![](/screenshots/9de5c8c5-f385-4119-921d-519e8fd056bc.png)
paypaytest.apexemai.com
Open in
urlscan Pro
13.208.124.17
Malicious Activity!
Public Scan
Effective URL: https://paypaytest.apexemai.com/paypay/?id=sign-in&Key=ad38ca35e0642b3
Submission: On June 01 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on June 1st 2022. Valid for: 3 months.
This is the only time paypaytest.apexemai.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPay (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 13.208.124.17 13.208.124.17 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 143.204.86.17 143.204.86.17 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 13.225.159.125 13.225.159.125 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-208-124-17.ap-northeast-3.compute.amazonaws.com
paypaytest.apexemai.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-17.nrt12.r.cloudfront.net
www.paypay.ne.jp |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-159-125.nrt12.r.cloudfront.net
static.paypay.ne.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
paypay.ne.jp
www.paypay.ne.jp static.paypay.ne.jp |
184 KB |
4 |
apexemai.com
paypaytest.apexemai.com |
50 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
11 | www.paypay.ne.jp |
paypaytest.apexemai.com
|
4 | paypaytest.apexemai.com |
paypaytest.apexemai.com
|
2 | static.paypay.ne.jp |
www.paypay.ne.jp
|
17 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypay.ne.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
paypaytest.apexemai.com R3 |
2022-06-01 - 2022-08-30 |
3 months | crt.sh |
*.paypay.ne.jp GlobalSign RSA OV SSL CA 2018 |
2021-12-15 - 2023-01-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://paypaytest.apexemai.com/paypay/?id=sign-in&Key=ad38ca35e0642b3
Frame ID: B595572C037484DB41209174243BE480
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/9de5c8c5-f385-4119-921d-519e8fd056bc.png)
Page Title
PayPayPage URL History Show full URLs
- https://paypaytest.apexemai.com/ Page URL
- https://paypaytest.apexemai.com/paypay/?id=sign-in&Key=ad38ca35e0642b3 Page URL
Detected technologies
![](/vendor/wappa/icons/Vue.js.png)
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: パスワードをお忘れですか?
Search URL Search Domain Scan URL
Title: 新規登録
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://paypaytest.apexemai.com/ Page URL
- https://paypaytest.apexemai.com/paypay/?id=sign-in&Key=ad38ca35e0642b3 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
paypaytest.apexemai.com/ |
150 B 663 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
paypaytest.apexemai.com/paypay/ |
21 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~59f3426a.35355282.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
53 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~5a11b65b.3a1637ee.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
31 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~6a2c624d.05b2999e.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
36 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~7379b9cb.14bc8df0.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~cf55716b.61c8e8bc.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~ea246c04.0fb89b1a.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
38 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~f71cff67.1119bf39.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
131 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page~account-page-otp~account-page-reset~account-page-sign~bank-page~p2p-page~payout-page~up~5d3b0d5a.76d8ddec.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page~f71cff67.efc2481e.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
58 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page~c5bef7f1.51540263.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
48 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account-page-sign~f71cff67.a78d44b2.css
www.paypay.ne.jp/cdn/apps/prod/web/3-43-0/static/css/ |
67 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
paypaytest.apexemai.com/assets/js/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
paypaytest.apexemai.com/assets/js/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web.woff2
static.paypay.ne.jp/font/ |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Semibold-Web.woff2
static.paypay.ne.jp/font/ |
40 KB 41 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPay (Financial)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| LoginUser function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
paypaytest.apexemai.com/ | Name: PHPSESSID Value: 4p5vvihfvuhluojjln3ldjibht |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
paypaytest.apexemai.com
static.paypay.ne.jp
www.paypay.ne.jp
13.208.124.17
13.225.159.125
143.204.86.17
026edf5e5d1b243ee3f7df45916d0a5c09fc2512d72752d2fb80f1b27f3bebde
49a003f65000f1a05ebe7f685ad50ec02eeafd5ee8e080419cb831b8486fe45a
4b5ee227521d25909b9c6a063ff62dc1fba288f9e00b7a3a433a1bf08f408f70
58e776d3eea28ff53101bf084d7499fdff7617c74f39a06fa7001c0c10f28eab
5dcb9a1508992cb2c9649eedc2fdbb64ba9a7d2acdc9b6ed48b8b895a140ca64
6d9477835a788bf110c7d1cf1ff133197c095cef8f74d136213fc0dfc0fe8e9f
6e6df394b54152f988b7848a795aad4abf97176b5918d4920f16b852c55641b9
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4
7c6e9d3b29510e7d5e4fec7d7a0ab9d602396faf3b95ac2a304f9b0e2b95a73b
84da2f59c67c7fa08de5ab4fe30c401e8b162bde73b7097dcedc50a7d9a80e0b
8ae1d06806cd0b66f2b332e989a816149b82f1d2466d93cebf7dee975328af4b
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6
96db9ca236e4eadf68ca5c79f1e1725270a5d1344021133441f6c9a9d9e48a93
9a99769a185a121f3c88eaa736593375af41e426aef211cdc2d9ed93e9d577d5
b778aeadca666b989cf5fcabec172c73f306deb501f1e1fe789a7b577aa7ca62
c1a14d113fd84998aa88654fa3b1db9f86428d0d1d8522c599ae020329d66750
ed5efc3cc3fc62fe96c9baadd83718991a3b9fe73917163f98fe8eeb13d26c91
f93be49be3ddc089ad8486500040f73c39b46ae3d3c9f1c9f01039378b7feb12