urlscan.io logo urlscan.io
SecurityTrails logo

softech.paypro.info Open in urlscan Pro
5.61.54.215  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://softech.paypro.info/
Effective URL: https://softech.paypro.info/
Submission: On August 31 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 21 HTTP transactions. The main IP is 5.61.54.215, located in Dronten, Netherlands and belongs to SCALAXY-AS, NL. The main domain is softech.paypro.info.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.
This is the only time softech.paypro.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 15 5.61.54.215 58061 (SCALAXY-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
21 5
15    5.61.54.215 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, NL)
softech.paypro.info
1    2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 paypro.info
softech.paypro.info
274 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 384
101 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 792
88 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1014 B
21 5
Domain Requested by
15 softech.paypro.info 1 redirects softech.paypro.info
unpkg.com
3 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net softech.paypro.info
cdn.jsdelivr.net
2 unpkg.com 1 redirects softech.paypro.info
1 fonts.googleapis.com softech.paypro.info
21 5

This site contains no links.

Subject Issuer Validity Valid
softech.paypro.info
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://softech.paypro.info/
Frame ID: C64D53C2ABDC79A2923BCC2B9DCC46A2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment solution for MT4 / MT5

Page URL History Show full URLs

  1. http://softech.paypro.info/ HTTP 301
    https://softech.paypro.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

95 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

488 kB
Transfer

1646 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://softech.paypro.info/ HTTP 301
    https://softech.paypro.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
softech.paypro.info/
Redirect Chain
  • http://softech.paypro.info/
  • https://softech.paypro.info/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c7aeafde608de83f2f1b32e94567ec5bebf5319287fe7b97e83944e3dcd92d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 11:50:51 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
Vary
Accept-Encoding
expires
-1
pragma
no-cache

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Wed, 31 Aug 2022 11:50:51 GMT
Location
https://softech.paypro.info:443/
Server
nginx/1.18.0
Transfer-Encoding
chunked
landing.js
softech.paypro.info/js/ 		578 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/js/landing.js
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d2053dd207e4be1f41269b50fd4f99e1f66050cf57cb741713e312535ec6be7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Apr 2022 19:57:23 GMT
Server
nginx/1.18.0
ETag
"90800-5dd57c0608ec0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Accept-Ranges
bytes
css2
fonts.googleapis.com/ 		3 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600&display=swap
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36bed36fbfb75daa50564e6a45a1a95ac13ac50dc6f742f8f7538c855ddfa8c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 10:32:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 11:50:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 11:50:51 GMT
landing.css
softech.paypro.info/css/ 		205 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/css/landing.css
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dc48e386339fc1ab68817db89138b2f1f06f7dce0ba1263372c8710c356c6119
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Apr 2022 19:57:23 GMT
Server
nginx/1.18.0
ETag
"333dd-5dd57c0608ec0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Strict-Transport-Security
max-age=31536000;
Accept-Ranges
bytes
Content-Length
27449
stripe.svg
softech.paypro.info/images/gateways/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/stripe.svg
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
06fb7688d2ea73c329eb5303d2f1d34f611fc1e7717fcd34d1c5fedabe3de551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Sun, 09 Jan 2022 00:19:44 GMT
Server
nginx/1.18.0
ETag
"526-5d51b2d46c800"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1318
anet.svg
softech.paypro.info/images/gateways/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/anet.svg
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d71dc97e9162d5a7e1ccc52dfe33a1affc076ae2e49ae0dc41dfc0d952cd51f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Fri, 07 Jan 2022 02:02:20 GMT
Server
nginx/1.18.0
ETag
"3036-5d4f460852300"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12342
vogue.svg
softech.paypro.info/images/gateways/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/vogue.svg
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
adbbbb4d4ad395bc91f9d3cc7bd0d6484fef7ba4f8234a7c970c03d385d80be2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Fri, 07 Jan 2022 01:51:21 GMT
Server
nginx/1.18.0
ETag
"1f95-5d4f4393d9840"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8085
coinbase.svg
softech.paypro.info/images/gateways/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/coinbase.svg
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Fri, 07 Jan 2022 02:43:15 GMT
Server
nginx/1.18.0
ETag
"ecc-5d4f4f2d976c0"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3788
bitpay.svg
softech.paypro.info/images/gateways/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/bitpay.svg
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9847f5410ae7fae865a9aa256fafb352f825f7a808333459188ed34fd6733652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Fri, 07 Jan 2022 02:44:14 GMT
Server
nginx/1.18.0
ETag
"1358-5d4f4f65dbb80"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4952
vouchermatic.png
softech.paypro.info/images/gateways/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/vouchermatic.png
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2295d8a7bb3de237430226f70f989ceaf953cf5ca9c8471052d7d0187281aeca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Fri, 07 Jan 2022 02:07:26 GMT
Server
nginx/1.18.0
ETag
"6d94-5d4f472c25380"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28052
2fav.png
softech.paypro.info/images/gateways/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://softech.paypro.info/images/gateways/2fav.png
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d53553d7f6f876c1f7cfc85a4ab87cbf69ea7b84c61b25c210b2f507013e95f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Last-Modified
Fri, 07 Jan 2022 02:10:14 GMT
Server
nginx/1.18.0
ETag
"5be4-5d4f47cc5cd80"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23524
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js
337 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:50:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
11054530
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"54557-mEzLpqpg5bSX6hg9TQvipFKQcc8"
fly-request-id
01G1GDD6DE3MWSYMTXPVYY7JWM-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74358d0d2b2a9bd0-FRA

