Report - jeffs.top/

Report Overview

Submitted URL
jeffs.top/
IP
45.15.156.25
ASN
#211409 Shelter LLC
Submitted
2024-04-16 18:13:52
Access
public
Website Title
Coinbase – Buy & Sell Bitcoin, Ethereum, and more with trust
Final URL
jeffs.top/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
160

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-16	1.3 kB	123 kB	151.101.129.229
unpkg.com	11693	2016-01-06	2016-01-08	2024-04-16	1.4 kB	265 kB	104.17.245.203
cdndelivery.pages.dev	unknown	2020-09-02	2024-01-11	2024-03-10	428 B	760 kB	172.66.44.173
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-16	512 B	1.2 kB	35.244.181.201
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	550 B	26 kB	142.250.74.106
jeffs.top	unknown	unknown	No data	No data	17 kB	279 kB	45.15.156.25
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-16	840 B	288 kB	104.17.25.14
images.ctfassets.net	4623	2017-03-28	2017-09-20	2024-04-14	497 B	31 kB	143.204.55.77
assets.coinbase.com	45240	2011-07-02	2017-04-25	2024-03-22	875 B	15 kB	172.64.152.241

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase
2024-04-16	medium	jeffs.top/	Coinbase

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed
2024-04-16	medium	jeffs.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js	638 kB	2023-07-13	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 05:39:36 Last Seen2024-04-29 06:36:13 Times Seen409 Hash 1932881debf364cfed402e1d0c7a54e3 e53d84ee93cb7c4eae82bdce939e80307b2cb1b1 e95c1fc6aaa308b9bbfc7ba359f34b57c65e4932440416441fe7c8864ccbdd84 Loading...

	unknown	1.5 kB	2023-06-07	2024-04-29
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-07 22:44:52 Last Seen2024-04-29 06:36:12 Times Seen230 Hash 1884ef3dcd9482d5f21c955b13eab060 bce91cb9cb511d0cd0a19f8f0fc5bfe03f3fbabf 938cde8b9179eff487eed4b7e1d743302676b96ee0286cc8c2e095160e147db6 Loading...

	jeffs.top/	3.3 kB	2024-04-16	2024-04-16
Pretty URL jeffs.top/ IP 45.15.156.25 ASN #211409 Shelter LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 20:14:00 Last Seen2024-04-16 20:14:00 Times Seen1 Hash dc6de57a4884a6f8cc448d3dfdc87885 916fec274d3eb21392c384bdd71e24299fad3006 89063cfede50d34466351da8da90fb5875d56aa6a6a53d889fe4ec72d8c307ed Loading...

	jeffs.top/encryption.js	84 kB	2023-10-15	2024-04-27
Pretty URL jeffs.top/encryption.js IP 45.15.156.25 ASN #211409 Shelter LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 16:15:19 Last Seen2024-04-27 09:43:40 Times Seen142 Hash 81e8c22ea207dece0624d6209db46cce cc6ab31cc685e11bfc69fda72ad6c295130cf2a7 0a9f0840be094f6fc48b6e8abff400e72e937aba6ceeb6eca4b60db4e8806fd7 Loading...

	unknown	34 B	2023-04-11	2024-04-29
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-04-29 21:55:17 Times Seen75622 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js	68 kB	2023-07-11	2024-04-29
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 17:54:11 Last Seen2024-04-29 06:36:13 Times Seen422 Hash 0aaaa3278d29d8b8d9b3795f60d3b836 519ef68609c1f595ee6a9cbb7660e4c8585a0d41 b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa Loading...

	cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js	323 kB	2023-03-07	2024-04-29
Pretty URL cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:06 Last Seen2024-04-29 07:36:17 Times Seen813 Hash ca1104de538caea2d54265fbe90916b4 d6c416e5d153f500f7ac66d25a2b73db45867ad4 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0 Loading...

	cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js	760 kB	2023-03-13	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:48:53 Last Seen2024-04-29 06:36:13 Times Seen915 Hash 71f8c498e792c6179d4e2840228f777a b651545587f6257345dc3de9ddaa444b10dedf3e a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73 Loading...

HTTP Transactions (54)

URL IP Response Size

jeffs.top/

45.15.156.25

200 OK

60 kB

URL User Request GET HTTP/1.1
jeffs.top/
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2989), with CRLF, LF line terminators
Size
60 kB (60208 bytes)
Hash
718ba4b59453b7ef417403c066c6f223
88188ae112e477c0c3e0abd72471e7c18f134306
419fb209a241e70ac40be03a145ed39d62248219bff83934173d524bee8927f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

jeffs.top/encryption.js

45.15.156.25

200 OK

84 kB

URL GET HTTP/1.1
jeffs.top/encryption.js
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (83670 bytes)
Hash
81e8c22ea207dece0624d6209db46cce
cc6ab31cc685e11bfc69fda72ad6c295130cf2a7
0a9f0840be094f6fc48b6e8abff400e72e937aba6ceeb6eca4b60db4e8806fd7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /encryption.js HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:27 GMT
Content-Type: application/javascript
Content-Length: 83670
Last-Modified: Tue, 09 Apr 2024 19:05:42 GMT
Connection: keep-alive
ETag: "66159186-146d6"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js

