aupay.monster Open in urlscan Pro
2606:4700:3030::ac43:d3f9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aupay.monster/
Effective URL:
https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0
Submission Tags: krdprod
Submission: On August 27 via api (August 27th 2021, 1:47:32 pm UTC) from JP

Summary HTTP 16 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3030::ac43:d3f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is aupay.monster.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 27th 2021. Valid for: a year.

This is the only time aupay.monster was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au ID (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
1 17	2606:4700:303... 2606:4700:3030::ac43:d3f9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

17 2606:4700:3030::ac43:d3f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aupay.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	aupay.monster 1 redirects aupay.monster	94 KB
16	1

	Domain	Requested by
17	aupay.monster	1 redirects aupay.monster
16	1

This site contains links to these domains. Also see Links.

Domain
id.auone.jp
connect.auone.jp
www.kddi.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-27` - `2022-08-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0
Frame ID: 3DBD13406E1CD77E1FF1E2CD1E3A46BB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

au IDログイン

Page URL History Show full URLs

https://aupay.monster/ HTTP 302
https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

93 kB
Transfer

199 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://id.auone.jp/id/sp/content/note/privatebrowsing.html
Title: プライベートブラウズのオフ設定手順は、こちら

Search URL Search Domain Scan URL

URL: https://connect.auone.jp/net/vw/cca_eu_net/cca?ID=ENET0250&ttype=reminder&targeturl=https%3A%2F%2Fwallet.auone.jp%2Findex.html%3Fstate%3Dlogin
Title: パスワードを忘れた方はこちら

Search URL Search Domain Scan URL

URL: https://id.auone.jp/access_chk.html?ctid=idregist&ttype=register&targeturl=https%3A%2F%2Fwallet.auone.jp%2Findex.html%3Fstate%3Dlogin
Title: au IDを新規登録するau以外の方もご登録いただけます

Search URL Search Domain Scan URL

URL: https://id.auone.jp/id/sp/legal/auid_terms.html
Title: au ID利用規約

Search URL Search Domain Scan URL

URL: https://id.auone.jp/id/contents/legal/personal_terms.html
Title: 個人情報取扱共通規約

Search URL Search Domain Scan URL

URL: http://www.kddi.com/corporate/kddi/kokai/kojin/index.html?bid=au_ft_0008
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://www.kddi.com/terms/sitepolicy/?aa_oid=we-we-ow-0129
Title: サイトポリシー

