urlscan.io logo urlscan.io
SecurityTrails logo

us4-authcoinbase.69-48-165-10.cprapid.com Open in urlscan Pro
69.48.165.10  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.kemkes.go.id/JuknisPKTDTahun2022
Effective URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxh...
Submission: On September 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 69.48.165.10, located in United States and belongs to A2HOSTING, US. The main domain is us4-authcoinbase.69-48-165-10.cprapid.com.
TLS certificate: Issued by R10 on September 12th 2024. Valid for: 3 months.
This is the only time us4-authcoinbase.69-48-165-10.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 1 103.74.143.76 46034 (DEPKES-AS...)
1 13 69.48.165.10 55293 (A2HOSTING)
12 1
Apex Domain
Subdomains		 Transfer
13 cprapid.com
us4-authcoinbase.69-48-165-10.cprapid.com
292 KB
1 kemkes.go.id
link.kemkes.go.id — Cisco Umbrella Rank: 559677
392 B
12 2
Domain Requested by
13 us4-authcoinbase.69-48-165-10.cprapid.com 1 redirects us4-authcoinbase.69-48-165-10.cprapid.com
1 link.kemkes.go.id 1 redirects
12 2

This site contains no links.

Subject Issuer Validity Valid
mail.us4-authcoinbase.69-48-165-10.cprapid.com
R10		 2024-09-12 -
2024-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Frame ID: CF7DC1C1340CC9AB161EA88F7AD00AA1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coinbase - Sign In

Page URL History Show full URLs

  1. https://link.kemkes.go.id/JuknisPKTDTahun2022 HTTP 301
    https://us4-authcoinbase.69-48-165-10.cprapid.com/?signin2 HTTP 302
    https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtm... Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

292 kB
Transfer

493 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.kemkes.go.id/JuknisPKTDTahun2022 HTTP 301
    https://us4-authcoinbase.69-48-165-10.cprapid.com/?signin2 HTTP 302
    https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
us4-authcoinbase.69-48-165-10.cprapid.com/
Redirect Chain
  • https://link.kemkes.go.id/JuknisPKTDTahun2022
  • https://us4-authcoinbase.69-48-165-10.cprapid.com/?signin2
  • https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Fa...
55 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed / PHP/8.2.23
Resource Hash
ced435c5eee5778fd80ff1ad3a891be450784a96ce10b51501c1652dc8924ab6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 21 Sep 2024 19:08:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.2.23