Redirect headers

date
Wed, 31 Aug 2022 11:50:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GBSVNVZC7YHZY2FQ3274RBYW-fra
server
cloudflare
age
161
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74358d0ccaa49bd0-FRA
access-control-allow-origin
*
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ 		72 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Requested by
Host: softech.paypro.info
URL: https://softech.paypro.info/css/landing.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:50:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6162964
x-jsd-version
1.7.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19175-FRA, cache-iad-kiad7000024-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"11e37-gaZqnrLenLCs4BvyXVKzdrhY6WA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA4mw2wOC20MbJc62bKIz5cyrGhcMh6lLLUjomyFwYzpSyMIR7yE7WyzMTqzrYyL9OnQME0wO%2FC2IaFNaeoLim%2Bn2pK7tWBM1Wp9khsPiuDTiFRDq6tVthGfmSTqRfpZrk4Q8GVSbs0guvN%2B8Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
74358d0d28879202-FRA
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://softech.paypro.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 21:23:03 GMT
x-content-type-options
nosniff
age
570468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 21:23:03 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://softech.paypro.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:24:53 GMT
x-content-type-options
nosniff
age
577558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:24:53 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/bootstrap-icons.woff2?30af91bf14e37666a085fb8a161ff36d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Origin
https://softech.paypro.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:50:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14092154
x-jsd-version
1.7.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92064
x-served-by
cache-fra19137-FRA, cache-hhn4047-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"167a0-ABUDSebr2vJiivnqTlbWsC29o5M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFFtwdIarFA%2F8PEH1SwihTgyL1pO9K%2FNTdvWDqQedNCSrk5nSCwTDc3PFv2OPnIMi3VOJXeMJp%2Fb0unRWfjy3wHikWIoaHbn0k5%2BVMzcjDnu2VEHxgaVZfMrU21CIQHD0BqAMXE%2B6dZCaUHGXq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
74358d0d8e709a03-FRA
pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://softech.paypro.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:37:12 GMT
x-content-type-options
nosniff
age
576819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7932
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:37:12 GMT
logo.json
softech.paypro.info/images/ 		72 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/images/logo.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
210169cae4bfbd721c23150102e9d7b7288cb596c998b0b4aa1b3fa4cfeb8ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 03:18:49 GMT
Server
nginx/1.18.0
ETag
W/"11e67-5d4f5720bb840"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive
logo.json
softech.paypro.info/images/ 		72 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/images/logo.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
210169cae4bfbd721c23150102e9d7b7288cb596c998b0b4aa1b3fa4cfeb8ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 03:18:49 GMT
Server
nginx/1.18.0
ETag
W/"11e67-5d4f5720bb840"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive
manage.json
softech.paypro.info/images/ 		52 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/images/manage.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b7f3f0e42f63e77e269c896c067220da81dd0a3055e7b6ad0b1f2c07b7ef4b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 04:06:36 GMT
Server
nginx/1.18.0
ETag
W/"d1b3-5d4f61ceeab00"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive
manage.json
softech.paypro.info/images/ 		52 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softech.paypro.info/images/manage.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.61.54.215 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b7f3f0e42f63e77e269c896c067220da81dd0a3055e7b6ad0b1f2c07b7ef4b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://softech.paypro.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 11:50:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 04:06:36 GMT
Server
nginx/1.18.0
ETag
W/"d1b3-5d4f61ceeab00"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions number| uidEvent function| $