151.101.129.229

200 OK

97 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://jeffs.top/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (43040)
Size
97 kB (96826 bytes)
Hash
ca1104de538caea2d54265fbe90916b4
d6c416e5d153f500f7ac66d25a2b73db45867ad4
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

HTTP Headers

GET /gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 Apr 2024 18:13:27 GMT
age: 36506
x-served-by: cache-fra-etou8220137-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 96826
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css

151.101.129.229

200 OK

4.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://jeffs.top/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (23850)
Size
4.6 kB (4573 bytes)
Hash
d849077e8b4cc93dd5c925165f2cded4
496b8e753292cc78d4964d94eee5c250d53ca13a
ee3512f8c59eaa415d996f68ce467b98f6a0cfe42631bb0196df90dccb04f855

HTTP Headers

GET /npm/sweetalert2@11.7.16/dist/sweetalert2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.7.16
x-jsd-version-type: version
etag: W/"5d2b-SWuOdTKSzHjUlk2U7uXCUNU8oTo"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 Apr 2024 18:13:27 GMT
age: 1775087
x-served-by: cache-fra-eddf8230076-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4573
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js

151.101.129.229

200 OK

19 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://jeffs.top/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (43691)
Size
19 kB (19370 bytes)
Hash
0aaaa3278d29d8b8d9b3795f60d3b836
519ef68609c1f595ee6a9cbb7660e4c8585a0d41
b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa

HTTP Headers

GET /npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.16
x-jsd-version-type: version
etag: W/"10917-UZ72hgnB9ZXuapy7dmDkyFhaDUE"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 Apr 2024 18:13:27 GMT
age: 696427
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19370
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js

104.17.25.14

200 OK

139 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
139 kB (139139 bytes)
Hash
71f8c498e792c6179d4e2840228f777a
b651545587f6257345dc3de9ddaa444b10dedf3e
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73

HTTP Headers

GET /ajax/libs/ethers/5.7.2/ethers.umd.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeffs.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:13:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 139139
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6350cee7-21f83"
last-modified: Thu, 20 Oct 2022 04:30:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 85233
expires: Sun, 06 Apr 2025 18:13:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4sUhtlFiyU3xpX0sLbOz2Nxm4PdQCKT0f7qURZiqfbVyyfXp7DDMidHaA1G7UOuyt3I5bM7%2FFTSOLpmZ6Wh8Y%2BPCWAtPe%2BfPsEw30fwiNJFJKVdNndJK8YUydrHDyLMmvoTNF%2Fx9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87562642aa8b712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js

104.17.25.14

200 OK

147 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65470)
Size
147 kB (147285 bytes)
Hash
1932881debf364cfed402e1d0c7a54e3
e53d84ee93cb7c4eae82bdce939e80307b2cb1b1
e95c1fc6aaa308b9bbfc7ba359f34b57c65e4932440416441fe7c8864ccbdd84

HTTP Headers

GET /ajax/libs/web3/4.0.3/web3.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeffs.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:13:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 147285
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ad8554-23f55"
last-modified: Tue, 11 Jul 2023 16:37:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3532638
expires: Sun, 06 Apr 2025 18:13:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5BSeoCzjxNN3%2FN7fzhZlVuOXorbi6r%2B2zFFMLJ0W51sHbHNKYOcDIxXgF%2B9tLACWlo3PekcCMosiTenQHflQJpJ8MY7JQ4yt9CLF6vM6Enr3VgXyD4JK61VLjahQ5PhkpHqH9im"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87562642aa93712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

images.ctfassets.net/c5bd0wqjc7v0/1DrLQBxqDE4XmGXcmaGy7u/8acbd0322803e3190154169b028e9d20/freeMoney-1.5.webp

143.204.55.77

200 OK

30 kB

URL GET HTTP/2
images.ctfassets.net/c5bd0wqjc7v0/1DrLQBxqDE4XmGXcmaGy7u/8acbd0322803e3190154169b028e9d20/freeMoney-1.5.webp
IP
143.204.55.77:443
ASN
#16509 AMAZON-02

Requested by
https://jeffs.top/
Certificate
IssuerAmazon
Subjectimages.ctfassets.net
FingerprintB4:AD:54:1E:42:5A:BC:E5:5F:19:1A:F9:8B:06:8A:D3:F0:46:11:88
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
30 kB (30046 bytes)
Hash
5de118e2b690f5b854cfb7b58c3c0fe0
d57368d4be7ecd32ecc3b82ebedde956cd2f70f2
f7d696940ac77712e87388734b01e2978518291ae9dade39e0b824743ecf506e

HTTP Headers

GET /c5bd0wqjc7v0/1DrLQBxqDE4XmGXcmaGy7u/8acbd0322803e3190154169b028e9d20/freeMoney-1.5.webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 30046
last-modified: Mon, 07 Nov 2022 20:01:34 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Tue, 16 Apr 2024 02:30:06 GMT
cache-control: max-age=31536000
etag: "5de118e2b690f5b854cfb7b58c3c0fe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U59UG_Qz_VRY08whqY22IYV38KtvNIl3a-qeVgUbnyrgrTVUKuqmaA==
age: 56603
X-Firefox-Spdy: h2

jeffs.top/PaySDK.svg

45.15.156.25

200 OK

804 B

URL GET HTTP/1.1
jeffs.top/PaySDK.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
804 B (804 bytes)
Hash
b17322e445e1fce6e12f693a283aac6a
099f4a32fd7242d53c72c677a75b6d550a7a8479
863bd1291499105fa7da30e05a911f676c97e8eb9d3af04f99c473050fb3c2da

