www.paypay.melrf.xyz
Open in
urlscan Pro
91.204.226.243
Malicious Activity!
Public Scan
Submission: On October 14 via api from JP — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 13th 2021. Valid for: 3 months.
This is the only time www.paypay.melrf.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPay (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 91.204.226.243 91.204.226.243 | 136038 (HDTIDCCLO...) (HDTIDCCLOUD-AS-AP HDTIDC LIMITED) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
20 | 3 |
ASN136038 (HDTIDCCLOUD-AS-AP HDTIDC LIMITED, HK)
www.paypay.melrf.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
melrf.xyz
www.paypay.melrf.xyz |
185 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | www.paypay.melrf.xyz |
www.paypay.melrf.xyz
|
1 | code.jquery.com |
www.paypay.melrf.xyz
|
20 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypay.ne.jp |
paypaymobile.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
melrf.xyz R3 |
2021-10-13 - 2022-01-11 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.paypay.melrf.xyz/
Frame ID: 10528D992B1ABA9224672F377C96F8CD
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
PayPayDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
- jquery[.-]([\d.]*\d)[^/]*\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: パスワードを忘れた場合
Search URL Search Domain Scan URL
Title: Yahoo!JAPAN IDでログイン
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.paypay.melrf.xyz/ |
69 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.js
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.js
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
5 KB 811 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layui.js
www.paypay.melrf.xyz/assets/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_8bc203a9.60f2038a.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
57 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_4bd3c468.d11e94b4.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_f71cff67.37e0be5d.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
144 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_6a2c624d.9c1020ff.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
45 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page_account-page-otp_account-page-reset_account-page-sign_p2p-page_payout-page_update-page__82301314.a4e4d009.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page_f71cff67.c788dca3.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
70 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page_6a2c624d.42c22f13.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
58 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page-sign_f71cff67.b11b7d64.css
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
81 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layui.css
www.paypay.melrf.xyz/assets/css/ |
71 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
www.paypay.melrf.xyz/assets/index/login/PayPay1_files/ |
139 B 216 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
softbank-icon.108c1d32.svg
www.paypay.melrf.xyz/assets/index/static/img/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.js
www.paypay.melrf.xyz/assets/lay/modules/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.css
www.paypay.melrf.xyz/assets/css/modules/layer/default/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPay (Financial)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery undefined| waitClock string| sid object| layui object| layer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
www.paypay.melrf.xyz
2001:4de0:ac18::1:a:3a
91.204.226.243
08bbc0fa3d3f9caeed33d6a37b7910e051a19b9cb10a7aefa5f6541955930bae
12e2e8a68b16ddd5636817d9cc6f3d431d0ba88b1a6b43fbd3ea77e0e6c497e1
1542a611bf12307cf5cd877df1d8742680cf55f7b0501e1fe00dd8f8fe5eaab3
2fe45428366bab11709c59b39db6d75bbb58aa6fbeee77a7fde0c5c1b117c6ee
3f708de161ca35a542260f0e3f0b66a63c13115e0de22b1e6c03757392485f57
423a77bb7c8df3ef2e582f158b042fdcda94af842ca27fd84bdfb7884ac425f3
607bda7d3632ee1a2b8d677477afeda65c112b4d19f7f83deca5306d239f4649
612b18eb54df18a3b519b90e2035f4e9378f8978bb9b20227e45bf138ceee5b5
65c20565308d0d341d95e5c97f67663a5139647605a5c17aff8f510eb06ea0c5
73537a111f11ae2ff826db61c01cd6abdbd84aa38141eae9135c459920c5f3be
7f7c94264b36f398e4bb25c6842e0a89d5d7d3beb0971620f4f44cc4e96ca565
882c93eadef6b4f05100102b215fee8260dc81ec84c78d7d494db7216c542c0b
8f71df825e0a32e7d05b012e784082aff562461422c255218c7eed1a0021d680
9342fa8c06a8f6072cf1408432536a1e2b0ee557216edde194ed2dc482f01e28
93f11cc605a79813589fadd65669ffeb622403ced0a797d81304e9d246966d5e
96db9ca236e4eadf68ca5c79f1e1725270a5d1344021133441f6c9a9d9e48a93
a1f15b7cf909062d12d4cfbab46737f2f983e3bb72061fbbfdec0778ef0ed031
c45f7b0a7185b23041b5a35d03e17d777ba96cddb1f530d6e7408e92ff00f4de
de14f57a247233991a5bfa85436e2205b52871558811ba2969d11ee9b134bf8d
e24a103f81720122bf9d4d1942f3a493d14b15a3a36b851147181f19089ecd8c
edb335f2ea3f9cf1eedc6b15248f6e0d4d90237e4af093f156bfc28c12e17be2
f280a40db2ec839eb4daf54e23c2b38a8c6c3a38bf0adf293ecdcd29bf6e3a85
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e