ScanMalware.com

Security Scan Report: coinbaseextenson.gitbook.io

Submitted: Dec 13, 2025, 10:32:05 PMCompleted: Dec 13, 2025, 10:32:44 PMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 1 country across 4 domains to perform 43 HTTP transactions. The main domain is coinbaseextenson.gitbook.io and was registered NaN years ago.

Submitted URL: https://coinbaseextenson.gitbook.io/us/

AI Security Verdict

Low Risk

Confidence: 70%

4
Risk Score

Page mimics Coinbase but lacks malicious elements; low risk.

Risk Factors
Brand impersonation / typo‑squatting
Domain is unranked in Cisco Umbrella (not in top 1 M)
Safety Factors
No credential or payment forms present
No malicious Indicators of Compromise matches found
GitBook platform is reputable and domain age >10 years
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by Cloudflare bot protection. Our scanner was challenged or blocked during access.

Page Title

Getting Started: Wallet Extension - Coinbase | us

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(67%)

Domain Information

The domain name 'coinbaseextenson.gitbook.io' uses the British Indian Ocean Territory country-code top-level domain (.io); it also runs on subdomain 'coinbaseextenson'. The core label 'gitbook' covers 7 characters holding three vowels versus four consonants. Splitting it apart reveals 3 words: g, it, book. Median word length comes out to two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://coinbaseextenson.gitbook.io/us/

Page Load Overview

7.43s
Total Load Time
43
HTTP Requests
4
Domains
152 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:359 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking67% confidence
Type: spa
Method: ml+structural

All Detected Categories

finance banking
67%
cryptocurrency blockchain
67%
technology software
67%
documentation technical
54%
healthcare medical
31%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
10104.18.41.89United States
AS13335CLOUDFLARENET
3104.18.40.47United States
AS13335CLOUDFLARENET
3172.64.147.209United States
AS13335CLOUDFLARENET
3172.64.147.188United States
AS13335CLOUDFLARENET
3172.64.146.167United States
AS13335CLOUDFLARENET
32a06:98c1:310d::ac40:92a7United States
AS13335CLOUDFLARENET
32606:4700:4404::6812:2959United States
AS13335CLOUDFLARENET
32606:4700:4407::6812:282fUnited States
AS13335CLOUDFLARENET
32606:4700:4402::ac40:93d1United States
AS13335CLOUDFLARENET
32a06:98c1:3101::ac40:93bcUnited States
AS13335CLOUDFLARENET
4312--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1ACB3E70A6100F7065EB2DE15633A7D3A809EE627D778D0AEF34ED9E5078813F0BA7954

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:sf3qLAyhvvt/dv2vJ0JIxlEj416yjXBh+q3nRvIOuP1lJcERsUFYh+wSGkPCcljQ:C3grRV3xzLzU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:113415:AEHCDEpAYBAIuOyIAUEKxrAlYCA0oAQqAAEkAYZApAASV0dbOAoJgyMwAMShaHzzUBYdtCuIAACigAmQwYAhYFD4GVGCHZRh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:c3c3f7c7e7ffffff
Perceptual Hash:b3304c6333d8cece
Difference Hash:1f1e041c0c000040
Wavelet Hash:00c3c3c7c4fcfc3c
Color Hash:#409bbf

Other Hashes

Crop Resistant:1f1e041c0c000040

Scan History

Scan history not available

Unable to load historical scan data