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /PaySDK.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 804
Last-Modified: Tue, 09 Apr 2024 19:05:52 GMT
Connection: keep-alive
ETag: "66159190-324"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

assets.coinbase.com/assets/245d5698473dc72a.webp

172.64.152.241

200 OK

13 kB

URL GET HTTP/2
assets.coinbase.com/assets/245d5698473dc72a.webp
IP
172.64.152.241:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerCloudflare, Inc.
Subjectcoinbase.com
Fingerprint17:6E:6E:1F:74:EF:97:21:64:D2:01:DA:3B:3D:38:19:63:00:24:00
ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 835x458, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (13292 bytes)
Hash
969a983ce74a462a68ba618b798a8cfa
67a6aaca9dfb9ec6cfc6c912e80fe8c5d6e2f202
217825f63cd85362766062022b2cf004c07a9bc47188f3b33e168ba7060ade55

HTTP Headers

GET /assets/245d5698473dc72a.webp HTTP/1.1
Host: assets.coinbase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:13:28 GMT
content-type: image/webp
content-length: 13292
last-modified: Fri, 10 Nov 2023 19:22:00 GMT
etag: "969a983ce74a462a68ba618b798a8cfa"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31556926
x-cache: Miss from cloudfront
via: 1.1 91c2aa7e3369a817b01aa672c72e5ba0.cloudfront.net (CloudFront)
x-amz-cf-pop: JNB50-C1
x-amz-cf-id: rUy76o38KoXlYrWR2KZLbVs6fNOMyqDHfq6VYvb--BsTW1FXDQOyHQ==
cf-cache-status: HIT
age: 6894065
expires: Thu, 17 Apr 2025 00:02:14 GMT
accept-ranges: bytes
set-cookie: __cf_bm=ifJv62q4fswYBH5.npnSEeVROx2NdCbmU7QQq39hSHY-1713291208-1.0.1.1-0IjaFo2PoWuTowtOPSI_i74AEVd6rl5Po8LZvOEUsrcurdDLDStxgAT5I3R94ErPa6EXlp1T5uTKnJX1n3y_bw; path=/; expires=Tue, 16-Apr-24 18:43:28 GMT; domain=.coinbase.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875626458a5556a5-OSL
X-Firefox-Spdy: h2

jeffs.top/new-prime-icon.svg

45.15.156.25

200 OK

489 B

URL GET HTTP/1.1
jeffs.top/new-prime-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
489 B (489 bytes)
Hash
50fdc5b9d1081435906a819863b4a663
87b182e251201c5772fb4fd6b613fd0b2fe9699a
d12c6c2a991f3868d96820e2f2023e138cef3de30d001763ddcef67575f08429

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-prime-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 489
Last-Modified: Tue, 09 Apr 2024 19:05:51 GMT
Connection: keep-alive
ETag: "6615918f-1e9"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-institutional-icon.svg

45.15.156.25

200 OK

915 B

URL GET HTTP/1.1
jeffs.top/new-institutional-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
915 B (915 bytes)
Hash
ce55d41d6584dda153215209e5356163
6affa9b2f4a7722dfbccc0ce9d739622eddf92b3
3a68bc1ab7ae1934ccffcb309101b3c606c7509c6baca504367fedf8ddf06c65

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-institutional-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 915
Last-Modified: Tue, 09 Apr 2024 19:05:51 GMT
Connection: keep-alive
ETag: "6615918f-393"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/Earn-asset-logged-out.svg

45.15.156.25

200 OK

1.4 kB

URL GET HTTP/1.1
jeffs.top/Earn-asset-logged-out.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1421 bytes)
Hash
e65b806e98ad141f53ede5060e8f7e0a
60244f2081be3026393829f765598565518b5453
1a1d2106f1d81d58c4bf0321c57e097cefde14a133398f38968f31a773a75350

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Earn-asset-logged-out.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 1421
Last-Modified: Tue, 09 Apr 2024 19:05:41 GMT
Connection: keep-alive
ETag: "66159185-58d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-card-icon.svg

45.15.156.25

200 OK

714 B

URL GET HTTP/1.1
jeffs.top/new-card-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
714 B (714 bytes)
Hash
6ce14c7a799fb4336126b84a41e1dfa6
8eccb786307cd40a2ddd4f73b463abf37012036e
87b78709be7190f7c5862edf4bb492ba5e7b8dde72e445fe066e78a9e035df19

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-card-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 714
Last-Modified: Tue, 09 Apr 2024 19:05:50 GMT
Connection: keep-alive
ETag: "6615918e-2ca"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-borrow-icon.svg

45.15.156.25

200 OK

783 B

URL GET HTTP/1.1
jeffs.top/new-borrow-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
783 B (783 bytes)
Hash
30aa2ce0dfebd3de8a161df10603fd40
19aeff2cdbf26f3820979c4b254678d0149cb0b1
7c0984f4c5da44b19320e8b2c7623c812c9626abe4310da367cf71a33f48bd9e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-borrow-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 783
Last-Modified: Tue, 09 Apr 2024 19:05:50 GMT
Connection: keep-alive
ETag: "6615918e-30f"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-private-client-icon.svg

