Report - sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt

Report Overview

Visited public
2024-09-16 19:12:36
Tags
URL
sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
Finishing URL
sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
IP / ASN
151.101.2.188
#54113 FASTLY
Title
404 - Page not found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d3e54v103j8qbb.cloudfront.net	unknown	2008-04-25	2016-03-11 23:08:14	2024-09-15 19:39:45	2.1 kB	79 kB	143.204.42.99
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-15 18:12:18	327 B	887 B	23.36.77.32
sso--coinbasepro---cdn---auth.webflow.io	unknown	unknown	No data	No data	1.1 kB	33 kB	151.101.130.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-09-15	medium	sso--coinbasepro---cdn---auth.webflow.io/	Coinbase
2024-09-15	medium	sso--coinbasepro---cdn---auth.webflow.io/	Coinbase

PhishTank

Scan Date	Severity	Indicator	Alert
2024-09-15	medium	sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt	Other
2024-09-15	medium	sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-16	medium	sso--coinbasepro---cdn---auth.webflow.io	Sinkholed
2024-09-16	medium	sso--coinbasepro---cdn---auth.webflow.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (7)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
050718ab9dc2838d2e9024055cb41483
6e55983a400fc690d87e12582f4fa8553e7b95c6
d86c86521d6dffa0ae29cccbe08a53af825337b4d0e308884bf33122ee11e415

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D86C86521D6DFFA0AE29CCCBE08A53AF825337B4D0E308884BF33122EE11E415"
Last-Modified: Sun, 15 Sep 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4310
Expires: Mon, 16 Sep 2024 20:24:00 GMT
Date: Mon, 16 Sep 2024 19:12:10 GMT
Connection: keep-alive

sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt

151.101.130.188

301 Moved Permanently

627 B

URL User Request GET HTTP/1.1
sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
IP
151.101.130.188:80
ASN
#54113 FASTLY

File type
gzip compressed data, from Unix
Size
627 B (627 bytes)
Hash
5d20ff0ac5fe8dc467b62de6fe291bb2
132d27705cf7c470b02d75e1387ac2739ec35fb8
fe0ada831da75734bf4f4a26772703d3e784781449e468bbfe48cc0d1ff81e9a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /,N/A,https:/openphish.com/feed.txt HTTP/1.1
Host: sso--coinbasepro---cdn---auth.webflow.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
cache-control: private
content-security-policy: frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com
etag: W/"66e86999-38c"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 16 Sep 2024 19:12:11 GMT
x-served-by: cache-iad-kjyo7100038-IAD, cache-hel1410024-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1726513931.151617,VS0,VE161
vary: Accept-Encoding,x-wf-forwarded-proto
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/static/designer_favicon.5ea478d03e.png

143.204.42.99

200 OK

1.6 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/static/designer_favicon.5ea478d03e.png
IP
143.204.42.99:443
ASN
#16509 AMAZON-02

Requested by
https://sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1567 bytes)
Hash
5ea478d03eec796d20aaf28cca915bca
6005158958c6aca177a334b0e67eb719433e646b
5ff12421bb3d43c78f8c56350b5fc2f9af80c059762c1e146cb617a8a885cd1a

HTTP Headers

GET /static/designer_favicon.5ea478d03e.png HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sso--coinbasepro---cdn---auth.webflow.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1567
last-modified: Wed, 25 Jan 2017 00:00:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 16 Sep 2024 04:06:22 GMT
cache-control: max-age=84600, must-revalidate
etag: "5ea478d03eec796d20aaf28cca915bca"
vary: Accept-Encoding
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
age: 54913
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DnOcsWr63IKpFp-2mD9QGk45squ6TnQpBvZRYzbfReqJSI202BDxOQ==
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Medium-Web.abf6e1188f.woff2

143.204.42.99

200 OK

34 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Medium-Web.abf6e1188f.woff2
IP
143.204.42.99:443
ASN
#16509 AMAZON-02

