paypayjp.top
Open in
urlscan Pro
103.158.37.30
Malicious Activity!
Public Scan
Submission: On April 23 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time paypayjp.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPay (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 103.158.37.30 103.158.37.30 | 142032 (HFTCL-AS-...) (HFTCL-AS-AP High Family Technology Co.) | |
2 | 2606:4700:303... 2606:4700:3037::ac43:abce | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 172.67.171.206 172.67.171.206 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 18.65.216.54 18.65.216.54 | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 5 |
ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK)
paypayjp.top |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-54.nrt57.r.cloudfront.net
static.paypay.ne.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
htpay0003.cyou
htpay0003.cyou |
4 KB |
7 |
paypayjp.top
paypayjp.top |
359 KB |
2 |
paypay.ne.jp
static.paypay.ne.jp — Cisco Umbrella Rank: 905526 |
78 KB |
19 | 3 |
Domain | Requested by | |
---|---|---|
9 | htpay0003.cyou |
paypayjp.top
|
7 | paypayjp.top |
paypayjp.top
|
2 | static.paypay.ne.jp |
paypayjp.top
|
19 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypay.ne.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
paypayjp.top R3 |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
htpay0003.cyou E1 |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
*.paypay.ne.jp Amazon RSA 2048 M03 |
2024-03-13 - 2025-04-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://paypayjp.top/
Frame ID: 95D369BC2A6F6ECEE063F6937ECA52CD
Requests: 20 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: 新規登録
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
paypayjp.top/ |
473 B 626 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-7b330b2d.js
paypayjp.top/assets/ |
403 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-1a9aa75d.css
paypayjp.top/assets/ |
693 KB 165 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IndexView-37adbc82.js
paypayjp.top/assets/ |
78 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IndexView-8df3af95.css
paypayjp.top/assets/ |
257 B 460 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
paypayjp.top/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
newuser
htpay0003.cyou/index/newapi/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
htpay0003.cyou/index/newapi/ |
12 B 321 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
newuser
htpay0003.cyou/index/newapi/ |
25 B 681 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api
htpay0003.cyou/index/newapi/ |
103 B 652 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zx
htpay0003.cyou/index/newapi/ |
0 567 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
softbank-icon.108c1d32.svg
paypayjp.top/static/img/ |
146 B 146 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web.woff2
static.paypay.ne.jp/font/ |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Semibold-Web.woff2
static.paypay.ne.jp/font/ |
40 KB 41 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ajaxpp
htpay0003.cyou/index/newapi/ |
42 B 615 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
ajaxpp
htpay0003.cyou/index/newapi/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ajaxpp
htpay0003.cyou/index/newapi/ |
42 B 613 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ajaxpp
htpay0003.cyou/index/newapi/ |
42 B 614 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
ajaxpp
htpay0003.cyou/index/newapi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- htpay0003.cyou
- URL
- https://htpay0003.cyou/index/newapi/ajaxpp
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPay (Financial)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
htpay0003.cyou
paypayjp.top
static.paypay.ne.jp
htpay0003.cyou
103.158.37.30
172.67.171.206
18.65.216.54
2606:4700:3037::ac43:abce
026edf5e5d1b243ee3f7df45916d0a5c09fc2512d72752d2fb80f1b27f3bebde
1a9aa75d8dd1e979875c231d2e1ac1afea29844ea6b839ed121b804ea7a428d4
28030ded82c996d4b5f2ac2eb0c5e3f4ee7c461681299b5fa92a9a91ad0a747d
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
6d9477835a788bf110c7d1cf1ff133197c095cef8f74d136213fc0dfc0fe8e9f
84da2f59c67c7fa08de5ab4fe30c401e8b162bde73b7097dcedc50a7d9a80e0b
84eba1c6e94fb18eb3e08334c008b2a822e7f50d58b9d8f217840a308c76eb21
882c93eadef6b4f05100102b215fee8260dc81ec84c78d7d494db7216c542c0b
8839ec2d0b69658b6a87c2ae0fba29ba4bef47b14cc281caca76289b13d187fd
8df3af9521285767e88026bf4037ba170a571106c8c1cf23fca00cd617e15491
9487c5d9ef8bd76b52891b30ace6d3e47ec90b26fcc725a44e952c100ea20536
96db9ca236e4eadf68ca5c79f1e1725270a5d1344021133441f6c9a9d9e48a93
a9eac1732909bcf32e82e8fb791672bb682a1008f3ce64405b479a384433b3d7
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
effef4b4f61a2007b7d3dbe492540ba6e4be3d2b2d6e2d57da78582b57fbc383