45.15.156.25

200 OK

594 B

URL GET HTTP/1.1
jeffs.top/new-private-client-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
594 B (594 bytes)
Hash
2f542658f8ba40f355d12efa1a138a23
3520b1668692d384e70b79ecceeada17c07236d8
f8459f596901ebe52cab5771ae160814fc33215cd6b64e51c62928841c9a1eb6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-private-client-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 594
Last-Modified: Tue, 09 Apr 2024 19:05:52 GMT
Connection: keep-alive
ETag: "66159190-252"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/cb1_new_logo_1.svg

45.15.156.25

200 OK

602 B

URL GET HTTP/1.1
jeffs.top/cb1_new_logo_1.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
602 B (602 bytes)
Hash
0ecb7b3a33af435a53cc770194c374cf
78a35053b6737b69c3352ac6113ecdaf50444e59
0f9ec8a5db38a70a7e2d3c318bb7f4c512856ef9ef0bf2c063565da784a24bf2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cb1_new_logo_1.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 602
Last-Modified: Tue, 09 Apr 2024 19:05:36 GMT
Connection: keep-alive
ETag: "66159180-25a"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/NFT.svg

45.15.156.25

200 OK

605 B

URL GET HTTP/1.1
jeffs.top/NFT.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
605 B (605 bytes)
Hash
53d97c00168ac5eae428c54402cff48a
878434c5d40dd31580c3cc62b26f56ca4a1ebea1
d9a19947df8098bb3e215817d5a3d06ac257c0711a8b623687cdae4d6c369b38

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /NFT.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 605
Last-Modified: Tue, 09 Apr 2024 19:05:52 GMT
Connection: keep-alive
ETag: "66159190-25d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/3354091c-d5ce-476c-ab50-b2613d96e2ee.png

45.15.156.25

200 OK

2.2 kB

URL GET HTTP/1.1
jeffs.top/3354091c-d5ce-476c-ab50-b2613d96e2ee.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2175 bytes)
Hash
a6aa50d96c0a734033456e96bd2ffab3
d3286dbe69b13c8359e2352696422fbfe74515ea
ba028fb227fe18be032122726be6edcfa8af82cd15427d7a6cd4e2fe6b207d78

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3354091c-d5ce-476c-ab50-b2613d96e2ee.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/png
Content-Length: 2175
Last-Modified: Tue, 09 Apr 2024 19:05:24 GMT
Connection: keep-alive
ETag: "66159174-87f"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/derivativesNavigation__1_.svg

45.15.156.25

200 OK

797 B

URL GET HTTP/1.1
jeffs.top/derivativesNavigation__1_.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
797 B (797 bytes)
Hash
9da1ee5f4aea4c844ca2f2a6ef061b17
4de46b81f771aaee599b7bae2bd4a39e48035387
914937a9a033ff3e0f4d5a4beb5f6434281d22aa707720f79c853ef32683d6d7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /derivativesNavigation__1_.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 797
Last-Modified: Tue, 09 Apr 2024 19:05:40 GMT
Connection: keep-alive
ETag: "66159184-31d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/cloud-icon.svg

45.15.156.25

200 OK

1.0 kB

URL GET HTTP/1.1
jeffs.top/cloud-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1041 bytes)
Hash
03d1ad6c60d57b2f896ac6f57164d01a
c9557b0d79801f26367d0811dc78b18c7d430bef
3826fb87430be205cde1626dac841630d14d44e411585cb3329d5a1b01be43fc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cloud-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 1041
Last-Modified: Tue, 09 Apr 2024 19:05:36 GMT
Connection: keep-alive
ETag: "66159180-411"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-exchange-icon.svg

45.15.156.25

200 OK

931 B

URL GET HTTP/1.1
jeffs.top/new-exchange-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
931 B (931 bytes)
Hash
56668cdde2a24d277d1c212ed1404ffe
bcb40f8a40e86c34581517310b4eeac3102f00cb
5a9dc12f9b44f81e2b05bb972e8e79252dec7d6bb9845dc2f1e739a6c903c6b7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-exchange-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 931
Last-Modified: Tue, 09 Apr 2024 19:05:51 GMT
Connection: keep-alive
ETag: "6615918f-3a3"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/Base_Symbol.svg

45.15.156.25

200 OK

42 kB

URL GET HTTP/1.1
jeffs.top/Base_Symbol.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
42 kB (42362 bytes)
Hash
f7486c495b8c83536df589a751a13157
9b726cbc4dd23d1796b33409e734d5baa4958e71
a5b8596391a3523658be1ecee4b1c989fe6762dd400bd3dbc96c85b4e1966c47

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Base_Symbol.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 42362
Last-Modified: Tue, 09 Apr 2024 19:05:34 GMT
Connection: keep-alive
ETag: "6615917e-a57a"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-assetHub-icon.svg

