urlscan.io logo urlscan.io
SecurityTrails logo

paypayi.top Open in urlscan Pro
192.161.164.249  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paypayi.top/
Effective URL: https://paypayi.top/index/login.html
Submission: On November 09 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 192.161.164.249, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is paypayi.top.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 9th 2021. Valid for: a year.
This is the only time paypayi.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPay (Financial)

Domain & IP information

IP Address AS Autonomous System
1 11 192.161.164.249 8100 (ASN-QUADR...)
1 3 104.16.123.175 13335 (CLOUDFLAR...)
1 218.11.8.124 4837 (CHINA169-...)
3 42.56.79.218 4837 (CHINA169-...)
16 4
Apex Domain
Subdomains		 Transfer
11 paypayi.top
paypayi.top
345 KB
3 bootcss.com
cdn.bootcss.com
15 KB
3 unpkg.com
unpkg.com
39 KB
1 bootcdn.net
cdn.bootcdn.net
84 KB
16 4
Domain Requested by
11 paypayi.top 1 redirects paypayi.top
3 cdn.bootcss.com paypayi.top
cdn.bootcss.com
3 unpkg.com 1 redirects paypayi.top
1 cdn.bootcdn.net paypayi.top
16 4

This site contains links to these domains. Also see Links.

Domain
www.paypay.ne.jp
Subject Issuer Validity Valid
paypayi.top
Sectigo RSA Domain Validation Secure Server CA		 2021-11-09 -
2022-12-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.bootcdn.net
R3		 2021-10-20 -
2022-01-18		 3 months crt.sh
*.bootcss.com
R3		 2021-10-20 -
2022-01-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://paypayi.top/index/login.html
Frame ID: E994D313A9D8A9DB95486D7A2F246890
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayPay

Page URL History Show full URLs

  1. https://paypayi.top/ HTTP 302
    https://paypayi.top/index/login.html Page URL

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

483 kB
Transfer

1605 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paypayi.top/ HTTP 302
    https://paypayi.top/index/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://unpkg.com/element-ui/lib/theme-chalk/index.css HTTP 302
  • https://unpkg.com/element-ui@2.15.6/lib/theme-chalk/index.css

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
paypayi.top/index/
Redirect Chain
  • https://paypayi.top/
  • https://paypayi.top/index/login.html
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
0731a391e8500bc942280febc67fd112e1a547a930817f09f130fb787768b737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
nginx
date
Tue, 09 Nov 2021 17:56:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 17:56:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache,must-revalidate
location
/index/login.html
strict-transport-security
max-age=31536000
index.css
unpkg.com/element-ui@2.15.6/lib/theme-chalk/
Redirect Chain
  • https://unpkg.com/element-ui/lib/theme-chalk/index.css
  • https://unpkg.com/element-ui@2.15.6/lib/theme-chalk/index.css
233 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/element-ui@2.15.6/lib/theme-chalk/index.css
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a22fbdbbb8db72c5eaace4af0fd5d0f2c97de98482237620739eea022d778f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:53:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
5913676
fly-request-id
01FEJNKDC9AYV111C8ZVEAT3FZ
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3a424-lCwKtmrB77A0N2PuyUbmXKw/cfY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6ab8e6804b7b1ed8-NRT

Redirect headers

date
Tue, 09 Nov 2021 17:53:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FM2X18YJB75T17ZKJF4XEMEM
server
cloudflare
age
305
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/element-ui@2.15.6/lib/theme-chalk/index.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ab8e6803b6a1ed8-NRT
access-control-allow-origin
*
element-icons.woff
paypayi.top/static/index/css/fonts/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/static/index/css/fonts/element-icons.woff
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
5036fa1736799bb7392ab24029036440119f123d85514f9b110b29b8ea4897af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
last-modified
Tue, 28 Sep 2021 02:34:44 GMT
server
nginx
etag
"61527f44-1f44"
strict-transport-security
max-age=31536000
content-type
font/woff
accept-ranges
bytes
content-length
8004
load.css
paypayi.top/static/index/css/ 		2 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/static/index/css/load.css
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
d8230d8972a90b89e5a4b429cb600cf1070a77164643e530b550930e3345cdaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
content-encoding
gzip
last-modified
Sat, 16 Oct 2021 16:41:23 GMT
server
nginx
etag
W/"616b00b3-609"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 10 Nov 2021 05:56:36 GMT
logo.png
paypayi.top/static/index/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paypayi.top/static/index/logo.png
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
5ae82ced18f26ecb4117409ff2d4bdda73abde9f5a0e20ac42a8fa1ac9b34585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
last-modified
Mon, 27 Sep 2021 13:12:26 GMT
server
nginx
etag
"6151c33a-c50"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3152
expires
Thu, 09 Dec 2021 17:56:36 GMT
Y.png
paypayi.top/static/index/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paypayi.top/static/index/Y.png
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
a066a4f0457d94f672f74c58fffc5aa365c3ebba4fc63fcf17f4075b2d034b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
last-modified
Mon, 27 Sep 2021 14:10:02 GMT
server
nginx
etag
"6151d0ba-1275"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4725
expires
Thu, 09 Dec 2021 17:56:36 GMT
jquery.min.js
paypayi.top/static/index/js/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/static/index/js/jquery.min.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 01:50:28 GMT
server
nginx
etag
W/"615274e4-15d9d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 10 Nov 2021 05:56:36 GMT
vue.js
paypayi.top/static/index/js/ 		336 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/static/index/js/vue.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 01:50:40 GMT
server
nginx
etag
W/"615274f0-53fc9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 10 Nov 2021 05:56:36 GMT
element.min.js
paypayi.top/static/index/js/ 		556 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/static/index/js/element.min.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
30b6e89fb24f1272f1b3d9dd1d3dc99fed47269b37380887e0dfca02450bf469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 01:50:56 GMT
server
nginx
etag
W/"61527500-8b190"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 10 Nov 2021 05:56:36 GMT
axios.min.js
paypayi.top/static/index/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypayi.top/static/index/js/axios.min.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 01:51:06 GMT
server
nginx
etag
W/"6152750a-3813"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 10 Nov 2021 05:56:36 GMT
vue-cookies.js
unpkg.com/vue-cookies@1.7.4/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue-cookies@1.7.4/vue-cookies.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d4b2a8abd43ac8806555216ad48ec96dd6a26d25ec006d3bcc3b2e33c0def5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:53:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
12864360
fly-request-id
01F83GXE2KXZ5NAWXPNNC4C8YZ
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1656-XMokEajAaC9Ikhdv+oJ6FZPDEEY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6ab8e6803b6b1ed8-NRT
jquery.js
cdn.bootcdn.net/ajax/libs/jquery/3.6.0/ 		282 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.11.8.124 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_static_msoc2 /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 10:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
469032
x-cache-lookup
Cache Hit, Hit From Inner Cluster
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
85249
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
NWS_TCloud_static_msoc2
cf-cdnjs-via
cfworker/kv
etag
W/"603e8adc-46744"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYbZlHv7vRB18hH8aBFVAjUc15oxRmiM4aEBieNY0dYwqlzNdGQyC3J3aDvGVs8%2BysWplrhbc4U%2FnXJNJMV47ZmmjFDqcp0HO3cMlRFE8PquMDr3JD6NZ4ffr5jd6%2FjRNY65OItQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
881722925742842933
accept-ranges
bytes
cf-ray
6a83085cf86e368b-LAX
expires
Sun, 30 Oct 2022 10:22:50 GMT
layer.min.js
cdn.bootcss.com/layer/3.0.1/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/layer/3.0.1/layer.min.js
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.56.79.218 Shenyang, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
b0324bfc823184920bf852354aef5a8e9fdc95148061b70a72d08793c96ef7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
Hit From Disktank3 Gz
x-nws-uuid-verify
a5cb78aaa9d27589819549fbd41280f1
x-jsd-version
1.0.1
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7356
x-served-by
cache-fra19123-FRA, cache-hkg17924-HKG
x-jsd-version-type
version
last-modified
Tue, 09 Nov 2021 15:00:00 GMT
server
NWS_TCloud_S1
etag
W/"535e-NDtcjpKVCxAjNr3oiffOIJmaMkY"
x-ws-request-id
618a8d46_PS-000-01HEt45_6799-16272
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
35e82214-38e6-486d-bc20-9a34642ceb92
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Dec 2021 17:53:25 GMT
layer.css
cdn.bootcss.com/layer/3.0.1/skin/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/layer/3.0.1/skin/default/layer.css
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.56.79.218 Shenyang, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
b4ed5d24c92f99371c49023c1f7da9597cac7f23d3c9efe7c07025bc4a5d7386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
Hit From Disktank3 Gz
x-nws-uuid-verify
7753d98ff6aaa6aad85e576eab4a3511
x-jsd-version
1.0.1
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2872
x-served-by
cache-fra19177-FRA, cache-hkg17931-HKG
x-jsd-version-type
version
last-modified
Sun, 07 Nov 2021 03:20:00 GMT
server
NWS_TCloud_S1
etag
W/"37d8-a8kx6lzOjPf/K8IF8RWvHaWi33o"
x-ws-request-id
6187460b_PS-000-01qg6155_48729-26660
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
5480ac1d-1595-40f7-a464-15a1a7baa381
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Dec 2021 17:53:25 GMT
1.png
paypayi.top/static/index/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paypayi.top/static/index/1.png
Requested by
Host: paypayi.top
URL: https://paypayi.top/index/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.164.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
192.161.164.249.static.quadranet.com
Software
nginx /
Resource Hash
781811760fd0db49c57a4953ca9f761fc46a25fb2aa0690a6e390c79c2d9eaa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/index/login.html
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:56:36 GMT
last-modified
Sat, 16 Oct 2021 05:52:23 GMT
server
nginx
etag
"616a6897-2a66"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10854
expires
Thu, 09 Dec 2021 17:56:36 GMT
layer.css
cdn.bootcss.com/layer/3.0.1/skin/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/layer/3.0.1/skin/default/layer.css?v=3.0.11110
Requested by
Host: cdn.bootcss.com
URL: https://cdn.bootcss.com/layer/3.0.1/layer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.56.79.218 Shenyang, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
b4ed5d24c92f99371c49023c1f7da9597cac7f23d3c9efe7c07025bc4a5d7386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://paypayi.top/
User-Agent
Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
Hit From Disktank3 Gz
x-nws-uuid-verify
408c247b6928a06399802eebf79b3cc6
x-jsd-version
1.0.1
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2872
x-served-by
cache-fra19177-FRA, cache-hkg17920-HKG
x-jsd-version-type
version
last-modified
Mon, 08 Nov 2021 05:30:00 GMT
server
NWS_TCloud_S1
etag
W/"37d8-a8kx6lzOjPf/K8IF8RWvHaWi33o"
x-ws-request-id
6188b624_fzhdx73_27962-49545
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
42ce6fd7-1566-4902-9d02-67811f54a158
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Dec 2021 17:53:28 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPay (Financial)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| onorientationchange number| orientation object| scheduler function| $ function| jQuery function| Vue object| __core-js_shared__ object| ELEMENT function| axios object| $cookies object| layer undefined| timer

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000