paypay-pa.xyz
Open in
urlscan Pro
115.144.69.115
Malicious Activity!
Public Scan
Effective URL: http://paypay-pa.xyz/wap/index.php
Submission: On September 16 via manual from JP — Scanned from JP
Summary
This is the only time paypay-pa.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPay (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 23 | 115.144.69.115 115.144.69.115 | 9286 (KINXIDC-A...) (KINXIDC-AS-KR KINX) | |
1 | 120.52.95.242 120.52.95.242 | 133119 (UNICOM-CN...) (UNICOM-CN China Unicom IP network) | |
2 | 52.84.228.118 52.84.228.118 | 16509 (AMAZON-02) (AMAZON-02) | |
26 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-118.sin2.r.cloudfront.net
static.paypay.ne.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
paypay-pa.xyz
1 redirects
paypay-pa.xyz |
202 KB |
2 |
paypay.ne.jp
static.paypay.ne.jp |
78 KB |
1 |
51.la
js.users.51.la ia.51.la Failed |
6 KB |
26 | 3 |
Domain | Requested by | |
---|---|---|
23 | paypay-pa.xyz |
1 redirects
paypay-pa.xyz
|
2 | static.paypay.ne.jp |
paypay-pa.xyz
|
1 | js.users.51.la |
paypay-pa.xyz
|
0 | ia.51.la Failed |
paypay-pa.xyz
|
26 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypay.ne.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020 |
2020-08-27 - 2022-04-19 |
2 years | crt.sh |
*.paypay.ne.jp Amazon |
2021-06-12 - 2022-07-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://paypay-pa.xyz/wap/index.php
Frame ID: 66932E8A3832D404057C38ADF6BD2E55
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
PayPayPage URL History Show full URLs
-
http://paypay-pa.xyz/
HTTP 302
http://paypay-pa.xyz/wap/index.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: パスワードを忘れた場合
Search URL Search Domain Scan URL
Title: 新規登録
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://paypay-pa.xyz/
HTTP 302
http://paypay-pa.xyz/wap/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
paypay-pa.xyz/wap/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_5a11b65b.ebe4b5b4.css
paypay-pa.xyz/wap/css/ |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_6a2c624d.7721e1ae.css
paypay-pa.xyz/wap/css/ |
44 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_75b50d00.8ac07764.css
paypay-pa.xyz/wap/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_8bc203a9.60f2038a.css
paypay-pa.xyz/wap/css/ |
57 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_9ad0f35b.d8ac3a15.css
paypay-pa.xyz/wap/css/ |
60 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_cf55716b.16ac6807.css
paypay-pa.xyz/wap/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_f71cff67.4091f434.css
paypay-pa.xyz/wap/css/ |
143 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_f37cfb49.83f68f3b.css
paypay-pa.xyz/wap/css/ |
105 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_decfe8fa.d9f8aa42.css
paypay-pa.xyz/wap/css/ |
44 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_26376408.594b78bc.css
paypay-pa.xyz/wap/css/ |
63 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_e56ee1e4.ec478ef8.css
paypay-pa.xyz/wap/css/ |
123 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_2c74cb28.f02e3e6d.css
paypay-pa.xyz/wap/css/ |
73 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_0813552e.c341c856.css
paypay-pa.xyz/wap/css/ |
55 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_fd3d7e42.cc103d9d.css
paypay-pa.xyz/wap/css/ |
118 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_52f62f61.b1cb8aba.css
paypay-pa.xyz/wap/css/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_b423d8ef.91c6eef9.css