45.15.156.25

200 OK

1.0 kB

URL GET HTTP/1.1
jeffs.top/new-assetHub-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1040 bytes)
Hash
72e521e91cbba38bf280584d9a934b81
6fba6edc5f5b243d8c89f2449dfa34b93e617e7e
3d4f3f7458538ff01cb74962cce153be3c73db0276e5328dc7ab5bf4c8398e4b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-assetHub-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 1040
Last-Modified: Tue, 09 Apr 2024 19:05:50 GMT
Connection: keep-alive
ETag: "6615918e-410"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/wallet_connect.svg

45.15.156.25

200 OK

1.7 kB

URL GET HTTP/1.1
jeffs.top/wallet_connect.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1725 bytes)
Hash
2196b63ad9fe36e1f89d615df0c1b744
ca97ee69ccebc12f9c7cc4d1d2a70c5bf8f5e8f9
73bc498be99dc6cf3ff3e0fb5379dfaa7269e46bb4948624ef1db9e3ce0cd0e2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wallet_connect.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 1725
Last-Modified: Tue, 09 Apr 2024 19:06:00 GMT
Connection: keep-alive
ETag: "66159198-6bd"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/CommerceSDK.svg

45.15.156.25

200 OK

918 B

URL GET HTTP/1.1
jeffs.top/CommerceSDK.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
918 B (918 bytes)
Hash
ef0948a5f16888505d6a97ff3d2d3b7b
10db41cb58126580cf277d46dfc75745475d2afc
ebe1ed1841afebaf4cd76a1d3f9ae85c3a007bb9c824f5c9b9166490cc01cde8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /CommerceSDK.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 918
Last-Modified: Tue, 09 Apr 2024 19:05:38 GMT
Connection: keep-alive
ETag: "66159182-396"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/Delegate.svg

45.15.156.25

200 OK

516 B

URL GET HTTP/1.1
jeffs.top/Delegate.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
516 B (516 bytes)
Hash
800b9c02f933155e4f78fc7c15806f9f
4b3bf50c006da684479d00ee1f3e9e197e53aa62
9d5998be51963dc7359369465c523665937abf7e58f8e4411ca8495f3b22c2d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Delegate.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 516
Last-Modified: Tue, 09 Apr 2024 19:05:40 GMT
Connection: keep-alive
ETag: "66159184-204"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/WalletSDK.svg

45.15.156.25

200 OK

622 B

URL GET HTTP/1.1
jeffs.top/WalletSDK.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
622 B (622 bytes)
Hash
f3a1e15ecf2b6c3698d4ed55a2e39fed
778db30839c4c68b0ce52856ed2800db8cb4ffad
55a7ecfd27d9bf3e664212b5a8df330d97e3b6f4f0eeb42b70f562e1a20098b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WalletSDK.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 622
Last-Modified: Tue, 09 Apr 2024 19:05:59 GMT
Connection: keep-alive
ETag: "66159197-26e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/Frame.png

45.15.156.25

200 OK

2.1 kB

URL GET HTTP/1.1
jeffs.top/Frame.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
2.1 kB (2054 bytes)
Hash
af8eab062ba23d03b3223e4f0765cef8
609c712d810bc6e17b6cd5fb3e0bfac13da74db0
8fcad8fffd1096c991067baad2e433da6a3c4057e58531a7b592a6055d7484eb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Frame.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/png
Content-Length: 2054
Last-Modified: Tue, 09 Apr 2024 19:05:43 GMT
Connection: keep-alive
ETag: "66159187-806"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/Consumer_Wordmark.svg

45.15.156.25

200 OK

3.8 kB

URL GET HTTP/1.1
jeffs.top/Consumer_Wordmark.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
3.8 kB (3788 bytes)
Hash
78b2915b21e673b15957e22970b36c40
d147dd4dde281e9c200ed77ecb29cdaf0f1377e6
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Consumer_Wordmark.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 3788
Last-Modified: Tue, 09 Apr 2024 19:05:38 GMT
Connection: keep-alive
ETag: "66159182-ecc"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/4c4ea7a0-2905-41a1-8ee5-75e76c14b232.png

45.15.156.25

200 OK

4.2 kB

URL GET HTTP/1.1
jeffs.top/4c4ea7a0-2905-41a1-8ee5-75e76c14b232.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4153 bytes)
Hash
3de4f9e1ebd4402d03db7b98db075d75
4333e8d6df6b7972504b00e1905079dd5a115b3a
a283eb6bcc05f0b5f38549225782461220df3ee4675ae7e74ef1a682df17a8bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4c4ea7a0-2905-41a1-8ee5-75e76c14b232.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/png
Content-Length: 4153
Last-Modified: Tue, 09 Apr 2024 19:05:26 GMT
Connection: keep-alive
ETag: "66159176-1039"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/626691ce-b363-4e21-a0a5-f3e6579a85d3.png

45.15.156.25

200 OK

981 B

URL GET HTTP/1.1
jeffs.top/626691ce-b363-4e21-a0a5-f3e6579a85d3.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
981 B (981 bytes)
Hash
cf0e296e143427c7522b6ab65740fbdf
61a5aa75b617bb4f591368bd08ff15733d708a3d
9617e3eae514d0dd6c7bbe25d52df955a88c7b2de9cd68da5e8075d4ab0b8355

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /626691ce-b363-4e21-a0a5-f3e6579a85d3.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/png
Content-Length: 981
Last-Modified: Tue, 09 Apr 2024 19:05:26 GMT
Connection: keep-alive
ETag: "66159176-3d5"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/62365d11-b992-47f4-beed-588a457f71ed.png

45.15.156.25

200 OK

2.9 kB

URL GET HTTP/1.1
jeffs.top/62365d11-b992-47f4-beed-588a457f71ed.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2941 bytes)
Hash
c22af8b4559fbbcfdd5da045b88973b9
eba0805b11b0dcfeca0bed130fb2e4b8cf4080b8
05363b087a0ac051178a25d4262b11cb920d37ab535c9ecc91740b15a3f4075e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /62365d11-b992-47f4-beed-588a457f71ed.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/png
Content-Length: 2941
Last-Modified: Tue, 09 Apr 2024 19:05:26 GMT
Connection: keep-alive
ETag: "66159176-b7d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/faucet.svg

45.15.156.25

200 OK

1.6 kB

URL GET HTTP/1.1
jeffs.top/faucet.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1640 bytes)
Hash
1c73a6a7575a0cf2b5bb2d7d9d553d30
2a55e30f665730ec5ab08b54190371d34bd3a977
94df5659c38cef218171478f537ba8cc371dd2839bea88991c4b45287276cf34

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /faucet.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 1640
Last-Modified: Tue, 09 Apr 2024 19:05:43 GMT
Connection: keep-alive
ETag: "66159187-668"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/coinbase_wallet_logo_bg.svg

45.15.156.25

200 OK

590 B

URL GET HTTP/1.1
jeffs.top/coinbase_wallet_logo_bg.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
590 B (590 bytes)
Hash
01f5e1c86f166d13dd57bd884aa22322
7f22d3ab2b44f814468c93c9bf87524ef7096678
38880e081c4fd5f45b6db366e9a661ffd1ef17871dcd76503fd8e64c16eb251a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /coinbase_wallet_logo_bg.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 590
Last-Modified: Tue, 09 Apr 2024 19:05:37 GMT
Connection: keep-alive
ETag: "66159181-24e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/trust_wallet.svg

45.15.156.25

200 OK

2.7 kB

URL GET HTTP/1.1
jeffs.top/trust_wallet.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2654 bytes)
Hash
b9484f656001ad8211f7f771fd6a29c3
b05965537e97ae5e43eee755f4e081ba8945779a
158272930bbae4a158e9317e4f68e6d9887743d4fd1c0883e34533542bfceb87

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /trust_wallet.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 2654
Last-Modified: Tue, 09 Apr 2024 19:05:57 GMT
Connection: keep-alive
ETag: "66159195-a5e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/coinbase.svg

45.15.156.25

200 OK

795 B

URL GET HTTP/1.1
jeffs.top/coinbase.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
795 B (795 bytes)
Hash
7829e15afe25c12f8d8ce73727a9b73c
233cbdbdd977fd5c3e25e62d7276da042b438f64
c7966767e41f86701e1b4341558eec4f528966bc1bf12d1b537aadaf2b730665

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /coinbase.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 795
Last-Modified: Tue, 09 Apr 2024 19:05:37 GMT
Connection: keep-alive
ETag: "66159181-31b"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/metamask.svg

45.15.156.25

200 OK

3.9 kB

URL GET HTTP/1.1
jeffs.top/metamask.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3938 bytes)
Hash
6cca8bf1c7d0adfe99b0b897c8cc37e7
1f6b0d62f019e691a9ef1ac56e665da341ba6e50
86726ace4e35a5f12bb612e0d5bf3dff674bc69bbaf32fbfd14db9fc3923b524

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /metamask.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 3938
Last-Modified: Tue, 09 Apr 2024 19:05:49 GMT
Connection: keep-alive
ETag: "6615918d-f62"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-earn-icon.svg

45.15.156.25

200 OK

594 B

URL GET HTTP/1.1
jeffs.top/new-earn-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
594 B (594 bytes)
Hash
768fa02adaf2752b267f248d9d2e79a6
62a1c205848472d8e896049adf692ac2ab0c4a13
6d6976ef37345ba1f1ca5403a9c6c3b29b941690427e61cec495df1b76e161f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-earn-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 594
Last-Modified: Tue, 09 Apr 2024 19:05:51 GMT
Connection: keep-alive
ETag: "6615918f-252"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/chart-0.svg

45.15.156.25

200 OK

468 B

URL GET HTTP/1.1
jeffs.top/chart-0.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
468 B (468 bytes)
Hash
de1880fc36f92e5e0ca341922b04d237
a9650042d8a4271e55145922a937491069939547
c2870f75afc722f17267792db6f1521c3c65adc8de49e988c2c564bf12f3d858

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /chart-0.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 468
Last-Modified: Tue, 09 Apr 2024 19:05:36 GMT
Connection: keep-alive
ETag: "66159180-1d4"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/binance.svg

45.15.156.25

200 OK

33 kB

URL GET HTTP/1.1
jeffs.top/binance.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
33 kB (32751 bytes)
Hash
ace0ce7b2c34cdae1adf57ea9fc25a03
73491ebc473ea651eaa7eedee6d1739929294541
2efe9156d3b14c853f85c80b10d557a9ec89b7da08ce51541f399368da8d66d0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /binance.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 32751
Last-Modified: Tue, 09 Apr 2024 19:05:35 GMT
Connection: keep-alive
ETag: "6615917f-7fef"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/decentralizedIdentity-0.svg

