6da4d313e92b3ceabc3e63eb914c

Request headers

Referer
https://cbrewards.online/
Origin
https://cbrewards.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:30 GMT
last-modified
Thu, 07 Sep 2023 23:53:02 GMT
server
nginx
accept-ranges
bytes
etag
"9c8c-604cd8f76d380"
content-length
40076
ethers-5.7.2.umd.min.js
cdn.ethers.io/lib/ 		742 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ethers.io/lib/ethers-5.7.2.umd.min.js
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
CRme2vRtgXMVduQBUTei370SCF79EXRr
content-encoding
gzip
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
date
Sat, 16 Sep 2023 23:46:15 GMT
last-modified
Wed, 19 Oct 2022 22:59:32 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
64877
x-amz-server-side-encryption
AES256
etag
W/"71f8c498e792c6179d4e2840228f777a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
u_iBLHu7HAAu4FhBnKq2d4boFv2queq4DLgkHv2GUgjo8ccxScmUGg==
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ 		315 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16292
x-jsd-version
master
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4561-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17w1rqY4FqgXRutB%2Fr9vQxdAZ7ccvdYWs1e079USyvY2fKp8QfA2LBQY8R4mgW3WPLWlB8vO0nkELorDNC6101AxfqvN0K%2FYSQ5HnAwVIiWB6Ex5lfO7bdYw3dQq9%2FyYRy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80832cc0ca3e5b3e-FRA
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
857134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14107
last-modified
Thu, 22 Jun 2023 10:57:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942935-371b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5JLG6F822A5ZITIZ1tnQirIN8iLnUcUr8EgFX7Lfv5P%2BPp5jf7EUfhtCdToKMls8Coxl%2FJuD5gfpaJLfMgd2kOZbi%2BC0UJUIWRTFOHt0IcKmDSXkjbzhv37NFucZYBiSvN8cHEN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80832cc0cc121c07-FRA
expires
Fri, 06 Sep 2024 17:47:31 GMT
walletconnect2.js
api-testing.online/cdn/ 		973 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-testing.online/cdn/walletconnect2.js
Requested by
Host: cbrewards.online
URL: https://cbrewards.online/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c44d64e7b49dba35462945f344d60a635367082f7f15771cf3d5466b30d0535a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:32 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Aug 2023 15:13:02 GMT
server
cloudflare
etag
W/"f3346-189e5287ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOBWGFd9HwYJIaPjRE7gVpgSY4QVI%2BWOGvS4zz8st3%2BSxcbTGY691T5WwWcsFL2LsiTOHVRazd6Y2u12d8Mulf6Zn1cwyFS%2BafNKoY3nvDR7egXbo%2FAy8FfibbPfEEcIbX13pfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
80832cc11d0839df-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Auth
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4d2e371255a9a44f01c17653279003919c7cff48d88498d127e86fd388c369a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0654edd1d19c07f02a35fb636a686223e38c8e6149bc1848734ffbab742b08f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		903 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17546fc7e8ece1e5fd582fad3f8381069ecb92d019abcd547ea2751e1e7794a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		538 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74b55347075cbbb2a0292cca0f94459d531afd23586ecfd2fcc670236c590439

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
getDesktopListings
explorer-api.walletconnect.com/w3m/v1/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=9f38259dd9795ef53b0a37dd3f6f76aa&page=1&entries=9&version=2
Requested by
Host: api-testing.online
URL: https://api-testing.online/cdn/walletconnect2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.46 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc61517854f7738660294353cdf340a394ba5f07e402a527158ba1929d93f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:34 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=21600, s-maxage=7200
x-robots-tag
noindex
cf-ray
80832cd0c9283aa0-FRA
getInjectedListings
explorer-api.walletconnect.com/w3m/v1/ 		36 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=9f38259dd9795ef53b0a37dd3f6f76aa
Requested by
Host: api-testing.online
URL: https://api-testing.online/cdn/walletconnect2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.46 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbrewards.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 17:47:34 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=21600, s-maxage=7200
x-robots-tag
noindex
cf-ray
80832cd0c92a3aa0-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x3d02 function| _0x15d39b function| _0x354871 function| _0x3f0b function| _0x4e6f69 function| _0x515b76 function| _0x510d3c function| _0x4c6b4d function| _0x532e87 function| _0x49c080 function| _0x1608b6 function| _0x34d29f function| _0x42c4ff function| _0x32ebf6 function| _0xddfd30 function| _0x157b9f function| _0x3f46ee function| _0x4d3777 function| _0x572b2f function| _0x395e7c function| _0x1d4188 function| _0x416bdc function| _0x535068 function| _0x192066 function| _0x2cafd5 function| _0x2b15e7 function| _0xe51e3a function| _0x17abe0 function| _0x31231a function| _0xc7a2ae function| _0x150a38 function| _0x408831 function| _0x25e544 function| _0x4d3b0e function| _0x383a9d function| _0x364725 function| _0x32c247 function| _0x32db94 function| elite function| _0x32729d object| _ethers object| ethers object| CryptoJS object| ethereumjs function| Buffer object| global object| process function| EthereumClient function| w3mConnectors function| w3mProvider function| Web3Modal function| configureChains function| createConfig object| wagmiChains object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

1 Cookies

Domain/Path Name / Value
.bing.com/ Name: MUID
Value: 3F106EDE6FF469D33B4A7D516E9F6874

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-testing.online
bat.bing.com
cbrewards.online
cdn.ethers.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
coinbaserewards.online
explorer-api.walletconnect.com
images.ctfassets.net
104.16.89.20
104.17.25.14
104.18.26.46
108.138.36.8
13.107.21.200
18.244.28.109
188.114.97.3
31.31.196.101
31.31.196.192
0654edd1d19c07f02a35fb636a686223e38c8e6149bc1848734ffbab742b08f3
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
17546fc7e8ece1e5fd582fad3f8381069ecb92d019abcd547ea2751e1e7794a8
26a245975bdd554dcce87dd9f6f426819c2af25d36c4973af2edc0b7f8ab8d00
42ffd3cc78f24677acd9645a1636a72b95c9ebb980db05e74f814828f6359cfc
4dc61517854f7738660294353cdf340a394ba5f07e402a527158ba1929d93f1b
5db56ddf9ab991fc7a3a5b188b6b0c92331213ec4991b71d9821c36dcbcdb687
74b55347075cbbb2a0292cca0f94459d531afd23586ecfd2fcc670236c590439
81368223143520415fe7fbdc3792d2d52ad7e422d8b214661ff932afe577b779
881387e5619f45f03a99e2fa88a752237343c0bef2414425c3219031653ce45f
a1f75e7f702059493bb74cfcb3178d095b3f6da4d313e92b3ceabc3e63eb914c
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73
af282d0b8f886353fe11ae479b1dd29183ab9d93e7784fdde3e017d79ab18fc5
c44d64e7b49dba35462945f344d60a635367082f7f15771cf3d5466b30d0535a
d4d2e371255a9a44f01c17653279003919c7cff48d88498d127e86fd388c369a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
ff66f2b7e0101c1649bf59d56da288b2118036cc8f914dad1a9cd9b46581bbd7