paypay-pa.xyz/wap/css/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cashier-page_1f020c9b.656943f6.css
paypay-pa.xyz/wap/css/ |
24 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-paypay.c6544368.svg
paypay-pa.xyz/wap/img/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-clear.26e8e896.svg
paypay-pa.xyz/wap/img/ |
761 B 996 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-eye-open.e5ae2b3d.svg
paypay-pa.xyz/wap/img/ |
877 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.3.1.min.js
paypay-pa.xyz/public/js/ |
54 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
21024213.js
js.users.51.la/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web.woff2
static.paypay.ne.jp/font/ |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Semibold-Web.woff2
static.paypay.ne.jp/font/ |
40 KB 41 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
go1
ia.51.la/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ia.51.la
- URL
- http://ia.51.la/go1?id=21024213&rt=1631803667268&rl=375*667&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1631803667268&tt=PayPay&kw=&cu=http%253A%252F%252Fpaypay-pa.xyz%252Fwap%252Findex.php&pu=
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPay (Financial)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| onorientationchange number| orientation function| $ function| jQuery4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
paypay-pa.xyz/ | Name: PHPSESSID Value: bg4om6a47cs1o0a14pv67iphn6 |
|
paypay-pa.xyz/ | Name: __tins__21024213 Value: %7B%22sid%22%3A%201631803667268%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201631805467268%7D |
|
paypay-pa.xyz/ | Name: __51cke__ Value: |
|
paypay-pa.xyz/ | Name: __51laig__ Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ia.51.la
js.users.51.la
paypay-pa.xyz
static.paypay.ne.jp
ia.51.la
115.144.69.115
120.52.95.242
52.84.228.118
026edf5e5d1b243ee3f7df45916d0a5c09fc2512d72752d2fb80f1b27f3bebde
1046f2d2899a360a8ce6b40425519fbad8449a5448b64c19a6497daa293cc2bc
115a1b9a820a364bb9a9f1de93b264b9f212b81b35a1e17d7ffa6e7403cdaeff
12aafc76d2ef7948f8c01994c55f5a0b981c2cd8f652a35a2888d746cdb83c1d
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
2804f8a2b620e2d69c27a5ac9a4ff9c997c77a164c4bc55ed05967904809cb45
3275247e9699bf3223c2b14fa337844a37ae050b5567a355f6125eac5c47f733
3f9621a78cd1ab80c4a91d8cce8913b70d21053ae3516d17f6b10f59ed40c968
45ef6b2c23a1a69c60dd9da7929524cee06f0ec4bf439ff79497a65da205f947
4b3197e28c0b5e28bb9e472c819d37f26157b6e40faa749f5af0bdea2eaccc9b
6d6af4eb02113f2c42e53be9ccaa058aa48ac9edc330578e7e923f7cef8af323
6d9477835a788bf110c7d1cf1ff133197c095cef8f74d136213fc0dfc0fe8e9f
6e1949a1983a27e71a014319d5e617eb1a8ead3dbab7fe16312e3604f815364e
7833280dbc50f5465bd313042ff0d3340341afd13c024af9931e586c44ee09a6
7ad25c4eb8e8a7d95253d724b28cadeb0ed6670880d1f0eb12a57da451caa007
9b427b3519eb5318a5466e72adff5f809a0cad2151cec8c9dc40224d97c697a5
a6d83aa139a0973528b00a7dcec625468a36e34991469e875ea467e0fbae1d1e
b21d5b510665eb3fb7f2f2fe2bb76b78f74e0c78e05b2efbffabc7d8e42ddcf8
cc49585feeb3eb32146d1e4146bf67c62cae59763e4f38e9d54582bcf7249aad
d7d9a4aa841f0ba6d6e7c2bdf554916067d7449d962525dbf93a48abb67ed312
db36341e8a8c0a2ce61626243ac7abecf9f3e072e28b4bf370a0f4544692e3cf
de200f55ae653897fa34a654f6ce3325f4b44fbd7e4c0aa3418217c57dbfbb38
ebec3695f7904fe26f59dc092ffad8cf3774e4f1d4487349d82a3a022c4ea8d3
edb335f2ea3f9cf1eedc6b15248f6e0d4d90237e4af093f156bfc28c12e17be2
ff98db10fe2673343a91dcf1d7a3a46ca53ad658ae8835f02ec5ce161813fa09