45.15.156.25

200 OK

937 B

URL GET HTTP/1.1
jeffs.top/decentralizedIdentity-0.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
937 B (937 bytes)
Hash
333dcb7ae93b25958602378f7dbf2180
729021db9619db592a747ddfb03b06a66c48c00d
3d53ada8c63591240781cf36698c724013959a56772d51618fc9835d81a36d87

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /decentralizedIdentity-0.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:28 GMT
Content-Type: image/svg+xml
Content-Length: 937
Last-Modified: Tue, 09 Apr 2024 19:05:39 GMT
Connection: keep-alive
ETag: "66159183-3a9"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/coinbase-icon2.svg

45.15.156.25

200 OK

535 B

URL GET HTTP/1.1
jeffs.top/coinbase-icon2.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
535 B (535 bytes)
Hash
8bb3ac288a680748e699accb1bbc27b8
d6321eb04ab71067912af39be6f475400cfb27d1
d40f2d37d800e32067b898b9de2b755c20a6ecd44dd4ffd511e61978a3470118

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /coinbase-icon2.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:29 GMT
Content-Type: image/svg+xml
Content-Length: 535
Last-Modified: Tue, 09 Apr 2024 19:05:37 GMT
Connection: keep-alive
ETag: "66159181-217"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/coinbase-advanced-trade-icon.png

45.15.156.25

200 OK

1.0 kB

URL GET HTTP/1.1
jeffs.top/coinbase-advanced-trade-icon.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 82 x 82, 8-bit colormap, non-interlaced
Size
1.0 kB (1023 bytes)
Hash
ca60caa614ab6d9fa6881c5aed2482e5
32851d9e75abb0405107c5b16853df030e783ce8
7371253f1878e53f7a355a81a060bca3f6dc26381054ddb6752a7878e1ca57ea

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /coinbase-advanced-trade-icon.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:29 GMT
Content-Type: image/png
Content-Length: 1023
Last-Modified: Tue, 09 Apr 2024 19:05:37 GMT
Connection: keep-alive
ETag: "66159181-3ff"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/new-commerce-icon.svg

45.15.156.25

200 OK

772 B

URL GET HTTP/1.1
jeffs.top/new-commerce-icon.svg
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
SVG Scalable Vector Graphics image
Size
772 B (772 bytes)
Hash
bda7fc3bd24025c417a0b9c6023dd4ef
43c6138b5a370761ae69f16a7c70bcc1273a83ea
2f74845ca785364b6d81aea0f36fa0430b5d256e0fa853d5627f5d34f6bccbd6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new-commerce-icon.svg HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:29 GMT
Content-Type: image/svg+xml
Content-Length: 772
Last-Modified: Tue, 09 Apr 2024 19:05:50 GMT
Connection: keep-alive
ETag: "6615918e-304"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/2ee8edba4f470a10.png

45.15.156.25

200 OK

3.4 kB

URL GET HTTP/1.1
jeffs.top/2ee8edba4f470a10.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 228 x 228, 8-bit colormap, non-interlaced
Size
3.4 kB (3409 bytes)
Hash
65709c60ba9187028931a7cb2a3201d3
db19382cabb3645e0f7d1b8038771c447c109e0f
bb357d5b178a632a4232a8158e7b7243cf90d0749870b01595c651f0d28aeaf5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2ee8edba4f470a10.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:30 GMT
Content-Type: image/png
Content-Length: 3409
Last-Modified: Tue, 09 Apr 2024 19:05:24 GMT
Connection: keep-alive
ETag: "66159174-d51"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

jeffs.top/cf313fe804162f10.png

45.15.156.25

200 OK

557 B

URL GET HTTP/1.1
jeffs.top/cf313fe804162f10.png
IP
45.15.156.25:443
ASN
#211409 Shelter LLC

Requested by
https://jeffs.top/
Certificate
IssuerLet's Encrypt
Subjectjeffs.top
FingerprintC7:B1:C6:35:C1:BA:01:53:BD:9F:FF:D3:C3:36:45:4C:18:1B:E7:02
ValidityMon, 08 Apr 2024 07:12:13 GMT - Sun, 07 Jul 2024 07:12:12 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
557 B (557 bytes)
Hash
52bad1d125e93b0235a76b87996a82d0
b2a650a251ddb79c24160958c649de3209ee2f1c
b90cdcbe9e842bf371d9c5e7dd13359fde26879a4642ad6f752e86a65fab4fb5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cf313fe804162f10.png HTTP/1.1
Host: jeffs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 18:13:30 GMT
Content-Type: image/png
Content-Length: 557
Last-Modified: Tue, 09 Apr 2024 19:05:36 GMT
Connection: keep-alive
ETag: "66159180-22d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

cdndelivery.pages.dev/web3-ethers.js

172.66.44.173

200 OK

759 kB

URL GET HTTP/2
cdndelivery.pages.dev/web3-ethers.js
IP
172.66.44.173:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectcdndelivery.pages.dev
FingerprintFF:3E:93:FA:EB:73:73:41:97:5D:45:2F:1D:E5:E3:44:97:A5:FB:58
ValiditySun, 10 Mar 2024 20:10:44 GMT - Sat, 08 Jun 2024 20:10:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
759 kB (759129 bytes)
Hash
f71e0f28465f8a34ccfc7ba7150e488f
eb3405104d6c757279ab4fe0d6444da827d31e4c
d225f45c90a4cc5f51b2c7025cc47669a181785db04fd09c88f84e781b6c9ecb

