www.godaddy.com Open in urlscan Pro
2a02:26f0:480:d91::1771 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww25.barium.coinbase.site/
Effective URL:
https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site
Submission Tags: @phish_report
Submission: On August 18 via api (August 18th 2024, 11:14:38 am UTC) from FI — Scanned from FI

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a02:26f0:480:d91::1771, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.godaddy.com. The Cisco Umbrella rank of the primary domain is 41315.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 10th 2023. Valid for: a year.

This is the only time www.godaddy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	199.59.243.226 199.59.243.226	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1 2	2a02:26f0:480... 2a02:26f0:480:d91::1771	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	7

8 199.59.243.226 (United States)

ASN16509 (AMAZON-02, US)

ww25.barium.coinbase.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:d91::1771 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	coinbase.site ww25.barium.coinbase.site	83 KB
2	godaddy.com 1 redirects www.godaddy.com — Cisco Umbrella Rank: 41315 nz.godaddy.com Failed	3 KB
2	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 6209
2	google.com www.google.com — Cisco Umbrella Rank: 10	54 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5754	264 B
15	5

	Domain	Requested by
8	ww25.barium.coinbase.site	ww25.barium.coinbase.site
2	www.godaddy.com	1 redirects ww25.barium.coinbase.site
2	syndicatedsearch.goog	www.google.com
2	www.google.com	ww25.barium.coinbase.site
1	partner.googleadservices.com	www.google.com
0	nz.godaddy.com Failed
15	6

This site contains no links.

Subject Issuer	Validity	Valid
ww25.barium.coinbase.site R10	`2024-08-18` - `2024-11-16`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
syndicatedsearch.goog WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.godaddy.com Go Daddy Secure Certificate Authority - G2	`2023-10-10` - `2024-11-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site
Frame ID: 96E06E5935A976A44983C4747D559E6B
Requests: 13 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol311%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=fi&ivt=0&rpbu=https%3A%2F%2Fww25.barium.coinbase.site%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=5311723979674974&num=0&output=afd_ads&domain_name=ww25.barium.coinbase.site&v=3&bsl=8&pac=0&u_his=1&u_tz=180&dt=1723979674975&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=662499046&rurl=https%3A%2F%2Fww25.barium.coinbase.site%2F
Frame ID: DAA5E50DCC95ABF304C9A72D344B850B
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol311%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&sct=ID%3Db3893593620ab26b%3AT%3D1723979675%3ART%3D1723979675%3AS%3DALNI_MYHGFCjjcDX3C9WBYAkt9dbi3uxSA&sc_status=6&hl=fi&ivt=0&rpbu=https%3A%2F%2Fww25.barium.coinbase.site%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=7921723979676513&num=0&output=afd_ads&domain_name=ww25.barium.coinbase.site&v=3&bsl=8&pac=0&u_his=2&u_tz=180&dt=1723979676514&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=662499046&rurl=https%3A%2F%2Fww25.barium.coinbase.site%2Flisting&referer=https%3A%2F%2Fww25.barium.coinbase.site%2F
Frame ID: 6576C1F15B8B217AF4F33B8BF8CE0FCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access Denied

Page URL History Show full URLs

http://ww25.barium.coinbase.site/ HTTP 307
https://ww25.barium.coinbase.site/ HTTP 307
https://ww25.barium.coinbase.site/ Page URL
https://ww25.barium.coinbase.site/listing Page URL
https://www.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site HTTP 302
https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

139 kB
Transfer

383 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww25.barium.coinbase.site/ HTTP 307
https://ww25.barium.coinbase.site/ HTTP 307
https://ww25.barium.coinbase.site/ Page URL
https://ww25.barium.coinbase.site/listing Page URL
https://www.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site HTTP 302
https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ww25.barium.coinbase.site/ HTTP 307
https://ww25.barium.coinbase.site/ HTTP 307
https://ww25.barium.coinbase.site/

Request Chain 13

https://www.godaddy.com/favicon.ico HTTP 302
https://ie.godaddy.com/favicon.ico HTTP 301
https://nz.godaddy.com/favicon.ico HTTP 302
https://ie.godaddy.com/favicon.ico HTTP 301
https://nz.godaddy.com/favicon.ico HTTP 302
https://ie.godaddy.com/favicon.ico HTTP 301
https://nz.godaddy.com/favicon.ico HTTP 302
https://ie.godaddy.com/favicon.ico HTTP 301
https://nz.godaddy.com/favicon.ico HTTP 302
https://ie.godaddy.com/favicon.ico HTTP 301
https://nz.godaddy.com/favicon.ico HTTP 302
https://ie.godaddy.com/favicon.ico HTTP 301
https://nz.godaddy.com/favicon.ico

