softech.paypro.info
Open in
urlscan Pro
5.61.54.215
Malicious Activity!
Public Scan
Effective URL: https://softech.paypro.info/
Submission: On August 31 via manual from DE — Scanned from NL
Summary
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.
This is the only time softech.paypro.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Coinbase (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 5.61.54.215 5.61.54.215 | 58061 (SCALAXY-AS) (SCALAXY-AS) | |
1 | 2a00:1450:400... 2a00:1450:400e:80c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2606:4700::68... 2606:4700::6810:7caf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
paypro.info
1 redirects
softech.paypro.info |
274 KB |
3 |
gstatic.com
fonts.gstatic.com |
24 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 384 |
101 KB |
2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 792 |
88 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
1014 B |
21 | 5 |
Domain | Requested by | |
---|---|---|
15 | softech.paypro.info |
1 redirects
softech.paypro.info
unpkg.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn.jsdelivr.net |
softech.paypro.info
cdn.jsdelivr.net |
2 | unpkg.com |
1 redirects
softech.paypro.info
|
1 | fonts.googleapis.com |
softech.paypro.info
|
21 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
softech.paypro.info R3 |
2022-06-24 - 2022-09-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://softech.paypro.info/
Frame ID: C64D53C2ABDC79A2923BCC2B9DCC46A2
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Payment solution for MT4 / MT5Page URL History Show full URLs
-
http://softech.paypro.info/
HTTP 301
https://softech.paypro.info/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://softech.paypro.info/
HTTP 301
https://softech.paypro.info/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
- https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
softech.paypro.info/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
landing.js
softech.paypro.info/js/ |
578 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 1014 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
landing.css
softech.paypro.info/css/ |
205 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stripe.svg
softech.paypro.info/images/gateways/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anet.svg
softech.paypro.info/images/gateways/ |
12 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vogue.svg
softech.paypro.info/images/gateways/ |
8 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coinbase.svg
softech.paypro.info/images/gateways/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bitpay.svg
softech.paypro.info/images/gateways/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vouchermatic.png
softech.paypro.info/images/gateways/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2fav.png
softech.paypro.info/images/gateways/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/ Redirect Chain
|
337 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ |
72 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ |
90 KB 91 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.json
softech.paypro.info/images/ |
72 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.json
softech.paypro.info/images/ |
72 KB 9 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manage.json
softech.paypro.info/images/ |
52 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manage.json
softech.paypro.info/images/ |
52 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Coinbase (Crypto Exchange)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions number| uidEvent function| $2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
softech.paypro.info/ | Name: XSRF-TOKEN Value: eyJpdiI6Ikk3SmxIdkpJRTFQU050QXdWYWl1eUE9PSIsInZhbHVlIjoiSVI4c3lsUG04SkZzci9BV3RlYUFwUXZvUmNobjZyelh6V2pDQUE5dktvMkV1ZGZPTXBCWFBOS1MxOXpiOXZ4Rk84ek9BNTRsM1Flb1FtYkRxWjgxZm5PMEQ2ekUzUlB2cGJ0K1ZPRUU1cDc1clcvMDU2alJFUnFLOEhZMEEwY0EiLCJtYWMiOiIyODI5NDI5OWVmNWE4ODViYWViOTQ5OTZmMmE2ZDg0ZjNmMTY3MDI4MTg5YTM1YjgzMDkxNjIwZjU0NzFiZmU0IiwidGFnIjoiIn0%3D |
|
softech.paypro.info/ | Name: paypro_session Value: eyJpdiI6ImFaaUFCeHpWeW5zcFJ5RGhDdEQ2a0E9PSIsInZhbHVlIjoicEtvZkt5WmlYcXlQbCs4a3JWVk92RFFHc2F4QUVFbVNiOHZQSmtyQ3kzMnVMTzEzcDNQeUptUDFsWkxWdk55My9ycVJITU1rcks0OUVEbGFtQkltZjlRS1BnRjZWemZycmFRYVMyNy8zY0FnVWFiTSs0OWRCazZoUVlsTmNFS2IiLCJtYWMiOiIyZGZmNGJmOThiMGE5OWE1NTJjMmRlMzQ5YjI4OGRhM2IwNzI1MzYzYTNiYzExYTc3MjE3OWZhZDdjNGI0YmMwIiwidGFnIjoiIn0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
softech.paypro.info
unpkg.com
2606:4700::6810:5914
2606:4700::6810:7caf
2a00:1450:4001:828::2003
2a00:1450:400e:80c::200a
5.61.54.215
06fb7688d2ea73c329eb5303d2f1d34f611fc1e7717fcd34d1c5fedabe3de551
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
210169cae4bfbd721c23150102e9d7b7288cb596c998b0b4aa1b3fa4cfeb8ec3
2295d8a7bb3de237430226f70f989ceaf953cf5ca9c8471052d7d0187281aeca
36bed36fbfb75daa50564e6a45a1a95ac13ac50dc6f742f8f7538c855ddfa8c5
6b7f3f0e42f63e77e269c896c067220da81dd0a3055e7b6ad0b1f2c07b7ef4b6
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9847f5410ae7fae865a9aa256fafb352f825f7a808333459188ed34fd6733652
99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868
adbbbb4d4ad395bc91f9d3cc7bd0d6484fef7ba4f8234a7c970c03d385d80be2
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
c7aeafde608de83f2f1b32e94567ec5bebf5319287fe7b97e83944e3dcd92d27
d2053dd207e4be1f41269b50fd4f99e1f66050cf57cb741713e312535ec6be7c
d53553d7f6f876c1f7cfc85a4ab87cbf69ea7b84c61b25c210b2f507013e95f3
d71dc97e9162d5a7e1ccc52dfe33a1affc076ae2e49ae0dc41dfc0d952cd51f4
dc48e386339fc1ab68817db89138b2f1f06f7dce0ba1263372c8710c356c6119
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149