coinbase-wallte.beauty
Open in
urlscan Pro
103.212.231.131
Malicious Activity!
Public Scan
Effective URL: https://coinbase-wallte.beauty/l?zep8=
Submission: On March 02 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 1st 2022. Valid for: 3 months.
This is the only time coinbase-wallte.beauty was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Coinbase (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 103.212.231.131 103.212.231.131 | 135357 (SKHT-AS S...) (SKHT-AS Shenzhen Katherine Heng Technology Information Co.) | |
3 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 3 |
ASN135357 (SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN)
coinbase-wallte.beauty |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
coinbase-wallte.beauty
1 redirects
coinbase-wallte.beauty |
528 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401 |
156 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
20 | coinbase-wallte.beauty |
1 redirects
coinbase-wallte.beauty
|
3 | cdn.jsdelivr.net |
coinbase-wallte.beauty
|
23 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
zbwo.me R3 |
2022-03-01 - 2022-05-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://coinbase-wallte.beauty/l?zep8=
Frame ID: 936FD25C277FC6FFD66C0740ECE8FD84
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Sign In - CoinbasePage URL History Show full URLs
-
http://coinbase-wallte.beauty/l?zep8=
HTTP 301
https://coinbase-wallte.beauty/l?zep8= Page URL
Detected technologies
Stimulus (JavaScript frameworks) ExpandDetected patterns
- <[^>]+data-controller
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://coinbase-wallte.beauty/l?zep8=
HTTP 301
https://coinbase-wallte.beauty/l?zep8= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
l
coinbase-wallte.beauty/ Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
coinbase-wallte.beauty/static/static/ |
141 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
coinbase-wallte.beauty/static/static/ |
92 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
coinbase-wallte.beauty/static/element/ |
236 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
coinbase-wallte.beauty/static/element/ |
577 KB 173 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.7.2.min.js
coinbase-wallte.beauty/static/js/ |
93 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
cdn.jsdelivr.net/npm/vant@2.12/lib/ |
140 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6/dist/ |
92 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vant.min.js
cdn.jsdelivr.net/npm/vant@2.12/lib/ |
272 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core-b4a7722c6a0233fd75c1147bf95808510097e7d7ff2d11d50b2e38fe6cc86762.css
coinbase-wallte.beauty/static/hmtl/a_files/ |
331 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-741d571e2950345fa9a4f546150420840996fc7784da16cf7c0e42cfff07dba8.css
coinbase-wallte.beauty/static/hmtl/a_files/ |
303 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cds.e74475494fa974e0df0e.css
coinbase-wallte.beauty/static/hmtl/a_files/ |
82 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.png
coinbase-wallte.beauty/static/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-visible-active-402d81fd99fe281230bdf39a8bf63c1d3012f790fb521b1c1f0624296eac4be7.svg
coinbase-wallte.beauty/assets/app/ |
23 KB 23 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-2fa-e8fa1c5e677cee3466e254f03173f0555cd4deb7bf30b8a785dde52bda5f3eef.png
coinbase-wallte.beauty/assets/app/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web-aeabadfcbec89b7a55d9a65893d93f275b406984811f8236b60bc9d9a7653360.woff2
coinbase-wallte.beauty/assets/graphik/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Medium-Web-da9a70ddd8603cbd79019518639c58f289f6ce194204496523c1dab3e9e47d6a.woff2
coinbase-wallte.beauty/assets/graphik/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web-7dfd8a5140355bdddf118fb75ad563f47fd8d4fd85d4f185c8bd894cf821069b.woff
coinbase-wallte.beauty/assets/graphik/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Medium-Web-bc831fc7bcbd2eb22321535637f67f6068dc64124e9ac5733f868ed697e4ad66.woff
coinbase-wallte.beauty/assets/graphik/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
update_data.html
coinbase-wallte.beauty/index/index/ |
165 B 575 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
update_data.html
coinbase-wallte.beauty/index/index/ |
157 B 567 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
update_data.html
coinbase-wallte.beauty/index/index/ |
157 B 567 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
update_data.html
coinbase-wallte.beauty/index/index/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- coinbase-wallte.beauty
- URL
- https://coinbase-wallte.beauty/index/index/update_data.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Coinbase (Crypto Exchange)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| Vue object| __core-js_shared__ object| ELEMENT function| $ function| jQuery object| vant1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
coinbase-wallte.beauty/ | Name: sebd138ab Value: 8n7es39fm0ftaod6aqs3vnjout |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
coinbase-wallte.beauty
coinbase-wallte.beauty
103.212.231.131
2606:4700::6810:5914
03f2a27c6e38c3e8e38b294c2d0c3536b989ff6285388172542b4bedf10291d5
13272542d049f911547eb5e20f1ccf4a4ab689fc2a1631865ebafe41e2012958
3a1509a2b5bbf0e314026cceaa7ae41a16f78960dee7a18a18f110a9514f8b4e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4e685208d134a61fdf4e8fa18b054f5ca2b522813f9bf591db4ac4b42ef16598
8860186a3a40235dab977c7c4a566e68c8051c56cb6d02bab3bd2781e638796a
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433
9038bf8a466556b6a79ad30473c5882772944b4d1283a2e2b0e97a0b934b16c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
a666bd5eb1c2b4dfec530a665ea4bdff6a5bf4fa71b5cc4684722797360c8297
b0c0eb78c5a2dfac1c103a69d82eace816e809754d6061392af5a95288dce2cb
bc09e54472585388c0ef0b58e5818a448f03b5671df4120da425cd6cac70fb79
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d8e6053af0f4d6db185949afb138114547cbf1dbadbff73c247964d7cbcf4c7e
dd1eef8ea6ef781820850d30a94dd81dd0cefbf1d45e4833f7ce6a2522ea70f8
dd936ca0cd3ef4389534282f2d4c1d92749e18da4f0354686e90bc6e721ec164
e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d