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ww25.barium.coinbase.site/
Redirect Chain

http://ww25.barium.coinbase.site/
https://ww25.barium.coinbase.site/
https://ww25.barium.coinbase.site/

1 KB
2 KB

239ms
76ms

Document
text/html

199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c050d44643f1f3d1e2d5268f0ddf3198eca0d6d67a0df9392af0e45932b78c4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ch: sec-ch-prefers-color-scheme
Cache-Control: no-store, max-age=0
Connection: close
Content-Length: 1074
Content-Type: text/html; charset=utf-8
Critical-Ch: sec-ch-prefers-color-scheme
Date: Sun, 18 Aug 2024 11:14:33 GMT
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Polu35/CDAc/KGFqKw1W1Sw0tOxnBwFnONby2rDf1uSgQIbL1/kU+zce0A1q7xfmrVHTSNsKrnuYhNMsFmxEvg==
X-Request-Id: 489b15d0-f201-4930-b2cc-2075850cc3cd

Redirect headers

Location: https://ww25.barium.coinbase.site/

GET
H/1.1 200
OK byysVDdsv.js Show response
ww25.barium.coinbase.site/ 33 KB
33 KB 231ms
75ms Script
application/javascript 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/byysVDdsv.js
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344

Request headers

Referer: https://ww25.barium.coinbase.site/
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 11:14:34 GMT
Connection: close
Content-Length: 33929
X-Request-Id: d87f5acb-5f8a-4418-86f8-b1d2959eaadd
Content-Type: application/javascript; charset=utf-8

POST
H/1.1 200
OK _fd Show response
ww25.barium.coinbase.site/ 6 KB
6 KB 240ms
86ms Fetch
application/json 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/_fd
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/byysVDdsv.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f464ce94299f113f0440fe55b7c43fea324536d27a11f8e2c0c67627d17c1b9

Request headers

Accept: application/json
Referer: https://ww25.barium.coinbase.site/
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 18 Aug 2024 11:14:34 GMT
Connection: close
Content-Length: 5693
X-Request-Id: 88d42a69-2390-4296-ba73-25418a51461e
Content-Type: application/json; charset=utf-8

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 151 KB
54 KB 192ms
70ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Requested by

Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/byysVDdsv.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

sffe /

Resource Hash

ce952758aedf20296f1b0f38a2dfc65cbeb9185a68f7bd92e042a12bed528e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww25.barium.coinbase.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 11:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "17393070178228125085"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Sun, 18 Aug 2024 11:14:34 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 380 B
264 B 156ms
81ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.barium.coinbase.site&client=partner-dp-bodis30_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

04e1e41c3b43c4cd09986e7289743c3bf0447c0dcdf9e78a2b850d034d974943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww25.barium.coinbase.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 11:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242
x-xss-protection: 0

GET
H2 200 ads
syndicatedsearch.goog/afs/ Frame DAA5 0
0 266ms
133ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol311%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=fi&ivt=0&rpbu=https%3A%2F%2Fww25.barium.coinbase.site%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=5311723979674974&num=0&output=afd_ads&domain_name=ww25.barium.coinbase.site&v=3&bsl=8&pac=0&u_his=1&u_tz=180&dt=1723979674975&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=662499046&rurl=https%3A%2F%2Fww25.barium.coinbase.site%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-1lg-yjKel2cYK_JEVzYzZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://ww25.barium.coinbase.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 572
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1lg-yjKel2cYK_JEVzYzZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sun, 18 Aug 2024 11:14:35 GMT
expires: Sun, 18 Aug 2024 11:14:35 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

POST
H/1.1 200
OK _zc Show response
ww25.barium.coinbase.site/ 161 B
662 B 361ms
201ms Fetch
text/html 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/_zc
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/byysVDdsv.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: d6a27e91807667854488cb3729e1c4b039bfbb4afe9665aad3e12a17848af078

