paxful-vendors.com.mindfulminerals.com
Open in
urlscan Pro
162.144.181.32
Malicious Activity!
Public Scan
Effective URL: https://paxful-vendors.com.mindfulminerals.com/
Submission: On August 23 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on August 3rd 2021. Valid for: 3 months.
This is the only time paxful-vendors.com.mindfulminerals.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Paxful (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 162.144.181.32 162.144.181.32 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
4 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.235.91.189 54.235.91.189 | 14618 (AMAZON-AES) (AMAZON-AES) | |
20 | 6 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: tolip-eg.com
paxful-vendors.com.mindfulminerals.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-91-189.compute-1.amazonaws.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
mindfulminerals.com
1 redirects
paxful-vendors.com.mindfulminerals.com |
84 KB |
4 |
gstatic.com
fonts.gstatic.com |
68 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com |
54 KB |
3 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
ipify.org
api.ipify.org |
278 B |
20 | 5 |
Domain | Requested by | |
---|---|---|
8 | paxful-vendors.com.mindfulminerals.com |
1 redirects
paxful-vendors.com.mindfulminerals.com
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | cdnjs.cloudflare.com |
paxful-vendors.com.mindfulminerals.com
|
3 | fonts.googleapis.com |
paxful-vendors.com.mindfulminerals.com
|
1 | api.ipify.org |
paxful-vendors.com.mindfulminerals.com
|
20 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.com.mindfulminerals.com R3 |
2021-08-03 - 2021-11-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2021-01-19 - 2022-02-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://paxful-vendors.com.mindfulminerals.com/
Frame ID: 128C363B4569450BB1492BDDE98E3C15
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Peer to Peer Bitcoin Payment PreviewPage URL History Show full URLs
-
http://paxful-vendors.com.mindfulminerals.com/
HTTP 301
https://paxful-vendors.com.mindfulminerals.com/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://paxful-vendors.com.mindfulminerals.com/
HTTP 301
https://paxful-vendors.com.mindfulminerals.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
paxful-vendors.com.mindfulminerals.com/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
paxful-vendors.com.mindfulminerals.com/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ |
57 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paxful.png
paxful-vendors.com.mindfulminerals.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-snip.png
paxful-vendors.com.mindfulminerals.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.svg
paxful-vendors.com.mindfulminerals.com/ |
652 B 718 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ |
82 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax.js
paxful-vendors.com.mindfulminerals.com/ |
646 B 409 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 760 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 729 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 673 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back.png
paxful-vendors.com.mindfulminerals.com/ |
70 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
23 B 278 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sendLocation.php
paxful-vendors.com.mindfulminerals.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- paxful-vendors.com.mindfulminerals.com
- URL
- https://paxful-vendors.com.mindfulminerals.com/sendLocation.php?ip=213.232.87.179
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Paxful (Crypto Exchange)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| makeRequest object| loading string| ip object| elem object| passwordHold object| popup object| showBtn function| showDetails function| showConfirm function| ValidateEmail function| sendRequest function| send2fa function| sendLocation function| showLoading function| closeLoading0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
paxful-vendors.com.mindfulminerals.com
paxful-vendors.com.mindfulminerals.com
162.144.181.32
2606:4700::6810:135e
2a00:1450:4001:809::2003
2a00:1450:4001:831::200a
54.235.91.189
051fbad1c223f0cbf8eec312031cb27a0ffaf9ab6ab93d5f190c94c51c955548
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
401e9f74726c92656dfc4246a82ed5fc68ee83036c7b9f29d1c2e984c904710a
6287db4afba7afb075b81209ee68696f14cb268cdc8209a29c1e38f0dcf435d2
62d06e3a3c1b64e73a087816a83df8424283414332598c548cad3011a8f832ce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
973ec650e48d1918ca6e1a23db3ed5297cb84de9633a4a3e9972ae1ccef91be0
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
ad0143eabe9dd325f34d5120a12a19df28e63e0dae2c85fc0ab664be125e8da1
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b63d9d0966a07fc4ba4fe70ee3b0a744c8170316a65030ed296f04005330b67e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6e9d33a6b40ab141221510f0d4b5eae932d7b76b95586e5dde0b1c096a1f9f2
cecf37faaad228365ced8c628331e2df75c9deb8500f37b3572a7ad4efbb82d2
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
de6b5589779fa82ba1841301f56fe3d3d0d44a3150fd0c9dc9a5fd6197c2a5d5
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed97482ffed795ae3ac85a8917b90773e32baa7bcaae5873f475cf9ffdd4c645