paxful-vendors.com.mindfulminerals.com Open in urlscan Pro
162.144.181.32  Malicious Activity! Public Scan

Submitted URL: http://paxful-vendors.com.mindfulminerals.com/
Effective URL: https://paxful-vendors.com.mindfulminerals.com/
Submission: On August 23 via automatic, source openphish

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 162.144.181.32, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is paxful-vendors.com.mindfulminerals.com.
TLS certificate: Issued by R3 on August 3rd 2021. Valid for: 3 months.
This is the only time paxful-vendors.com.mindfulminerals.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Paxful (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 8 162.144.181.32 46606 (UNIFIEDLA...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.235.91.189 14618 (AMAZON-AES)
20 6
Domain Requested by
8 paxful-vendors.com.mindfulminerals.com 1 redirects paxful-vendors.com.mindfulminerals.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdnjs.cloudflare.com paxful-vendors.com.mindfulminerals.com
3 fonts.googleapis.com paxful-vendors.com.mindfulminerals.com
1 api.ipify.org paxful-vendors.com.mindfulminerals.com
20 5

This site contains no links.

Subject Issuer Validity Valid
*.com.mindfulminerals.com
R3
2021-08-03 -
2021-11-01
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-26 -
2021-10-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2021-01-19 -
2022-02-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://paxful-vendors.com.mindfulminerals.com/
Frame ID: 128C363B4569450BB1492BDDE98E3C15
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Peer to Peer Bitcoin Payment Preview

Page URL History Show full URLs

  1. http://paxful-vendors.com.mindfulminerals.com/ HTTP 301
    https://paxful-vendors.com.mindfulminerals.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