Request headers

Accept: application/json
Referer: https://ww25.barium.coinbase.site/
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.122.0
Date: Sun, 18 Aug 2024 11:14:35 GMT
Content-Encoding: gzip
Pragma: no-cache
Server: openresty
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 160
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK listing Show response
ww25.barium.coinbase.site/ 1 KB
2 KB 227ms
75ms Document
text/html 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/listing
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/byysVDdsv.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6e98907012322631f8c2405c91c8f16e577b1793dbe709067ba7b598de30a7a9

Request headers

Referer: https://ww25.barium.coinbase.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-prefers-color-scheme: light

Response headers

Accept-Ch: sec-ch-prefers-color-scheme
Cache-Control: no-store, max-age=0
Connection: close
Content-Length: 1150
Content-Type: text/html; charset=utf-8
Critical-Ch: sec-ch-prefers-color-scheme
Date: Sun, 18 Aug 2024 11:14:35 GMT
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_on3iNCkNP0reZ0t8sXPN1557Prm1Bict//p/rRgYJuN5+pESJJMbUe2HU0R8gsO+/YGKozD1l7NfiDC6MApH2Q==
X-Request-Id: f1aa66c8-7749-4b4b-b51a-da47a4cf36f3

GET
H/1.1 200
OK bEDLmVzeI.js Show response
ww25.barium.coinbase.site/ 33 KB
33 KB 225ms
75ms Script
application/javascript 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/bEDLmVzeI.js
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/listing
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344

Request headers

Referer: https://ww25.barium.coinbase.site/listing
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 11:14:35 GMT
Connection: close
Content-Length: 33929
X-Request-Id: 2bd5579a-58ba-4ac1-a1fe-af129b8e024b
Content-Type: application/javascript; charset=utf-8

POST
H/1.1 200
OK _fd Show response
ww25.barium.coinbase.site/ 6 KB
6 KB 232ms
82ms Fetch
application/json 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/_fd
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/bEDLmVzeI.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e6b595dae8c376841c9405fc7c039a8decb4b72d968dd14cad3d74ae43e39ef2

Request headers

Accept: application/json
Referer: https://ww25.barium.coinbase.site/listing
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 18 Aug 2024 11:14:35 GMT
Connection: close
Content-Length: 5693
X-Request-Id: 3eae7340-ab84-497b-8a28-838395e7deb6
Content-Type: application/json; charset=utf-8

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 151 KB
0 192ms
70ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Requested by

Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/bEDLmVzeI.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

sffe /

Resource Hash

ce952758aedf20296f1b0f38a2dfc65cbeb9185a68f7bd92e042a12bed528e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww25.barium.coinbase.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 11:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "17393070178228125085"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Sun, 18 Aug 2024 11:14:34 GMT

GET
H3 200 ads
syndicatedsearch.goog/afs/ Frame 6576 0
0 144ms
144ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol311%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&sct=ID%3Db3893593620ab26b%3AT%3D1723979675%3ART%3D1723979675%3AS%3DALNI_MYHGFCjjcDX3C9WBYAkt9dbi3uxSA&sc_status=6&hl=fi&ivt=0&rpbu=https%3A%2F%2Fww25.barium.coinbase.site%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=7921723979676513&num=0&output=afd_ads&domain_name=ww25.barium.coinbase.site&v=3&bsl=8&pac=0&u_his=2&u_tz=180&dt=1723979676514&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=662499046&rurl=https%3A%2F%2Fww25.barium.coinbase.site%2Flisting&referer=https%3A%2F%2Fww25.barium.coinbase.site%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-gyFankAMJElxC0rRFZ97SA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://ww25.barium.coinbase.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2647
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gyFankAMJElxC0rRFZ97SA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sun, 18 Aug 2024 11:14:36 GMT
expires: Sun, 18 Aug 2024 11:14:36 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

POST
H/1.1 200
OK _tr
ww25.barium.coinbase.site/ 2 B
300 B 230ms
76ms Fetch
application/json 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww25.barium.coinbase.site/_tr
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/bEDLmVzeI.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: application/json
Referer: https://ww25.barium.coinbase.site/listing
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 18 Aug 2024 11:14:36 GMT
Connection: close
Content-Length: 2
X-Request-Id: f0a26c99-831f-44b8-9a3d-7bbb22c26522
Content-Type: application/json; charset=utf-8

GET
H2

403

Primary Request find Show response
www.godaddy.com/en-ie/domainsearch/
Redirect Chain

https://www.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site
https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site

407 B
2 KB

81ms
81ms

Document
text/html

2a02:26f0:480:d91::1771
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site
Requested by: Host: ww25.barium.coinbase.site
URL: https://ww25.barium.coinbase.site/bEDLmVzeI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d91::1771 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: ad66e1eda06d2e754854bf76ec8df49c5f728b90242929a692ce2ea3ddaf80e2

Request headers

Referer: https://ww25.barium.coinbase.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 407
content-type: text/html
date: Sun, 18 Aug 2024 11:14:37 GMT
expires: Sun, 18 Aug 2024 11:14:37 GMT
mime-version: 1.0
pragma: no-cache
server: AkamaiGHost
server-timing: ak_p; desc="1723979677005_34911175_91018143_14_24158_54_0_255";dur=1
x-arc: 20

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Sun, 18 Aug 2024 11:14:36 GMT
expires: Sun, 18 Aug 2024 11:14:36 GMT
location: https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site
pragma: no-cache
server: AkamaiGHost
server-timing: ak_p; desc="1723979676822_34911175_91017942_12_11559_54_113_255";dur=1
x-arc: 2 20

GET

favicon.ico
nz.godaddy.com/
Redirect Chain

https://www.godaddy.com/favicon.ico
https://ie.godaddy.com/favicon.ico
https://nz.godaddy.com/favicon.ico
https://ie.godaddy.com/favicon.ico
https://nz.godaddy.com/favicon.ico
https://ie.godaddy.com/favicon.ico
https://nz.godaddy.com/favicon.ico
https://ie.godaddy.com/favicon.ico
https://nz.godaddy.com/favicon.ico
https://ie.godaddy.com/favicon.ico
https://nz.godaddy.com/favicon.ico
https://ie.godaddy.com/favicon.ico
https://nz.godaddy.com/favicon.ico

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nz.godaddy.com
URL: https://nz.godaddy.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ww25.barium.coinbase.site/	1970-01-20 22:53:00	Name: parking_session Value: c1cdc412-cf19-4990-be68-0be414131b6e
.coinbase.site/	1970-01-21 08:14:35	Name: __gsas Value: ID=b3893593620ab26b:T=1723979675:RT=1723979675:S=ALNI_MYHGFCjjcDX3C9WBYAkt9dbi3uxSA
.godaddy.com/	1970-01-20 22:53:03	Name: AKA_A2 Value: A
.godaddy.com/	1970-01-21 07:38:35	Name: _abck Value: F8C3EC42BFE8D9D9DC16DEACB4FFD450~-1~YAAQx7MUAkH43l6RAQAAEz0yZQzICcxGOmhX2RtiD9Gf0eDF+GQSEEcF4B8/RIvVEtiagR8eKuBNtxw7N8MOaEl5vEhf0cSNcbsyEbHhHp06Omc8q9sxgh6CSLSCBGDfn+uKvrzg2xc9yPXC8U5A8KrSvS+HA1ze1LR1MywPJ3a1CAxKwIue8ypDMc9ZQUeuj400/ZfBcnvuSn8j3ACF7UKQpyuATg1pXk0N2jnSFUak9Ta7a4lDNsFhfRtfo9pOOMMKj/crykL5YLum1eHnBGoCgQ4knTxLho9ZVNqNO266vidgkH4B9UO2HemoWMQgSXQmmZa4HJ9XPCY4fTBYyZkvPnP93vEcCnQUB4UnpS40JYwxNV1ERNUK4xE=~-1~-1~-1
.godaddy.com/	1970-01-21 07:38:35	Name: currency Value: EUR
.godaddy.com/	1970-01-20 22:53:03	Name: bm_ss Value: ab8e18ef4e
.godaddy.com/	1970-01-20 23:37:38	Name: bm_s Value: YAAQx7MUAkf43l6RAQAAZj0yZQFBzRTM9wOb6H3QVfoeX8Iy5Utu5rNWUajPRD95gzlfnJZXNLmaKcdjBGhe7pjxV5nmQlfKIP2KeUJcEH1JQ+nT2gpbdYHNXFvy3kmffmKJsoE3RdB+UJHNepBricChlcUg1mDZ0s4YPMafBntoGGEzBcsdvFlf35uSfqGgw80BrYmGotpqZkmyG9wEBPpg165TqH737b6UL2vFUc2dGKToZ9m38Y5tzEZUiYpGcKVZ/33YTahx9gf+s+Cckjly0XhOVbwoNOiA5gwbKKOfHviqxBLZkWQ+XrKQnShZ+F2CylqZGM58u+m5ccIAKoND
.godaddy.com/	1970-01-20 22:53:14	Name: bm_sz Value: 48592B6C38115DE0B42E2D483097CE7B~YAAQx7MUAkj43l6RAQAAZj0yZRiCMiswtT9A1LBxBB2pZnltTwo04W+6uxc/na+VlhZ+HIabNi0IydNhgAe8ski98GA/aZvAgyWmfq/FXNPxaCvw45EhnZz8a1r6HsY+wumHlQqio4k16kP0f9BOEuRsnYks1RXf81B6enrJXBHCvLPzwiNtg7AZTBSHBjaNH4O9iIxYw/AyVY7s9L2tbfqkvN/5PN0KmnV/t52By0yYbFtnrCzQYMPYzHdCgEA6Mxyfy+xhU5YZ9nBVCIMpJ+FYDJJwqyXwUIf5Qk3Ttcc+uTOjTzbN1/XLIgvJTwwQphAM8h5D1IzTSUm8HyKm6+6p5Uimf4vKXbfkFYZGVKY/fzesnr0njhQS/PaxW2+yN1wbxaXv9Eltek6PiMkj9QYv9Udzo+6rZ/k=~4604978~3551283
.godaddy.com/	1970-01-20 22:53:06	Name: ak_bmsc Value: 6480D17919056F828B24BE5C650FF319~000000000000000000000000000000~YAAQx7MUAlX43l6RAQAAOD4yZRjs6QzpsYqevSECa4mm5pIEq9F4UEXC5rpEvyv8kZRYOh2j4uB6b1Tp+ql8+fu7cDVlEbc7cqT0zHaXmhdQShjuLLREbFk1CyqNvEyuYhpvyZ4JTXhdNJDy1hOr4zAKl0ttkHjbGR/Mt6HkroQEPPuqNY9JgDOyMoPYKgnF9jhxYbVOOflw/fAAJpq2h4hbuaI8Ix7K9RKm3P7w8Mb6rRALTq/0FGEzVcbRXFWOgs7h2rsGoV0RPn5belmDGZJvu0L9kLmWZ2kXGvBONcApsboIw4V7YB1L4ugqbGqMmCqj/A/H+xKtA4qoA/NAYOvEEUbvRZBFZQlPR2EjorsDSUtIPB2IoZqhyj7HY+AYi1zk3t6H/0quVLV6YcZDGWyw
.godaddy.com/	1970-01-21 07:38:35	Name: market Value: en-NZ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.godaddy.com/en-ie/domainsearch/find?checkAvail=1&domainToCheck=coinbase.site Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nz.godaddy.com
partner.googleadservices.com
syndicatedsearch.goog
ww25.barium.coinbase.site
www.godaddy.com
www.google.com
nz.godaddy.com
142.250.186.132
172.217.16.194
172.217.18.14
199.59.243.226
2a00:1450:4001:828::200e
2a02:26f0:480:d91::1771
04e1e41c3b43c4cd09986e7289743c3bf0447c0dcdf9e78a2b850d034d974943
2f464ce94299f113f0440fe55b7c43fea324536d27a11f8e2c0c67627d17c1b9
6e98907012322631f8c2405c91c8f16e577b1793dbe709067ba7b598de30a7a9
ad66e1eda06d2e754854bf76ec8df49c5f728b90242929a692ce2ea3ddaf80e2
b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344
c050d44643f1f3d1e2d5268f0ddf3198eca0d6d67a0df9392af0e45932b78c4f
ce952758aedf20296f1b0f38a2dfc65cbeb9185a68f7bd92e042a12bed528e0e
d6a27e91807667854488cb3729e1c4b039bfbb4afe9665aad3e12a17848af078
e6b595dae8c376841c9405fc7c039a8decb4b72d968dd14cad3d74ae43e39ef2

www.godaddy.com Open in urlscan Pro 2a02:26f0:480:d91::1771 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

139 kBTransfer

383 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

10 Cookies

1 Console Messages

Indicators

www.godaddy.com Open in urlscan Pro
2a02:26f0:480:d91::1771 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

139 kB
Transfer

383 kB
Size

10
Cookies

15 HTTP transactions
0 data transactions