2 Cookies

Domain/Path Name / Value
softech.paypro.info/ Name: XSRF-TOKEN
Value: eyJpdiI6Ikk3SmxIdkpJRTFQU050QXdWYWl1eUE9PSIsInZhbHVlIjoiSVI4c3lsUG04SkZzci9BV3RlYUFwUXZvUmNobjZyelh6V2pDQUE5dktvMkV1ZGZPTXBCWFBOS1MxOXpiOXZ4Rk84ek9BNTRsM1Flb1FtYkRxWjgxZm5PMEQ2ekUzUlB2cGJ0K1ZPRUU1cDc1clcvMDU2alJFUnFLOEhZMEEwY0EiLCJtYWMiOiIyODI5NDI5OWVmNWE4ODViYWViOTQ5OTZmMmE2ZDg0ZjNmMTY3MDI4MTg5YTM1YjgzMDkxNjIwZjU0NzFiZmU0IiwidGFnIjoiIn0%3D
softech.paypro.info/ Name: paypro_session
Value: eyJpdiI6ImFaaUFCeHpWeW5zcFJ5RGhDdEQ2a0E9PSIsInZhbHVlIjoicEtvZkt5WmlYcXlQbCs4a3JWVk92RFFHc2F4QUVFbVNiOHZQSmtyQ3kzMnVMTzEzcDNQeUptUDFsWkxWdk55My9ycVJITU1rcks0OUVEbGFtQkltZjlRS1BnRjZWemZycmFRYVMyNy8zY0FnVWFiTSs0OWRCazZoUVlsTmNFS2IiLCJtYWMiOiIyZGZmNGJmOThiMGE5OWE1NTJjMmRlMzQ5YjI4OGRhM2IwNzI1MzYzYTNiYzExYTc3MjE3OWZhZDdjNGI0YmMwIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
softech.paypro.info
unpkg.com
2606:4700::6810:5914
2606:4700::6810:7caf
2a00:1450:4001:828::2003
2a00:1450:400e:80c::200a
5.61.54.215
06fb7688d2ea73c329eb5303d2f1d34f611fc1e7717fcd34d1c5fedabe3de551
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
210169cae4bfbd721c23150102e9d7b7288cb596c998b0b4aa1b3fa4cfeb8ec3
2295d8a7bb3de237430226f70f989ceaf953cf5ca9c8471052d7d0187281aeca
36bed36fbfb75daa50564e6a45a1a95ac13ac50dc6f742f8f7538c855ddfa8c5
6b7f3f0e42f63e77e269c896c067220da81dd0a3055e7b6ad0b1f2c07b7ef4b6
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9847f5410ae7fae865a9aa256fafb352f825f7a808333459188ed34fd6733652
99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868
adbbbb4d4ad395bc91f9d3cc7bd0d6484fef7ba4f8234a7c970c03d385d80be2
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
c7aeafde608de83f2f1b32e94567ec5bebf5319287fe7b97e83944e3dcd92d27
d2053dd207e4be1f41269b50fd4f99e1f66050cf57cb741713e312535ec6be7c
d53553d7f6f876c1f7cfc85a4ab87cbf69ea7b84c61b25c210b2f507013e95f3
d71dc97e9162d5a7e1ccc52dfe33a1affc076ae2e49ae0dc41dfc0d952cd51f4
dc48e386339fc1ab68817db89138b2f1f06f7dce0ba1263372c8710c356c6119
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149