aupay.top
Open in
urlscan Pro
107.150.5.129
Malicious Activity!
Public Scan
Effective URL: https://aupay.top/index/login.html
Submission Tags: krdtest
Submission: On December 15 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on December 15th 2021. Valid for: a year.
This is the only time aupay.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: au ID (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 107.150.5.129 107.150.5.129 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
22 | 1 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 107.150.5.129.static.quadranet.com
aupay.top |
Domain | Requested by | |
---|---|---|
22 | aupay.top |
aupay.top
|
22 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
id.auone.jp |
www.kddi.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aupay.top TrustAsia TLS RSA CA |
2021-12-15 - 2022-12-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://aupay.top/index/login.html
Frame ID: BA5208D3C16CAA8007136931944262AC
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
au IDログインPage URL History Show full URLs
- https://aupay.top/ Page URL
- https://aupay.top/index/login.html Page URL
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: プライベートブラウズのオフ設定手順は、こちら
Search URL Search Domain Scan URL
Title: ガイド
Search URL Search Domain Scan URL
Title: 確認コードが届かない場合
Search URL Search Domain Scan URL
Title: パスワードを忘れた方はこちら
Search URL Search Domain Scan URL
Title: au ID・au PAYを新規登録するau以外の方もご登録いただけます
Search URL Search Domain Scan URL
Title: au ID利用規約
Search URL Search Domain Scan URL
Title: プライバシーポリシー
Search URL Search Domain Scan URL
Title: サイトポリシー
Search URL Search Domain Scan URL
Title: アクセスデータについて
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://aupay.top/ Page URL
- https://aupay.top/index/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
aupay.top/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ioslandscape.css
aupay.top/static/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idk.css
aupay.top/static/css/ |
45 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkboxradio.css
aupay.top/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load.css
aupay.top/static/css/ |
171 B 374 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aupay.png
aupay.top/static/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.3.1.min.js
aupay.top/static/js/ |
54 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authenticatoravailablecheck.js
aupay.top/static/js/ |
725 B 939 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iosportrait.css
aupay.top/static/css/ |
2 KB 836 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login.html
aupay.top/index/ |
24 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ioslandscape.css
aupay.top/static/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idk.css
aupay.top/static/css/ |
45 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkboxradio.css
aupay.top/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
au_id.jpg
aupay.top/static/picture/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
aupay.top/static/css/ |
10 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.3.1.min.js
aupay.top/static/js/ |
54 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
aupay.top/static/js/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authenticatoravailablecheck.js
aupay.top/static/js/ |
725 B 939 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pas.js
aupay.top/static/js/ |
489 B 702 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iosportrait.css
aupay.top/static/css/ |
2 KB 836 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close.png
aupay.top/static/images/ |
916 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open.png
aupay.top/static/images/ |
527 B 733 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: au ID (Telecommunication)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| tr_pageid function| $ function| jQuery undefined| timeOut function| changeScreen function| doIDInputChange function| doPwdChange function| doFidoChange function| doSmsChange function| doResend function| changReconfirm function| enterEvent function| isWebAuthnSupport function| isAuthenticatorAvailable function| execFunc number| flag0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aupay.top
107.150.5.129
1063e2446413841489215624ef9fc1e8911a265f65a1d41da2ab0f1e1a39311b
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
1ec5abc3e4e21e84224089afccec3c1677323ec02fe04f2bbf6083a9b9d3fc2d
228e55f1340a78230ebb97f7602ed03c14fd4d101730eb54019a796182c1c077
3dabbb7c612c8b883fda42fea495fb94f5f304464e5f653220a88d391b935221
4b3522673de4eba238df1f9e3d7fe166ea78db18f1245e41c5f3559c9fac4682
50aee8e95fe73fec7c2fef3df9c960c35d7b3c37f4d571e208468a3dee3a3eeb
63a051d64be9d4793a75c11f05e89c83c0db5d2cb56a0bee4fba1c6f5e581d5d
697d57edc1391e02ff6dee00c171e732dc17f7fdc79dfdb9a39d54a750cff8f6
85ee4808437c820893e714e1c64f66e3fb08bd8eb409dc3ed418e792615e5002
8b763e1dbfff469ee9670fec2430433ca65d81029e91c77d991e40c30bd5b767
97b995d75de0299843e0271fa85880e9410f91dbddadb118aa05f1dfa7789aea
a63fd3959f8cd89c2706cb778dea2994b82cfc800bf5db9257edcf1fa7222b80
dd044410a440ce714243695b9ff4ba6c32bb3b8f7104d3968ad102c62aa7f5c8
f04d0be4ec226fd13b69667e3fca17e480b71e1f225f006c9edea73b308a1f88
f146ed1adda325f4db79c7da9a5626da7b8f72e7934bd1f877a324da05c2845b