208 kB
Transfer

401 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paxful-vendors.com.mindfulminerals.com/ HTTP 301
    https://paxful-vendors.com.mindfulminerals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paxful-vendors.com.mindfulminerals.com/
Redirect Chain
  • http://paxful-vendors.com.mindfulminerals.com/
  • https://paxful-vendors.com.mindfulminerals.com/
10 KB
3 KB
Document
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
ed97482ffed795ae3ac85a8917b90773e32baa7bcaae5873f475cf9ffdd4c645
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:method
GET
:authority
paxful-vendors.com.mindfulminerals.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
server
Apache
content-security-policy
upgrade-insecure-requests;
vary
Accept-Encoding
content-encoding
gzip
content-length
3213
content-type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 23 Aug 2021 01:19:12 GMT
Server
Apache
Content-Security-Policy
upgrade-insecure-requests;
Location
https://paxful-vendors.com.mindfulminerals.com/
Content-Length
255
Keep-Alive
timeout=5, max=75
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
style.css
paxful-vendors.com.mindfulminerals.com/
7 KB
2 KB
Stylesheet
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/style.css
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
62d06e3a3c1b64e73a087816a83df8424283414332598c548cad3011a8f832ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
paxful-vendors.com.mindfulminerals.com
referer
https://paxful-vendors.com.mindfulminerals.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 03:24:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
2209
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2275979
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I46PGoVbcFEKI7jghsYjrKIimwTGFaOoHu2IoHwf0ylwBu4l36UL0kibU5rwNOV%2F4yrBk3a5gqky%2BNbHA%2FqUuXyjfHBaiqZA176Vpx6VwZaJLC%2FiOJMI%2FZ%2F%2BDHjI9twUHsPH%2BcWNztAj%2FuTRGFoyzMC8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683082ed9d943250-FRA
expires
Sat, 13 Aug 2022 01:19:13 GMT
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
57 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/fontawesome.min.css
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://paxful-vendors.com.mindfulminerals.com
Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3315104
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10262
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e238"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVcG7lh35aT76BE2Vj7rf910Z9dPzUABLRM4XYY2FSMyGL4TMkHCuzdjVpAMLbTC65xTsaK1c9ejTwMypCupotrx0ncIxLOIPYP%2FW9iTtFP3DopIm9qNiIFyz0kPiUedC0QEpjnJ3RHfTCfO54Ippqa1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683082eda90d175a-FRA
expires
Sat, 13 Aug 2022 01:19:13 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
362959
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10491
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD2gJZ%2FVNC269XW6RInzW%2FH2TkHftWGt1Xjk5hKOR1Y8eHdeI4%2FmjA5B1VeftLvrAAZSVBn%2FXMSWD%2F5lvZfyuy9JU8AxqRTRrnfGvkMmxo%2BnwVHVsEDCKYS%2B4AZxZGJGbP99Zdh8AnvFPDNTVitfofwK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683082ed9d973250-FRA
expires
Sat, 13 Aug 2022 01:19:13 GMT
paxful.png
paxful-vendors.com.mindfulminerals.com/
4 KB
4 KB
Image
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/paxful.png
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
de6b5589779fa82ba1841301f56fe3d3d0d44a3150fd0c9dc9a5fd6197c2a5d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/paxful.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
paxful-vendors.com.mindfulminerals.com
referer
https://paxful-vendors.com.mindfulminerals.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
last-modified
Fri, 22 Jan 2021 23:17:28 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
3834
server
Apache
content-type
image/png
lang-snip.png
paxful-vendors.com.mindfulminerals.com/
3 KB
3 KB
Image
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/lang-snip.png
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
973ec650e48d1918ca6e1a23db3ed5297cb84de9633a4a3e9972ae1ccef91be0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/lang-snip.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
paxful-vendors.com.mindfulminerals.com
referer
https://paxful-vendors.com.mindfulminerals.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
last-modified
Fri, 22 Jan 2021 23:17:28 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
2940
server
Apache
content-type
image/png
icon.svg
paxful-vendors.com.mindfulminerals.com/
652 B
718 B
Image
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/icon.svg
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
401e9f74726c92656dfc4246a82ed5fc68ee83036c7b9f29d1c2e984c904710a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/icon.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
paxful-vendors.com.mindfulminerals.com
referer
https://paxful-vendors.com.mindfulminerals.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
last-modified
Thu, 15 Apr 2021 07:05:28 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
652
server
Apache
content-type
image/svg+xml
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/
82 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
958604
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26660
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pPvdbmtpAM4nFT4G%2FScB%2B01ug8Ffr4RERBL2WcLa%2FgyEBVf9aL5VLsvw%2FEw6FGVppCb48pCwebt%2BocoAP%2BnnyXNORG0iPkFHzObePYPN11MrHOqRyTD2zKhRdn9cxD%2BFcjTSW%2B1%2B0l2LKqIukWmT0%2F9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
683082ed9d993250-FRA
expires
Sat, 13 Aug 2022 01:19:13 GMT
ajax.js
paxful-vendors.com.mindfulminerals.com/
646 B
409 B
Script
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/ajax.js
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
b63d9d0966a07fc4ba4fe70ee3b0a744c8170316a65030ed296f04005330b67e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/ajax.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
paxful-vendors.com.mindfulminerals.com
referer
https://paxful-vendors.com.mindfulminerals.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 18:57:10 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
331
css2
fonts.googleapis.com/
4 KB
760 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&family=Open+Sans&display=swap
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cecf37faaad228365ced8c628331e2df75c9deb8500f37b3572a7ad4efbb82d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 01:19:13 GMT
server
ESF
date
Mon, 23 Aug 2021 01:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 01:19:13 GMT
css2
fonts.googleapis.com/
4 KB
729 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6287db4afba7afb075b81209ee68696f14cb268cdc8209a29c1e38f0dcf435d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 Aug 2021 23:35:36 GMT
server
ESF
date
Mon, 23 Aug 2021 01:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 01:19:13 GMT
css2
fonts.googleapis.com/
3 KB
673 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad0143eabe9dd325f34d5120a12a19df28e63e0dae2c85fc0ab664be125e8da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 00:32:13 GMT
server
ESF
date
Mon, 23 Aug 2021 01:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 01:19:13 GMT
back.png
paxful-vendors.com.mindfulminerals.com/
70 KB
71 KB
Image
General
Full URL
https://paxful-vendors.com.mindfulminerals.com/back.png
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.181.32 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tolip-eg.com
Software
Apache /
Resource Hash
c6e9d33a6b40ab141221510f0d4b5eae932d7b76b95586e5dde0b1c096a1f9f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/back.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
paxful-vendors.com.mindfulminerals.com
referer
https://paxful-vendors.com.mindfulminerals.com/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paxful-vendors.com.mindfulminerals.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:19:13 GMT
last-modified
Thu, 15 Apr 2021 07:09:04 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
71786
server
Apache
content-type
image/png
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paxful-vendors.com.mindfulminerals.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:31:26 GMT
x-content-type-options
nosniff
age
521267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:31:26 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paxful-vendors.com.mindfulminerals.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:36:10 GMT
x-content-type-options
nosniff
age
520983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:36:10 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paxful-vendors.com.mindfulminerals.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:17 GMT
x-content-type-options
nosniff
age
521396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:17 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paxful-vendors.com.mindfulminerals.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options
nosniff
age
521218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:15 GMT
/
api.ipify.org/
23 B
278 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: paxful-vendors.com.mindfulminerals.com
URL: https://paxful-vendors.com.mindfulminerals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.91.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-91-189.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
051fbad1c223f0cbf8eec312031cb27a0ffaf9ab6ab93d5f190c94c51c955548