Search URL Search Domain Scan URL

URL: https://id.auone.jp/id/pc/legal/optout.html
Title: アクセスデータについて

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aupay.monster/ HTTP 302
https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3-29	200	Primary Request cca Show response aupay.monster/net/vwc/cca_lg_eu_nets/ Redirect Chain https://aupay.monster/ https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0	32 KB 9 KB	10900ms 10888ms	Document text/html	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c2e18d1927b5b6d9f1d1778cc619432379aaf99925672ec1f807083070485690` Request headers :method GET :authority aupay.monster :scheme https :path /net/vwc/cca_lg_eu_nets/cca?loginFlg=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie mercar:sid=s%3A4fc00ab2-d00b-4318-ae55-81aaadecbaae.dwaJ9BMWUpKkW0TPRSA3WEoqJ2%2FVCrBRQzfAcXvGRpE Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:11 GMT content-type text/html; charset=utf-8 x-powered-by Express cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oEDtgZEw8oFLche980nUwt4D3x93qGnR5qp0gfYyejJUC1T1HP1zKoCa%2FZ64B095rZkwfQ2lZJV4HhIzAGVX5iEraKyEpSorUSBrWKW00gJWXzrwEwHA%2BecSqmf43bMXoWP0xmcy9Qp%2FT9H"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6855bfce3a705b86-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Redirect headers date Fri, 27 Aug 2021 13:47:00 GMT content-type text/html; charset=utf-8 x-powered-by Express location /net/vwc/cca_lg_eu_nets/cca?loginFlg=0 vary Accept set-cookie mercar:sid=s%3A4fc00ab2-d00b-4318-ae55-81aaadecbaae.dwaJ9BMWUpKkW0TPRSA3WEoqJ2%2FVCrBRQzfAcXvGRpE; Path=/; HttpOnly cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZVCjtrgMVofCohVJyXuTnVqukotvDfHHbWT%2BDDZ2dhhBRdUME7K7QaZM2XDJ9F7DH%2Bg5Nlpcrn1%2BOuJBaJXKVMfDMrcL8SZ9mSuV3dvC9ThrqTzkG2VU3Kw%2FKdZivIIyy5TXFjkHl4M1beQ"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6855bfc7ef1ac277-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	iosLandscape.css aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/android2/	5 KB 2 KB	2548ms 2547ms	Stylesheet text/css	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/android2/iosLandscape.css?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e202dbb21970fcddc60652ff63eaf2deb78e543f84dccf032359e39d630ac5bd` Request headers :path /net/vwc/cca_lg_eu_nets/resources/style/common/android2/iosLandscape.css?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"15d0-17b8631c374" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQHrQqvYUechZWHzQKAgRdt%2FlMn07BILG96FVb%2BSDfJkPyAYxVFWLWkEuQmoWsTxQQbLhNaMlPH5sWVeHBRK0XbpN6QJyT%2F9DM2%2F44K8xdIYjDdzjRZ5WdQ%2Bikr3H0ZZv5knW7dxAxLTikD8"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A687006cf-59f7-4ebc-9029-432b925dfeee.GC5YOLcYoSx5TU1vqZdc%2BZ4030v7qwxy1XmxNinwHL4; Path=/; HttpOnly cf-ray 6855c012a8ea5b86-FRA
GET H3-29	200	idk.css aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/	38 KB 9 KB	2842ms 2841ms	Stylesheet text/css	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/idk.css?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `353df69d73fef6afcef1e60aa82660632234e1bfb804c3421f9323ce4ce7ae20` Request headers :path /net/vwc/cca_lg_eu_nets/resources/style/common/idk.css?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"988c-17b8631c374" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiNmrndl6g4t9SVqlFs5S1RcEvj%2BtkG0fvUmsZnMwK4lCbIRL6T8DsBlop1fKoX97fRDjIC6WQkqttcWzrkCqn6PPr0CK25vvyD0hl8c6jMk1kmC%2BqhSOP8lieQb%2FSV8bH%2BCPxtc6ukeagQn"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A264782ba-ca42-4493-ad99-4358498890b0.TjfP8BM1VmsZmB3k4THB4K4ZrmYWCQnjGpx%2F9GMgpYY; Path=/; HttpOnly cf-ray 6855c012a8ef5b86-FRA
GET H3-29	200	checkboxRadio.css aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/	4 KB 2 KB	2592ms 2590ms	Stylesheet text/css	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/checkboxRadio.css?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `f9f08fbcfd3780c83c074397f41d2fe8c82c1a6ae9ebae6e70b2729df6c62c65` Request headers :path /net/vwc/cca_lg_eu_nets/resources/style/common/checkboxRadio.css?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"e15-17b8631c374" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BErtoJzmSQyOqx%2FsmmS2lA0ChdMIN2ZXuaPclwoKD4xKPFFkrqvYNdcVaDRi1iMRmkfLN0xdP9B6j34BrxGltHTq5FtjJS5UvBji5xsSd0BRDgQ5lXb2F0AWHf2lRQwz27KUomaNYxQVcBi"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A3206a75d-3145-4bba-b820-7de26ac448ee.JPF4g5aAKPRkw%2BxxmujXORBIG2UpQGXCBaX%2BZvWiKRU; Path=/; HttpOnly cf-ray 6855c012a8f15b86-FRA
GET H3-29	200	au_id.jpg aupay.monster/net/vwc/cca_lg_eu_nets/resources/image/common/	34 KB 35 KB	2835ms 2834ms	Image image/jpeg	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/image/common/au_id.jpg Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `1ec5abc3e4e21e84224089afccec3c1677323ec02fe04f2bbf6083a9b9d3fc2d` Request headers :path /net/vwc/cca_lg_eu_nets/resources/image/common/au_id.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 34778 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"87da-17b8631c372" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxsoSdNHbfomp0uEVPoWQgRdmgFb%2B6ezsxAQuSAQBexHU%2FZjERZrGoxH8gwN1fDbPtWQ3ouedQvmjn%2F5YDEr%2FNsgyFKGkn2nL9GbMlGeyF6Ber4O%2F41AWxiX%2BGTZImqGmGKB%2B6Ebr7yyE1LV"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=0 set-cookie mercar:sid=s%3A5b8cf659-8626-4fb2-985f-6e07b98e7942.VJZZp8aON4UKpIjMERd%2B0fbBr%2B259k56dgwOZ%2BCyVXs; Path=/; HttpOnly accept-ranges bytes cf-ray 6855c012a8f45b86-FRA
GET H3-29	200	login.css aupay.monster/net/vwc/login_contents/resources/style/	6 KB 3 KB	2567ms 2566ms	Stylesheet text/css	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/login_contents/resources/style/login.css Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `3d9a809a8da917349c669555dd7f24cdff4986b21d561fe13e1da469847b43d8` Request headers :path /net/vwc/login_contents/resources/style/login.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"19fa-17b8631c375" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLJaGeUkI53fqXQ%2B0pmdsmm27EkOdv0%2BERNUwTSh1GO%2F3RR1MDqXiVlYCpE1QjyttviAlhJcqC1QipfYiuwu5KEyVFlBgEFq12gN9qXPHNHieZEtHKdi3v%2FY3y5wi2NAepcMEvJR5FZH6wKU"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3Ae3531dbd-3944-4715-b47c-7e38f9ae9e98.oDmm6ChR%2BGYL00GR3t21NEi9jm3mTdZgkh319LqjvLQ; Path=/; HttpOnly cf-ray 6855c012a8f35b86-FRA
GET H3-29	200	iosPortrait.css aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/android2/	2 KB 1 KB	2590ms 2590ms	Stylesheet text/css	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/style/common/android2/iosPortrait.css?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `b899a3f91a72659d5a6864a64915fe2b2f8cca2dfc7188c7c2ce27a34f57d0bc` Request headers :path /net/vwc/cca_lg_eu_nets/resources/style/common/android2/iosPortrait.css?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"63e-17b8631c374" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M88iLUCrgY%2Bhze268gYmT%2FU2EfULCvEi%2Fu%2Faq%2FAB5t8gC4RSsxkzRQA3bP4QfV%2Fu3tUyPkUh9XSj9aeo5rRMyowlnBi%2F%2Bo08oAC1vOtSagVv8tYBJXntC%2FntGEuOclOh0jaOWiZPTBdW%2FPWB"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A90353930-f0eb-4f8e-801d-7320bb6a5553.TpMmTDWJx1gGAS93LLWfJMC%2FK2VSnTwQf5zWFhqZ%2FHI; Path=/; HttpOnly cf-ray 6855c012a8f75b86-FRA
GET H3-29	200	jquery-1.3.1.min.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/jQuery/	54 KB 20 KB	2874ms 2873ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/jQuery/jquery-1.3.1.min.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/jQuery/jquery-1.3.1.min.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:14 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"d7e8-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL1XEJlxQvCsnUXgNUFzxgfl4c6KZTQPau1mn576XG7Bn%2Fg%2F3v2yTU%2BWcoN43RHYMh3EdZya%2BxRW2a1D4jnZ28eb37GlOZreSGQbWTXmMOnwVbmt0WSMTRmJrrwt4wEddBq9TW9vjKLaJfB%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A495b656b-d2bd-47e6-b6df-3ff78791c039.WuyXB4y5%2F0g0l5ymkuV%2BBFpUUuVGN418QPd8%2Bq9mwZ0; Path=/; HttpOnly cf-ray 6855c013eb2f5b86-FRA
GET H3-29	200	login.js Show response aupay.monster/net/vwc/login_contents/resources/js/	28 B 752 B	2399ms 2399ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/login_contents/resources/js/login.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `79ba31c982d41925aa67a964dea33962f7727bc9910ee832284d05ae89678669` Request headers :path /net/vwc/login_contents/resources/js/login.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 28 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"1c-17b8631c374" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHr8DepAwGaY2NMriIXtd%2BTCnzHJSPud2yQyndCQDc5z7vIkDK07TNM%2FANWQVrAn6EYDdDXm4mPQNg7%2Bvhi4fs20DHJvdEzOQX8HKReVOPjM4DUOj6iyuVYNc7f7pwecTUMSyTy%2FD5h2qr%2Fq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A21b36aa6-e130-49ce-8a5a-f04a3484116f.cmEAyBU%2BUGlvkWRjKG0v4Sqoq00R4W9dUDmaXAONYyw; Path=/; HttpOnly accept-ranges bytes cf-ray 6855c013eb305b86-FRA
GET H3-29	200	base64url-arraybuffer.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/	2 KB 2 KB	2381ms 2379ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/base64url-arraybuffer.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `569dda928cacd26c2243eda8276b3d9c6e1730283747d6447888419feeb5c619` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/base64url-arraybuffer.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"998-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQd8cC75R8s8qwHHUkdiJXOEF3PD4BoHyDcYDv%2BYSliku80UM7EpEa2SEclWHyleh2oLCO7nYNgcEt2VqEpZe%2BlS%2FyogDH20cYYiAAUFOivV%2BpUb7qY99urxCC2Y6uVud38DnH2wt6jqpDOg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A2c3dfb2d-c5bc-4aac-bea3-9fb3f5bd554e.WIKBGwFTL1ukTzFoSQGMG4JHJcQvzYp3EziLc5ltUJ8; Path=/; HttpOnly cf-ray 6855c013fb345b86-FRA
GET H3-29	200	loginAjax.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/	7 KB 3 KB	2386ms 2384ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/loginAjax.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `4c31296465103d1fa068414256ca253438f06c5da4ea063e6d376f05278f6dfb` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/loginAjax.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"1dc4-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJlbRzdcZCWq%2BvkJ8EYQweRRrWp9NNq9T7D9eOPdA0PgQCqfxtxSYLgq8WMHXIE0mNDUn3q0O%2BqAya%2Fx3qqzUFUO2zX3I6HTYRJA747ZTS0Th3HVZkkYy6m3YtsizPIOVFBqfuDtua1vvPBC"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A7f824f05-888b-4243-b26a-89b93cfec077.qQgdaNtzDkLMVVix8bj0KGuYbr6tL9JjVjnMBdSW6So; Path=/; HttpOnly cf-ray 6855c013fb365b86-FRA
GET H3-29	200	authenticatorAvailableCheck.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/	725 B 1 KB	2387ms 2386ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/authenticatorAvailableCheck.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `97b995d75de0299843e0271fa85880e9410f91dbddadb118aa05f1dfa7789aea` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/authenticatorAvailableCheck.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"2d5-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6OS6ELnUZX48id0ZHt8K9YoizMNRW6a5aZnVtLDOdr3lffQ3SBO1ru9Plm2zZ6HjwEO%2BkDXT2dGX%2Bh%2Fw1NtK7WOF%2FHiqdS9RofCOJnO6p8dsjZi95Moiy6rfm1uxGup8%2Bb5UyfjO0oJm%2B5G"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A5e5abbb3-3409-4c21-98c4-a2bcbf5cdb9e.iF3inUTYOspfdC4KLHRkOS5aIAcOAmIANVKNp%2BjCYOU; Path=/; HttpOnly cf-ray 6855c013fb375b86-FRA
GET H3-29	200	PasswdCheck.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/	10 KB 4 KB	2387ms 2386ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/PasswdCheck.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5db0afc923191de8a9cfeffb20675a0fe8ec25fc558787001c0aca665c5cee93` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/PasswdCheck.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"297a-17b8631c372" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZz058UDAPPBXowlSauohCnqxdq4uOcUYGoJB9J9cHrwEgNLRqbCyH%2Bwxv2HtI3MgZoeNpxGA3oXTZxnkXW6pjcfobzpOC4RyqBlXxoKMKVzb47aHMWAtXtouoVq5KtC5fhudTbkQZyr62bh"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3A4bbe761a-84af-4ca8-9360-f628748a8ff1.xQl%2BHfOLIkXFA5x0%2FNeGLleAqnzLKfOjKfMUHa4nH5M; Path=/; HttpOnly cf-ray 6855c013fb385b86-FRA
GET H3-29	200	ioslogin.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/android2/	2 KB 1 KB	2399ms 2398ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/android2/ioslogin.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `6a9d4dea4658f8f6d8a3a79d7e869841da08601c7a3724a06bd47689a6e556ff` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/android2/ioslogin.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"61b-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFG3mUiVIQ7XOvXVhPY4zbk%2FUJMukedDS%2FX3wIn5BbKOyJVVVmpp%2B%2BUhZZeMxbNVgQb5h0s5jHiTfLOUWupbJgpLcbDF%2FbHgeVuvWEcS%2BHOTRXc1y9iPLHfMSZdT87%2B98%2FBMIVVNkTzY5Lrr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3Afbb2ff2b-8cef-47ad-9aa1-34c710512dde.hTT5CUI2cKuIUgnavBryhv1tjD4CxqeXzlZWiQbgIYc; Path=/; HttpOnly cf-ray 6855c013fb3a5b86-FRA
GET H3-29	200	loginpasswd.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/	800 B 1021 B	2400ms 2399ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/loginpasswd.js?20201110 Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `f8ad688d5858e1a253dfb363bfc21fe2fbd73f24029a2eb3224d79dc9a561918` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/loginpasswd.js?20201110 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"320-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BjKSKitQyWoFgrzwWWmhLk4fyFhInO8okrjUOIg2LHhH4vTh1vl5YL0nCJFgsNO6KLZ0MMuBU%2Bc2ygTW0C3gBu4Sj9D4MPs6L%2FLvgsV3uoMi3kHgdhxu4%2FYXsnbmxKheVO7N4r3OrdFGc5b"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3Ad59c8240-9ec9-4848-adf3-d9b5e7831536.nmRgfCIo7Bc3v4twhr9fG%2FqC7SQZdrt4emGt6j%2FWfQY; Path=/; HttpOnly cf-ray 6855c013fb3b5b86-FRA
GET H3-29	200	trfunction.js Show response aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/	653 B 903 B	2363ms 2362ms	Script application/javascript	2606:4700:3030::ac43:d3f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aupay.monster/net/vwc/cca_lg_eu_nets/resources/js/common/trfunction.js Requested by Host: aupay.monster URL: https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d3f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `dafba89a3ddff97130ec7fa6c9e3b9f16e75d0f5fbc3584eb2396bf0fc0346e1` Request headers :path /net/vwc/cca_lg_eu_nets/resources/js/common/trfunction.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority aupay.monster referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 :scheme https sec-fetch-site same-origin :method GET Referer https://aupay.monster/net/vwc/cca_lg_eu_nets/cca?loginFlg=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 13:47:13 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 27 Aug 2021 06:00:13 GMT server cloudflare etag W/"28d-17b8631c373" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IMEDW%2FE%2FafoQAv95xpQgsHYxxh5cENBctNQu1t6TgD7QzF71ovhXddS0QH0TeGi%2FUe9vRucDK%2BTSErWAtH%2FRphsbNzrWxDNmQC7HpfbGxYpMXSalKTe4%2BDF4J9NkDEbu2SZnqT5OvofDvw7"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 set-cookie mercar:sid=s%3Aa238bc39-0cd3-4cf5-94c0-7e9f34c7d1c2.UaDiVsBPeH0hZA%2FNqBMAqOAeHDlxzpSY5SwMsnh%2FxgQ; Path=/; HttpOnly cf-ray 6855c013fb3d5b86-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au ID (Telecommunication)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aupay.monster/	1969-12-31 23:59:59	Name: mercar:sid Value: s%3A495b656b-d2bd-47e6-b6df-3ff78791c039.WuyXB4y5%2F0g0l5ymkuV%2BBFpUUuVGN418QPd8%2Bq9mwZ0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aupay.monster
2606:4700:3030::ac43:d3f9
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
1ec5abc3e4e21e84224089afccec3c1677323ec02fe04f2bbf6083a9b9d3fc2d
353df69d73fef6afcef1e60aa82660632234e1bfb804c3421f9323ce4ce7ae20
3d9a809a8da917349c669555dd7f24cdff4986b21d561fe13e1da469847b43d8
4c31296465103d1fa068414256ca253438f06c5da4ea063e6d376f05278f6dfb
569dda928cacd26c2243eda8276b3d9c6e1730283747d6447888419feeb5c619
5db0afc923191de8a9cfeffb20675a0fe8ec25fc558787001c0aca665c5cee93
6a9d4dea4658f8f6d8a3a79d7e869841da08601c7a3724a06bd47689a6e556ff
79ba31c982d41925aa67a964dea33962f7727bc9910ee832284d05ae89678669
97b995d75de0299843e0271fa85880e9410f91dbddadb118aa05f1dfa7789aea
b899a3f91a72659d5a6864a64915fe2b2f8cca2dfc7188c7c2ce27a34f57d0bc
c2e18d1927b5b6d9f1d1778cc619432379aaf99925672ec1f807083070485690
dafba89a3ddff97130ec7fa6c9e3b9f16e75d0f5fbc3584eb2396bf0fc0346e1
e202dbb21970fcddc60652ff63eaf2deb78e543f84dccf032359e39d630ac5bd
f8ad688d5858e1a253dfb363bfc21fe2fbd73f24029a2eb3224d79dc9a561918
f9f08fbcfd3780c83c074397f41d2fe8c82c1a6ae9ebae6e70b2729df6c62c65

aupay.monster Open in urlscan Pro 2606:4700:3030::ac43:d3f9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

93 kBTransfer

199 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

66 JavaScript Global Variables

1 Cookies

Indicators

aupay.monster Open in urlscan Pro
2606:4700:3030::ac43:d3f9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

93 kB
Transfer

199 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!