PCrisk.com
app.phanpay.io favicon

app.phanpay.io

Category: Suspicious

Scanned: Jun 8, 2026, 10:46 AM UTC · First seen: Jun 8, 2026 · Threat Engines: 17 / 91 · Times Scanned: 1
5 / 100 Trust Score Based on scan findings at the time of analysis
Potentially Dangerous
0 - High Risk50 - Moderate100 - No Threats
Fresh scan recommended
Last scanned 15 days ago - security status may have changed since then.
Not scanned has not been scanned yet. Hit Scan Now to check it.

Scans can take up to 5 minutes to complete. Please keep this tab open - we'll redirect you to the report when it's ready.

Failed
Scan unavailable
Scan failed
Protect yourself from potentially harmful websites
Combo Cleaner's real-time web protection module actively blocks access to scam, phishing & malware-infected websites.
★★★★★ 4.8 / 5 Recommended by PCrisk.com editors Windows · Mac · Android · iOS
Download Combo Cleaner Free scan · no signup

To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

Screenshot of app.phanpay.io Captured Jun 8, 2026
https://app.phanpay.io
Screenshot of app.phanpay.io
This website has been flagged as potentially harmful
Screenshot blurred for safety. Multiple security engines flagged potential threats at the time of scanning.
1 month (phanpay.io)
Not Ranked - This website does not appear in the Tranco top list
Flagged by 17 of 91 engines
✓ Valid (TLS)
FrostyHosting
Moscow, Russia
nginx
Plesk
94.183.168.68
Domain & WHOIS Information
Registrar Dynadot Inc
Registered May 10, 2026 (phanpay.io)
Expires May 10, 2027
Name Servers ns1.dyna-ns.net
DNSSEC Unsigned
Hosting FrostyHosting
This is a subdomain of phanpay.io. The WHOIS data above belongs to the parent domain, not to app.phanpay.io. The actual creation date of this subdomain is unknown and could be much more recent than the parent.
Reputation & Threat Check 91 security engines checked
17
17 of 91 engines flagged this website Flagged by 17 security vendors at the time of scanning
Not flagged Flagged
Flagged by 17 of 91 engines
Direct Threat Database Sources
Google Not listed Spamhaus DBL Not listed SURBL Listed Spamhaus ZEN Not listed Barracuda Not listed SpamCop Not listed Spamhaus ZRD Not listed URLhaus Not listed Phishtank Not listed QBMA Not listed
View detailed engine results on VirusTotal
File Scan Summary Powered by Quttera Engine
8 files scanned
No threats
8
Low Risk
0
Medium Risk
0
High Risk
0
No threats Low Risk Medium Risk High Risk
app.phanpay.io/config.js 1.5 KB No threats
app.phanpay.io/error_docs/styles.css 2.7 KB No threats
app.phanpay.io/en/#features 107.8 KB No threats
app.phanpay.io/en/terms 808 B No threats
app.phanpay.io/en/#pricing 107.8 KB No threats
app.phanpay.io/en/privacy 808 B No threats
app.phanpay.io/en/# 107.8 KB No threats
bulgur-roman.web-dist.cc/_nuxt/assets/index.js 961.8 KB No threats
External Links & Domains
8
External Links
All Clean
0
Iframes
Clean
3
Referenced Domains
All Clean
0
Flagged Resources
None Detected
http://app.phanpay.io/config.jsNot flagged
http://app.phanpay.io/en/#featuresNot flagged
http://app.phanpay.io/en/#pricingNot flagged
http://app.phanpay.io/en/privacyNot flagged
http://app.phanpay.io/en/termsNot flagged
http://app.phanpay.io/error_docs/styles.cssNot flagged
https://bulgur-roman.web-dist.cc/_nuxt/assets/index.jsNot flagged
https://fonts.googleapis.com/css2?family%3DInter:wght@300%3B400%3B500%3B600%3B700%3B800%3B900&display%3DswapNot flagged
app.phanpay.ioNot flagged
bulgur-roman.web-dist.ccNot flagged
fonts.googleapis.comNot flagged
app.phanpay.io Overview

Description of app.phanpay.io

The domain app.phanpay.io appears to present itself as a cryptocurrency-related web application focused on connecting a Phantom wallet. Based on the page title, on-page text, and screenshot, the site claims to offer a quick wallet-connection flow under the name “PhanPay,” with navigation items such as Features, Pricing, Docs, Privacy, and Terms. The branding and wording suggest a service aimed at users of the Phantom crypto wallet ecosystem rather than a general informational website.

The operator is not clearly identified in the provided scan data. The domain is hosted on a subdomain under phanpay.io and appears to be a relatively new project, with registration dating back only a few weeks at the time of this scan. Given the wallet-connection theme and the site’s emphasis on linking a crypto wallet, visitors would likely be asked to authorize wallet access or interact with blockchain-related prompts, which can carry elevated risk when the service is not well established.

Safety Assessment for app.phanpay.io

Multiple security signals indicate elevated risk at the time of this scan. The domain was flagged by 17 out of 91 security engines, and several web-classification sources categorized it as phishing or fraud-related. The page also appears to center on connecting a Phantom wallet, which is a common lure theme in cryptocurrency credential theft and wallet-draining campaigns. In addition, the domain is very new, not ranked among popular sites, and uses branding that may be confused with the well-known Phantom wallet name.

At the same time, the malware scan did not identify malicious files on the page itself, and major blacklist and threat-database checks included in the scan were reported as clean at that moment. That combination can occur with newer phishing pages, especially when the primary risk comes from deceptive wallet prompts or social-engineering flows rather than downloadable malware.

Considering the multi-engine phishing detections, the crypto-wallet theme, and the young age of the domain, this website may pose potential risks to visitors. Based on these findings, users should exercise a high degree of caution before connecting a wallet, approving transactions, or entering sensitive information.

Technical Description

The site was reachable over HTTPS with a valid Let's Encrypt certificate, fronted by an nginx web server. The domain is very new, registered through Dynadot, uses ns1.dyna-ns.net and ns2.dyna-ns.net nameservers, and does not appear to have DNSSEC enabled. Hosting was identified as FrostyHosting on IP address 94.183.168.68, geolocated to Moscow, Russia.

No malicious files, flagged external links, or iframes were identified by the page-level malware scan at the time of analysis. However, the site loads an external script from a third-party domain, and the combination of recent registration, unsigned DNS, and strong phishing-related reputation signals increases uncertainty. A valid TLS certificate only confirms encrypted transport and should not be treated as proof of legitimacy.

HTTP Redirect Chain
302 https://app.phanpay.io/
200 https://app.phanpay.io/en/
Website Insights
Not Ranked
Tranco Rank
Not in Top 1M
Visitors Unknown
Category: Suspicious
Rank History (30 days)
No rank data available
No cookies data available
Dispute This Score For website owners
Believe this score is inaccurate?
If you are the website owner and believe the scan results contain errors or false positives, you can submit a dispute for manual review. Our team typically responds within 1-2 business days.
You will be asked to verify your email before the dispute can be processed.
By submitting this form, you confirm that the information provided is accurate. Disputes are reviewed manually and results may take up to 48 hours to update.
One more step..
To submit your dispute for app.phanpay.io, please click the verification link we just emailed you. Once verified, we'll review it within 1–2 business days.
This report was generated automatically and is provided for informational purposes only. Results are based on a point-in-time scan and may contain false positives or incomplete data. This does not constitute a security audit or certification. No vendor in the market can guarantee a 100% detection rate. If you believe this report is inaccurate, please submit a dispute.
Similar Recently Scanned
labor-day-51gb-free2.ij7gv.top screenshot
labor-day-51gb-free2.ij7gv.top
Potentially Dangerous 5/100
tethersol.xyz screenshot
tethersol.xyz
Potentially Suspicious 30/100
allocation-fugabelab.xyz screenshot
allocation-fugabelab.xyz
Potentially Suspicious 30/100
tommyholysnapped.com screenshot
tommyholysnapped.com
Potentially Suspicious 39/100
viponerunandjob.com screenshot
viponerunandjob.com
Moderate Risk 40/100
zoologyfibre.com screenshot
zoologyfibre.com
Potentially Suspicious 39/100
ratujprodukt.pl screenshot
ratujprodukt.pl
Potentially Suspicious 30/100
redirectott.com
Potentially Suspicious 30/100

Share your experience with this website. Was it safe? Did you encounter any issues?