HTTP Headers

GET /web3-ethers.js HTTP/1.1
Host: cdndelivery.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeffs.top
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:13:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"11d9d27333a656e16ed21a0f98b50c43"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RB1GETXXfqvxQYoafjuvxHEXdQ8g5RL7YgEVDEEOaktpLwtvSV5RRb4mbQgDngpfTLS74InZhfX%2FJLvKtbY20XSqiRm%2BqQQTkGYRvDa5jjJBemLcEcNz3rBqgDv7ECtuCATH4BgXgXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875626443f6656a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=FroZnsrwNT6PgKBy9i8DK0uMfM3OW20Ci3anpuX_UE4Ey2CXPAZzUG3jqkagKYjEQVJg47re8jzaLmhTP251Jj_4yf6zUjMBq-UIC-078-S9KGeYv6C_7AG9-erU_bTJ
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Tue, 16 Apr 2024 18:13:35 GMT
age: 10
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap

142.250.74.106

200 OK

25 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://jeffs.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
25 kB (25076 bytes)
Hash
01e4c1bf8edfbc3e1272bb3440dd3f5a
c0b50f336aab9ee372df57f095a159de6531e260
4e93eab6f0103db3049bfe01d9ee8347d7a7356d6b6ca5f19b01f33711a7764f

HTTP Headers

GET /css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 18:13:28 GMT
date: Tue, 16 Apr 2024 18:13:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js

104.17.245.203

200 OK

263 kB

URL GET HTTP/2
unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
JavaScript source, ASCII text, with very long lines (18875)
Size
263 kB (262939 bytes)
Hash
7d8348176a8bb75544030d3f2be92d49
03d81ce4b033dd99566148c33f77b56fa37e2135
89e11baee7d5cf5645ec30f3b92208f4497867d4cab79823180d9be9021b79d9

HTTP Headers

GET /@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeffs.top
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:13:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4031b-A9gc5LAz3ZlWYUjDP3e1b6N+ITU"
via: 1.1 fly.io
fly-request-id: 01HGTY47PQJ1D79YCBVJGNHPGH-arn
cf-cache-status: HIT
age: 11580147
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8756264faa720b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle.js

104.17.245.203

200 OK

237 B

URL GET HTTP/2
unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle.js
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
ASCII text, with no line terminators
Size
237 B (237 bytes)
Hash
1d637044576e5dc3a29be6cdf29ee8c6
49e6e7ed7d8109177d1c3c697333e37b47c25d61
a0e7a144bc96c58bcd7286346ced0b997b3d7da2c1707e1e3ae6808181bfe544

HTTP Headers

GET /@web3modal/ethereum@2.6.2/dist/cdn/bundle.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeffs.top
Referer: https://cdndelivery.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:13:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"ed-roMohOGYS54fwikNAqzVmlSiPV8"
via: 1.1 fly.io
fly-request-id: 01HG00ZKZ9GC8N4YA454JZVB9W-arn
cf-cache-status: HIT
age: 12483123
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8756264ee91b0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

assets.coinbase.com/assets/2a688cc86b2508f2.png

172.64.152.241

403 Forbidden

0 B

URL GET HTTP/2
assets.coinbase.com/assets/2a688cc86b2508f2.png
IP
172.64.152.241:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerCloudflare, Inc.
Subjectcoinbase.com
Fingerprint17:6E:6E:1F:74:EF:97:21:64:D2:01:DA:3B:3D:38:19:63:00:24:00
ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/2a688cc86b2508f2.png HTTP/1.1
Host: assets.coinbase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jeffs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 18:13:29 GMT
content-type: application/xml
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ps1dhMarwC3eXkpH5myokdIkSE9DIzCGOjZf3LsUTfNMLw9DekHYlA==
cf-cache-status: MISS
set-cookie: __cf_bm=xp3W2f022Cr2mkrx9.iseBCi9ceeQrouuniugpQWq1A-1713291209-1.0.1.1-6MSEU8O8c93UdrEwwLFGJEuRuLcae9HV6C9U6yCoPluCjinBiv9r36_CvIanribeQTF9I2mBfrJ9Qz2cD_xXyw; path=/; expires=Tue, 16-Apr-24 18:43:29 GMT; domain=.coinbase.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875626458a5356a5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/@web3modal/ethereum@2.6.2

104.17.245.203

302 Found

237 B

URL GET HTTP/2
unpkg.com/@web3modal/ethereum@2.6.2
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jeffs.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
237 B (237 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@web3modal/ethereum@2.6.2 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jeffs.top
DNT: 1
Connection: keep-alive
Referer: https://cdndelivery.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 18:13:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /@web3modal/ethereum@2.6.2/dist/cdn/bundle.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HS0D2QW97GR91CD4DMEXD68H-arn
cf-cache-status: HIT
age: 2806763
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8756264eb89e0b3d-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (54)

URL User Request GET HTTP/1.1

IP

ASN