Request headers

Referer
https://paxful-vendors.com.mindfulminerals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 01:19:14 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://paxful-vendors.com.mindfulminerals.com
Connection
keep-alive
Content-Length
23
sendLocation.php
paxful-vendors.com.mindfulminerals.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paxful-vendors.com.mindfulminerals.com
URL
https://paxful-vendors.com.mindfulminerals.com/sendLocation.php?ip=213.232.87.179

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Paxful (Crypto Exchange)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| makeRequest object| loading string| ip object| elem object| passwordHold object| popup object| showBtn function| showDetails function| showConfirm function| ValidateEmail function| sendRequest function| send2fa function| sendLocation function| showLoading function| closeLoading

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://paxful-vendors.com.mindfulminerals.com/(Line 288)
Message:
{"ip":"213.232.87.179"}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
paxful-vendors.com.mindfulminerals.com
paxful-vendors.com.mindfulminerals.com
162.144.181.32
2606:4700::6810:135e
2a00:1450:4001:809::2003
2a00:1450:4001:831::200a
54.235.91.189
051fbad1c223f0cbf8eec312031cb27a0ffaf9ab6ab93d5f190c94c51c955548
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
401e9f74726c92656dfc4246a82ed5fc68ee83036c7b9f29d1c2e984c904710a
6287db4afba7afb075b81209ee68696f14cb268cdc8209a29c1e38f0dcf435d2
62d06e3a3c1b64e73a087816a83df8424283414332598c548cad3011a8f832ce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
973ec650e48d1918ca6e1a23db3ed5297cb84de9633a4a3e9972ae1ccef91be0
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
ad0143eabe9dd325f34d5120a12a19df28e63e0dae2c85fc0ab664be125e8da1
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b63d9d0966a07fc4ba4fe70ee3b0a744c8170316a65030ed296f04005330b67e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6e9d33a6b40ab141221510f0d4b5eae932d7b76b95586e5dde0b1c096a1f9f2
cecf37faaad228365ced8c628331e2df75c9deb8500f37b3572a7ad4efbb82d2
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
de6b5589779fa82ba1841301f56fe3d3d0d44a3150fd0c9dc9a5fd6197c2a5d5
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed97482ffed795ae3ac85a8917b90773e32baa7bcaae5873f475cf9ffdd4c645