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-length
76
content-type
text/html; charset=UTF-8
date
Sat, 21 Sep 2024 19:08:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
pragma
no-cache
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.2.23
styles.d87df576ff25e358663e.css
us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/ 		122 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
f47de1b7f7de1c4e73d6ea89cf7a15fce2df5c45a8e42132399701421d21ffbc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=604800
content-encoding
br
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 19:08:43 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
16736
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
text/css
last-modified
Wed, 22 May 2024 08:44:18 GMT
vary
Accept-Encoding
server
LiteSpeed
x-frame-options
SAMEORIGIN
styles.43cdd765c2fa35b596d4.css
us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/ 		3 KB
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.43cdd765c2fa35b596d4.css
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
73773da73980988a58070676b0f2477e94069c87d938ed063377c71de49474a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=604800
content-encoding
br
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 19:08:43 GMT
accept-ranges
bytes
content-length
741
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
text/css
last-modified
Wed, 22 May 2024 08:12:22 GMT
vary
Accept-Encoding
server
LiteSpeed
x-frame-options
SAMEORIGIN
styles.babae8c0eccf7b247500.css
us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.babae8c0eccf7b247500.css
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
63769174d2d68475a5cbd39a703b5f876f675486c64a903768dd52ec231b1f81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=604800
content-encoding
br
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 19:08:43 GMT
accept-ranges
bytes
content-length
2468
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
text/css
last-modified
Wed, 22 May 2024 08:12:22 GMT
vary
Accept-Encoding
server
LiteSpeed
x-frame-options
SAMEORIGIN
styles__ltr.css
us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/ 		63 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles__ltr.css
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
da0f41e5e49d2fcdddc204da77d0966d5a382b59801110137bd31eb95f3d4ad0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=604800
content-encoding
br
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 19:08:43 GMT
accept-ranges
bytes
content-length
24873
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
text/css
last-modified
Wed, 22 May 2024 08:45:56 GMT
vary
Accept-Encoding
server
LiteSpeed
x-frame-options
SAMEORIGIN
captcha.png
us4-authcoinbase.69-48-165-10.cprapid.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/images/captcha.png
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles__ltr.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=604800
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 19:08:43 GMT
accept-ranges
bytes
content-length
2228
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
image/png
last-modified
Wed, 22 May 2024 08:45:02 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
502b733210ea3fdd4bf8.woff2
us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/502b733210ea3fdd4bf8.woff2
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
81368223143520415fe7fbdc3792d2d52ad7e422d8b214661ff932afe577b779
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://us4-authcoinbase.69-48-165-10.cprapid.com
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
accept-ranges
bytes
content-length
40016
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
font/woff2
last-modified
Wed, 22 May 2024 08:42:00 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
8a6a40a08f92d9a9b3e5.woff2
us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/8a6a40a08f92d9a9b3e5.woff2
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
a1f75e7f702059493bb74cfcb3178d095b3f6da4d313e92b3ceabc3e63eb914c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://us4-authcoinbase.69-48-165-10.cprapid.com
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
accept-ranges
bytes
content-length
40076
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
font/woff2
last-modified
Wed, 22 May 2024 08:42:20 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
71371380d08a07cda58a.woff2
us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/71371380d08a07cda58a.woff2
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
5db56ddf9ab991fc7a3a5b188b6b0c92331213ec4991b71d9821c36dcbcdb687
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://us4-authcoinbase.69-48-165-10.cprapid.com
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
accept-ranges
bytes
content-length
40480
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
font/woff2
last-modified
Wed, 22 May 2024 08:42:26 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
2a5dafc68ca015ca866a.woff2
us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/2a5dafc68ca015ca866a.woff2
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://us4-authcoinbase.69-48-165-10.cprapid.com
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
x-content-type-options
nosniff
content-length
796
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
text/html
server
LiteSpeed
x-frame-options
SAMEORIGIN
868eaaa6850959ed2ab9.woff2
us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/868eaaa6850959ed2ab9.woff2
Requested by
Host: us4-authcoinbase.69-48-165-10.cprapid.com
URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
31a55a060d59db48cab5fab57e607d844e5e4a97b75afa281cac1e5f09461341
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://us4-authcoinbase.69-48-165-10.cprapid.com
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/css/styles.d87df576ff25e358663e.css

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
accept-ranges
bytes
content-length
119476
date
Sat, 21 Sep 2024 19:08:43 GMT
content-type
font/woff2
last-modified
Wed, 22 May 2024 09:02:52 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
favicon.ico
us4-authcoinbase.69-48-165-10.cprapid.com/assets/images/ 		557 B
661 B 		Other
General
Check archive.org
Download Go to
Full URL
https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
69.48.165.10 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.aksigacor.com
Software
LiteSpeed /
Resource Hash
b90cdcbe9e842bf371d9c5e7dd13359fde26879a4642ad6f752e86a65fab4fb5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://us4-authcoinbase.69-48-165-10.cprapid.com/signin?c_ds_na=KKv3xgII5gkAcP61MgCTDNry5d9zmT8YWQvCi6hpUi&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=604800
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 19:08:44 GMT
accept-ranges
bytes
content-length
557
date
Sat, 21 Sep 2024 19:08:44 GMT
content-type
image/x-icon
last-modified
Wed, 22 May 2024 09:06:46 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.link.kemkes.go.id/ Name: TS01780a69
Value: 0172bf5c62a18a669f4e25a5aa47ef4178589bf30bf6460cd870e9017ea9a68c8b60f6f092a5f4eb83fb6a37120b9e2713b72c27aa
link.kemkes.go.id/ Name: TScab5a474027
Value: 08b32161a2ab2000e66db886fcf98d582e125e8f23217b437f8085d9f344f6bf9c277a8598cdadf808c53f958d1130002a226d07326fb53f355cc7e7ebc6ec16ed2bc22caf4264af6e1df0cdac3981d460d1245ac99a996094ed3bd3e6c8cd56
us4-authcoinbase.69-48-165-10.cprapid.com/ Name: PHPSESSID
Value: k61m2sgsab107338mnvh3gfo1m

1 Console Messages

Source Level URL
Text
network error URL: https://us4-authcoinbase.69-48-165-10.cprapid.com/assets/font/2a5dafc68ca015ca866a.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN