URL: https://paypayjp.top/
Submission: On April 23 via manual from JP — Scanned from JP

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 103.158.37.30, located in Hong Kong and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is paypayjp.top.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time paypayjp.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPay (Financial)

Domain & IP information

IP Address AS Autonomous System
7 103.158.37.30 142032 (HFTCL-AS-...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 172.67.171.206 13335 (CLOUDFLAR...)
2 18.65.216.54 16509 (AMAZON-02)
19 5
Apex Domain
Subdomains
Transfer
9 htpay0003.cyou
htpay0003.cyou
4 KB
7 paypayjp.top
paypayjp.top
359 KB
2 paypay.ne.jp
static.paypay.ne.jp — Cisco Umbrella Rank: 905526
78 KB
19 3
Domain Requested by
9 htpay0003.cyou paypayjp.top
7 paypayjp.top paypayjp.top
2 static.paypay.ne.jp paypayjp.top
19 3

This site contains links to these domains. Also see Links.

Domain
www.paypay.ne.jp
Subject Issuer Validity Valid
paypayjp.top
R3
2024-04-23 -
2024-07-22
3 months crt.sh
htpay0003.cyou
E1
2024-04-23 -
2024-07-22
3 months crt.sh
*.paypay.ne.jp
Amazon RSA 2048 M03
2024-03-13 -
2025-04-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://paypayjp.top/
Frame ID: 95D369BC2A6F6ECEE063F6937ECA52CD
Requests: 20 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

19
Requests

95 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

441 kB
Transfer

1268 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paypayjp.top/
473 B
626 B
Document
General
Full URL
https://paypayjp.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
effef4b4f61a2007b7d3dbe492540ba6e4be3d2b2d6e2d57da78582b57fbc383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
content-length
473
content-type
text/html
date
Tue, 23 Apr 2024 13:51:31 GMT
etag
"6627b51c-1d9"
last-modified
Tue, 23 Apr 2024 13:18:20 GMT
server
nginx
strict-transport-security
max-age=31536000
index-7b330b2d.js
paypayjp.top/assets/
403 KB
164 KB
Script
General
Full URL
https://paypayjp.top/assets/index-7b330b2d.js
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a9eac1732909bcf32e82e8fb791672bb682a1008f3ce64405b479a384433b3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paypayjp.top/
Origin
https://paypayjp.top
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 13:18:20 GMT
server
nginx
etag
W/"6627b51c-64c7b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 24 Apr 2024 01:51:31 GMT
index-1a9aa75d.css
paypayjp.top/assets/
693 KB
165 KB
Stylesheet
General
Full URL
https://paypayjp.top/assets/index-1a9aa75d.css
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1a9aa75d8dd1e979875c231d2e1ac1afea29844ea6b839ed121b804ea7a428d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
https://paypayjp.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 13:18:20 GMT
server
nginx
etag
W/"6627b51c-ad456"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 24 Apr 2024 01:51:31 GMT
IndexView-37adbc82.js
paypayjp.top/assets/
78 KB
24 KB
Script
General
Full URL
https://paypayjp.top/assets/IndexView-37adbc82.js
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
8839ec2d0b69658b6a87c2ae0fba29ba4bef47b14cc281caca76289b13d187fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://paypayjp.top
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:32 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 13:18:20 GMT
server
nginx
etag
W/"6627b51c-13613"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 24 Apr 2024 01:51:32 GMT
IndexView-8df3af95.css
paypayjp.top/assets/
257 B
460 B
Stylesheet
General
Full URL
https://paypayjp.top/assets/IndexView-8df3af95.css
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
8df3af9521285767e88026bf4037ba170a571106c8c1cf23fca00cd617e15491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
https://paypayjp.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:32 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Apr 2024 13:18:20 GMT
server
nginx
etag
"6627b51c-101"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
257
expires
Wed, 24 Apr 2024 01:51:32 GMT
favicon.ico
paypayjp.top/
4 KB
4 KB
Other
General
Full URL
https://paypayjp.top/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
https://paypayjp.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-10be"
content-type
image/x-icon
accept-ranges
bytes
content-length
4286
newuser
htpay0003.cyou/index/newapi/
0
0
Preflight
General
Full URL
https://htpay0003.cyou/index/newapi/newuser
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:abce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paypayjp.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin
https://paypayjp.top
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
878e5431af8e350b-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Apr 2024 13:51:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2F8oLPjH0oLW0aBTfbdceds773LGlVyV9g098R3yUa2FM0UlhYpeW1%2B5XS8Abw5CJD%2BQYQ3TZZqo6cwXFeGAS0m%2FHINHA10Dengy5A88kDjDb%2B27mTzjuzpzK4uO%2BDjvqyWGG7H8%2BlftJlKk1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
getcountry
htpay0003.cyou/index/newapi/
12 B
321 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/getcountry?password=JP-PAY
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:abce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pl%2BBbfmWjYnlatZACDJRbXDrtd%2BsnnF%2F2osOACJzrfsMlT%2BinU5OKBHaQbIoR74DbXOZVZR4WUkUKdodj3S2CF4DDgj60oI2nAq9uQdrq38ulkP3x5PmKocECG1rT332HMXNY4ElG2cuyGko%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e5431bf91350b-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
newuser
htpay0003.cyou/index/newapi/
25 B
681 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/newuser
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84eba1c6e94fb18eb3e08334c008b2a822e7f50d58b9d8f217840a308c76eb21

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Tue, 23 Apr 2024 13:51:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeW6Gvl6ZQqM8i4Q2YGru7cUYMtIGELh9lvrTMtyoiNB6qki1BJTM4ErcBertQMo1olDlPi3O0nianfTnS%2BiZwkRgqaSlHP2iG1HVwuP5vScHfX2Uo6EuGtDQnYZyg3%2B5A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e5433c9a93bfc-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
api
htpay0003.cyou/index/newapi/
103 B
652 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/api?password=JP-PAY
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28030ded82c996d4b5f2ac2eb0c5e3f4ee7c461681299b5fa92a9a91ad0a747d

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4EvUBcnG%2B55JflXMwW4VFcxKtQ%2Blp4T5mdVLtowhGtKuWy0xFEPZcYDzPLQpeV%2B3oHgp8d%2BCyvp7JAF%2BgBjdMHZUHuTG%2BQi9qWkdQ4roLgVkwL2D5F4r47i3lojPJviDw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e54356c253bfc-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
zx
htpay0003.cyou/index/newapi/
0
567 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/zx?uid=1874&yemian=ospeed1
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tM8YUefrvjctRds9FL7fWbtRIWl3AIozoVDAmU0qbsDQwiWn3oLV1mG1s%2BIRZuNlceDu8%2Fki1DPN%2F0Dzn1gT6wpdr9FT0XCclCn4XPgSxFfnGNwdlVVjMuE6VuTi6ZXg0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e54379fed3bfc-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96db9ca236e4eadf68ca5c79f1e1725270a5d1344021133441f6c9a9d9e48a93

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84da2f59c67c7fa08de5ab4fe30c401e8b162bde73b7097dcedc50a7d9a80e0b

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
882c93eadef6b4f05100102b215fee8260dc81ec84c78d7d494db7216c542c0b

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
softbank-icon.108c1d32.svg
paypayjp.top/static/img/
146 B
146 B
Image
General
Full URL
https://paypayjp.top/static/img/softbank-icon.108c1d32.svg
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-1a9aa75d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.158.37.30 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
https://paypayjp.top/assets/index-1a9aa75d.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 23 Apr 2024 13:51:33 GMT
server
nginx
content-length
146
content-type
text/html
Graphik-Regular-Web.woff2
static.paypay.ne.jp/font/
36 KB
37 KB
Font
General
Full URL
https://static.paypay.ne.jp/font/Graphik-Regular-Web.woff2
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-1a9aa75d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-54.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
026edf5e5d1b243ee3f7df45916d0a5c09fc2512d72752d2fb80f1b27f3bebde
Security Headers
Name Value
X-Xss-Protection 1; report=https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780

Request headers

Referer
https://paypayjp.top/
Origin
https://paypayjp.top
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
5ilXlD5l0v8NlQZ7Pd4jC4XwNDR22wXE
date
Tue, 23 Apr 2024 13:51:34 GMT
via
1.1 d83ceae2f2ed0c829779c7f585d230f0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P4
content-security-policy-report-only
default-src 'self' *.paypay.ne.jp; frame-ancestors 'self' https://www.youtube.com *.paypay-corp.co.jp *.paypay.ne.jp; frame-src 'self' https://www.youtube.com *.paypay.ne.jp paypay.ne.jp *.paypay-corp.co.jp; connect-src 'self' analytics.google.com firebaseinstallations.googleapis.com www.google-analytics.com stats.g.doubleclick.net; img-src 'self' *.paypay.ne.jp www.google.co.jp s.yimg.jp www.googletagmanager.com; script-src 'self' www.googletagmanager.com; script-src-elem 'self' www.googletagmanager.com; report-uri https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
36525
x-xss-protection
1; report=https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780
last-modified
Mon, 01 Mar 2021 03:37:28 GMT
server
AmazonS3
etag
"bb7e8769f1f60cf06fd62052a1059caf"
expect-ct
max-age=86400, report-uri="https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780"
access-control-max-age
600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
h8nHZOy6ChkN4510cPGH4POSeRfsibWTVqts70o3f5iairRuZFMTig==
Graphik-Semibold-Web.woff2
static.paypay.ne.jp/font/
40 KB
41 KB
Font
General
Full URL
https://static.paypay.ne.jp/font/Graphik-Semibold-Web.woff2
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-1a9aa75d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-54.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d9477835a788bf110c7d1cf1ff133197c095cef8f74d136213fc0dfc0fe8e9f
Security Headers
Name Value
X-Xss-Protection 1; report=https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780

Request headers

Referer
https://paypayjp.top/
Origin
https://paypayjp.top
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
COoYnd7IDHod.z2O1wLaXRCGS67k.KXT
date
Tue, 23 Apr 2024 13:51:34 GMT
via
1.1 d83ceae2f2ed0c829779c7f585d230f0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P4
content-security-policy-report-only
default-src 'self' *.paypay.ne.jp; frame-ancestors 'self' https://www.youtube.com *.paypay-corp.co.jp *.paypay.ne.jp; frame-src 'self' https://www.youtube.com *.paypay.ne.jp paypay.ne.jp *.paypay-corp.co.jp; connect-src 'self' analytics.google.com firebaseinstallations.googleapis.com www.google-analytics.com stats.g.doubleclick.net; img-src 'self' *.paypay.ne.jp www.google.co.jp s.yimg.jp www.googletagmanager.com; script-src 'self' www.googletagmanager.com; script-src-elem 'self' www.googletagmanager.com; report-uri https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
40841
x-xss-protection
1; report=https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780
last-modified
Mon, 01 Mar 2021 03:37:28 GMT
server
AmazonS3
etag
"58f03fe229d9f03366b7710e683b4725"
expect-ct
max-age=86400, report-uri="https://sentry.platform.paypay.ne.jp/api/7/security/?sentry_key=ddc3869636314a46b67901b01b2c0780"
access-control-max-age
600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
mgzvQd9Dmi0J6TBGjHyZSbybDD94VNm9L7WcLKfcuh6wqY7Z2KZU5Q==
ajaxpp
htpay0003.cyou/index/newapi/
42 B
615 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/ajaxpp
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9487c5d9ef8bd76b52891b30ace6d3e47ec90b26fcc725a44e952c100ea20536

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Tue, 23 Apr 2024 13:51:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHPa3Uay%2BsZFuOmljYzXXgsB68RFIaR3i6J0dbyUSdRnNspnEdMxR9zLzmUiD%2Ba6hq57DQaYYa4rI3IG246yM7R34qK3XEC2ia8u8eHfFrNEob%2BcUE%2FJQorILvdlFXe%2Bbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e5439aaf33bfc-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
ajaxpp
htpay0003.cyou/index/newapi/
0
0
Preflight
General
Full URL
https://htpay0003.cyou/index/newapi/ajaxpp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paypayjp.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin
https://paypayjp.top
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
878e543848d03bfc-NRT
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 13:51:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KI1X26xpExy4YQ2JFYckRgdXg6vuX6KdkovifeCVVHEMnMON8ipNFVixWJ%2F65KR%2F%2F3moSyifqYqBLOhxmfhxvs1WsHfsYYi40PiSssuWiOUk3amzfTbToQvarx6qG6%2B9lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ajaxpp
htpay0003.cyou/index/newapi/
42 B
613 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/ajaxpp
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9487c5d9ef8bd76b52891b30ace6d3e47ec90b26fcc725a44e952c100ea20536

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Tue, 23 Apr 2024 13:51:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VCm7WnRi0IN0%2BUZanzkfnXMjFD5b769svoRovtTkneioI%2F1H5icyvGfDTWTjNiuEEjvFz8WPbqujdOLSGf%2Fxngw4gMEXiIuNZicSM2uIlKqzoXssfNhvWFCxmaVE7TvnA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e543e0a223bfc-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
ajaxpp
htpay0003.cyou/index/newapi/
42 B
614 B
XHR
General
Full URL
https://htpay0003.cyou/index/newapi/ajaxpp
Requested by
Host: paypayjp.top
URL: https://paypayjp.top/assets/index-7b330b2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9487c5d9ef8bd76b52891b30ace6d3e47ec90b26fcc725a44e952c100ea20536

Request headers

Accept
application/json, text/plain, */*
Referer
https://paypayjp.top/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Tue, 23 Apr 2024 13:51:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paypayjp.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2B5rk3TOd7CqGVlqfmoDUcCGZlJjvbG157VZYrcyF3dC37s6%2FSbiZtSNltAPQHeyINL%2FB8QQxnvWSYsLi2srEnZrRCZwx6saRRic7J5GsfVJ%2BBcl4brR9nb9hEOjE01fhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
878e54445c5f3bfc-NRT
access-control-allow-headers
HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken
alt-svc
h3=":443"; ma=86400
ajaxpp
htpay0003.cyou/index/newapi/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
htpay0003.cyou
URL
https://htpay0003.cyou/index/newapi/ajaxpp

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPay (Financial)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://paypayjp.top/static/img/softbank-icon.108c1d32.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://paypayjp.top/#/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000