Requested by
https://sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34041, version 1.0
Size
34 kB (34041 bytes)
Hash
abf6e1188f57f609d6987ca7aa1f54b7
b226e5b656caf3ce6ed5d9ad277850ea7ca27d05
40bb52d988186022d07c0248e9b6af63a1dde146b157797463ba7b5dada4ac53

HTTP Headers

GET /fonts/Graphik-Medium-Web.abf6e1188f.woff2 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sso--coinbasepro---cdn---auth.webflow.io
DNT: 1
Connection: keep-alive
Referer: https://d3e54v103j8qbb.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 34041
date: Mon, 16 Sep 2024 05:37:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 05 Jun 2019 19:43:00 GMT
etag: "abf6e1188f57f609d6987ca7aa1f54b7"
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
server: AmazonS3
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
age: 48905
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vizg7yE7pzPrbTnYZukoH2mLpnrlnx1iNOeK2ByO3v1pZUzq_QwN5Q==
X-Firefox-Spdy: h2

sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt

151.101.130.188

301 Moved Permanently

31 kB

URL User Request GET HTTP/1.1
sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
IP
151.101.130.188:80
ASN
#54113 FASTLY

File type
gzip compressed data, from Unix
Size
31 kB (31346 bytes)
Hash
1018d8ca2b4c07764024c396daa16849
83f119da99d9186f6f3433ec7aa5abe7fd2d8f00
046008807ba88521b31f28b4777e4b3711226ec324aa2ff3a019a2341e0f4520

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /,N/A,https:/openphish.com/feed.txt HTTP/1.1
Host: sso--coinbasepro---cdn---auth.webflow.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
cache-control: private
content-security-policy: frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com
etag: W/"66e86999-38c"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 16 Sep 2024 19:12:11 GMT
x-served-by: cache-iad-kjyo7100177-IAD, cache-hel1410024-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1726513932.650607,VS0,VE294
vary: Accept-Encoding,x-wf-forwarded-proto
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css

143.204.42.99

200 OK

9.8 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css
IP
143.204.42.99:443
ASN
#16509 AMAZON-02

Requested by
https://sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.8 kB (9780 bytes)
Hash
91c401912a332d06611ec2c846e2c7e0
9c69e9b011c2b5699c22a5c023564116d68928c3
8718d211cb103fc6b1414ccba617a9e018fe56541b76e6cbd259ff49caddaddd

HTTP Headers

GET /css/webflow-https-errors.webflow.css HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sso--coinbasepro---cdn---auth.webflow.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 05 Jul 2021 14:41:25 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 16 Sep 2024 09:16:50 GMT
etag: W/"c2bf6463065522e597390eedb7a3f2f7"
vary: Accept-Encoding
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
age: 59019
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DXySvUW4-nZc5PFvoUqPeZ8uoOufomx5eGFGmgkbEIl_soYu4qP72g==
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Regular-Web.5a0c1a002e.woff2

143.204.42.99

200 OK

31 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Regular-Web.5a0c1a002e.woff2
IP
143.204.42.99:443
ASN
#16509 AMAZON-02

Requested by
https://sso--coinbasepro---cdn---auth.webflow.io/,N/A,https:/openphish.com/feed.txt
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30885, version 1.0
Size
31 kB (30885 bytes)
Hash
5a0c1a002e8a14bedb37e60ee72642ac
b5df1451ce0d9aace0d7337abb26d10cd7999333
ccde0cf7ce5d0767eba8aabd07f8537f24e5097cfb5e1f08e1685926efcfbe84

HTTP Headers

GET /fonts/Graphik-Regular-Web.5a0c1a002e.woff2 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sso--coinbasepro---cdn---auth.webflow.io
DNT: 1
Connection: keep-alive
Referer: https://d3e54v103j8qbb.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 30885
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 05 Jun 2019 19:45:00 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 16 Sep 2024 00:51:53 GMT
cache-control: max-age=84600, must-revalidate
etag: "5a0c1a002e8a14bedb37e60ee72642ac"
vary: Accept-Encoding
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
age: 66020
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x5xbSe20mlWtPQJxm5ckP9d51wIj5LuigOeYnnSL-epL-J13ECDeag==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (7)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers