ScanMalware.com

Security Scan Report: coinbasextesion.gitbook.io

Submitted: Nov 15, 2025, 6:35:48 AMCompleted: Nov 15, 2025, 6:37:03 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 0 countries across 4 domains to perform 43 HTTP transactions. The main domain is coinbasextesion.gitbook.io.

Submitted URL: https://coinbasextesion.gitbook.io/us/

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Impersonates Coinbase on an unranked gitbook.io subdomain; likely phishing.

Risk Factors
Brand impersonation on an untrusted domain
Typo‑squatting domain name
UNRANKED domain with no reputation
New/unknown domain age
Use of a third‑party hosting service for a brand‑specific extension page
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Coinbase® Extension® - Coinbase® Extension® | us

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

cryptocurrency blockchain

(91%)

Domain Information

Within the British Indian Ocean Territory country-code top-level domain (.io), 'coinbasextesion.gitbook.io' is registered; it also runs on subdomain 'coinbasextesion'. The core label 'gitbook' covers 7 characters with 3 vowels and 4 consonants. Segmentation suggests three words: g, it, book. Average segment length settles at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://coinbasextesion.gitbook.io/us/

Page Load Overview

38.65s
Total Load Time
43
HTTP Requests
4
Domains
154 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:353 chars
Detector Agreement:100%

Website Classification

Primary Category

cryptocurrency blockchain91% confidence
Type: spa
Method: ml+structural

All Detected Categories

cryptocurrency blockchain
91%
technology software
72%
finance banking
56%
cryptocurrency
22%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
10104.18.41.89UnknownUnknown
3172.64.147.188UnknownUnknown
3172.64.147.209UnknownUnknown
3104.18.40.47UnknownUnknown
3172.64.146.167UnknownUnknown
3104.18.40.68UnknownUnknown
32a06:98c1:310d::ac40:92a7UnknownUnknown
32606:4700:4408::6812:2844UnknownUnknown
32606:4700:4402::ac40:93d1UnknownUnknown
32a06:98c1:3101::ac40:93bcUnknownUnknown
4312--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T175D3D70A6100F2455EB2DE14633ABD3EC0DDD6179BBCC8ADF20DD5A51B8923B1BE3961

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:He3gasUyvV3xF/MTTcE7cEsN2CcROQFoQU/8AGo/u9/g:osgy

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:130440:FiCEqIFgB6CYRMABAtAADQCINTaI0EkCNNgVUQDLAosOebLDFCTFQUGBPREEKLQIRAwhBReFxi3BKFEDQQ5CtAmABwSDCRIU

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7c7ffffc7c3ffff
Perceptual Hash:b3898d328bcd26ce
Difference Hash:5d1e04580d8d004c
Wavelet Hash:0003c7e7c3c3cf1f
Color Hash:#4042bf

Other Hashes

Crop Resistant:5d1e04580d8d004c,13e4e4b1a0c4c848

Scan History

Scan history not available

Unable to load historical scan data