paxfulpay.org
Open in
urlscan Pro
2606:4700:3030::ac43:8492
Malicious Activity!
Public Scan
Effective URL: https://paxfulpay.org/
Submission: On November 28 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.
This is the only time paxfulpay.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Paxful (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2606:4700:303... 2606:4700:3030::ac43:8492 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2606:4700:303... 2606:4700:3030::ac43:8b77 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
paxfulpay.org
paxfulpay.org |
818 KB |
6 |
fontawesome.com
ka-f.fontawesome.com — Cisco Umbrella Rank: 6059 |
301 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
9 | paxfulpay.org |
paxfulpay.org
|
6 | ka-f.fontawesome.com |
paxfulpay.org
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
paxfulpay.org WE1 |
2024-11-27 - 2025-02-25 |
3 months | crt.sh |
ka-f.fontawesome.com WE1 |
2024-10-27 - 2025-01-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://paxfulpay.org/
Frame ID: A1BE6C52BA0B34A9F12427DD478DC24F
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Paxful Pay | Trade Payment PlatformPage URL History Show full URLs
-
http://paxfulpay.org/
HTTP 307
https://paxfulpay.org/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://paxfulpay.org/
HTTP 307
https://paxfulpay.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
paxfulpay.org/ Redirect Chain
|
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
home.css
paxfulpay.org/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tailwind.min.css
paxfulpay.org/css/ |
3 MB 291 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2dce5fa11f.js
paxfulpay.org/js/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bank1.jpg
paxfulpay.org/images/ |
125 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bank2.jpg
paxfulpay.org/images/ |
136 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
join.png
paxfulpay.org/images/ |
248 KB 249 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
paxfulpay.org/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
94 KB 23 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
27 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
823 B 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
2 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
paxfulpay.org/ |
275 B 868 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ |
115 KB 116 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ |
154 KB 154 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Paxful (Crypto Exchange)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FontAwesomeKitConfig0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ka-f.fontawesome.com
paxfulpay.org
2606:4700:3030::ac43:8492
2606:4700:3030::ac43:8b77
0199f932df43684b1711c0cf9638a0cc946a6627b9f64279da858e0bebac5beb
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
20d5a8b072a4572fe26a9be3e64325f963b5fe2a2cbb52f51a329eafe8ec6957
2b005c7cf61850fe295c6d1a88803c9d34ae02a47345676da07424b71bcc55fe
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
8cc2be8e5e5480d998b0722706e82103928914f50fd719bba7ba1dfa165c45f8
97808cf1efc1c8a6d1cf8f7a6afe77c1aa3c923886b0c895f30ba4e383872745
c50040a019d72d5db87b89749d5729d5d2a6f3787256b8fc58b676ac7d8033ee
d2c0b85f2f8348840ebf7da214910cd95c939caf17d09b8d4e1ce3744b06b1dd
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
eb087b33dffb219f4fc71c06de37382827a2427e9cb14dbcd57332cf4be98eb8
f692a388265e80994782bb8f7b401237bfdb03e8e3c0e99a7ba194e6f967f8dd
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221
fbc06682f3201104d3b42374b0652d00157af7031891f8e06063db4f4b1977c5