urlscan.io logo urlscan.io
SecurityTrails logo

er-66ynkm8b1v62rp95lek41r.karte-io-works.in Open in urlscan Pro
52.68.54.130  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Submission: On January 23 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 52.68.54.130, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is er-66ynkm8b1v62rp95lek41r.karte-io-works.in.
TLS certificate: Issued by Amazon on March 14th 2019. Valid for: a year.
This is the only time er-66ynkm8b1v62rp95lek41r.karte-io-works.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NTT Docomo (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
4 5 52.68.54.130 16509 (AMAZON-02)
1 35.244.185.137 15169 (GOOGLE)
4 8 52.199.42.59 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 49.102.154.13 9605 (DOCOMO NT...)
1 2a00:1450:400... 15169 (GOOGLE)
10 6
5    52.68.54.130 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-54-130.ap-northeast-1.compute.amazonaws.com
er-66ynkm8b1v62rp95lek41r.karte-io-works.in
1    35.244.185.137 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 137.185.244.35.bc.googleusercontent.com
admin.karte.io
8    52.199.42.59 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-42-59.ap-northeast-1.compute.amazonaws.com
er-o26x994spg2my5l2xpnmtq.karte-io-works.in
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    49.102.154.13 (Japan)

ASN9605 (DOCOMO NTT DOCOMO, INC., JP)
id.smt.docomo.ne.jp
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
8 er-o26x994spg2my5l2xpnmtq.karte-io-works.in 4 redirects er-66ynkm8b1v62rp95lek41r.karte-io-works.in
5 er-66ynkm8b1v62rp95lek41r.karte-io-works.in 4 redirects
2 id.smt.docomo.ne.jp er-66ynkm8b1v62rp95lek41r.karte-io-works.in
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com er-66ynkm8b1v62rp95lek41r.karte-io-works.in
1 admin.karte.io er-66ynkm8b1v62rp95lek41r.karte-io-works.in
10 6

This site contains no links.

Subject Issuer Validity Valid
*.karte-io-works.in
Amazon		 2019-03-14 -
2020-04-14		 a year crt.sh
*.karte.io
GlobalSign RSA DV SSL CA 2018		 2019-10-30 -
2021-12-22		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
id.smt.docomo.ne.jp
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2020-09-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Frame ID: 716E0D7C378690E6ABD2D71CB4B6CBE9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

701 kB
Transfer

830 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_style.css HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_style.css HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_style.css
Request Chain 2
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_pc.css HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_pc.css HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_pc.css
Request Chain 3
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/img/logo_header.png HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/img/logo_header.png HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/logo_header.png
Request Chain 4
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/img/footer_copyright.png HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/img/footer_copyright.png HTTP 302
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/footer_copyright.png

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request baseauth
er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.54.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-54-130.ap-northeast-1.compute.amazonaws.com
Software
Apache / Express
Resource Hash
84c1d9d8f3219c3909af3a025336f341b312b3f1edd5bfc3ab2a8c517c39c7f5
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Host
er-66ynkm8b1v62rp95lek41r.karte-io-works.in
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

access-control-allow-headers
, x-requested-with, accept
access-control-allow-methods
, get
cache-control
no-cache
content-type
text/html;charset=utf-8
date
Thu, 23 Jan 2020 23:40:32 GMT
p3p
CP="CAO ADM DEV IVA IVD CON OUR BUS UNI COM NAV INT STA"
pragma
no-cache
server
Apache
set-cookie
g_smt_spsp2=""; Domain=.smt.docomo.ne.jp; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/;
x-frame-options
ALLOWALL
X-Powered-By
Express
transfer-encoding
chunked
Connection
keep-alive
build.js
admin.karte.io/libs/preview-inframe/ 		606 KB
607 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.karte.io/libs/preview-inframe/build.js
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.185.137 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.185.244.35.bc.googleusercontent.com
Software
/
Resource Hash
07a6ac45404fb1ded28738bdee779676b35411cbaa370547e2df2a7573338eb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
alt-svc
clear
content-length
620246
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Jan 2020 08:11:34 GMT
date
Thu, 23 Jan 2020 23:40:33 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
etag
W/"976d6-16fd174daf0"
accept-ranges
bytes
expires
0
auth_layout_v5_style.css
er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/
Redirect Chain
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_style.css
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_style.css
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_style.css
22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_style.css
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.42.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-42-59.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
32c934398cdbd10d2687530b9af604abcac2165d758340a3c9079782cbb4ae81
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 23:40:34 GMT
last-modified
Wed, 18 Dec 2019 07:32:37 GMT
X-Powered-By
Express
x-frame-options
ALLOWALL
access-control-allow-methods
, get
content-type
text/css; charset=UTF-8
transfer-encoding
chunked
Connection
keep-alive
access-control-allow-headers
, x-requested-with, accept

Redirect headers

Location
/css/auth_layout_v5_style.css
Date
Thu, 23 Jan 2020 23:40:34 GMT
Connection
keep-alive
X-Powered-By
Express
Content-Length
51
Vary
Accept
Content-Type
text/plain; charset=utf-8
auth_layout_v5_pc.css
er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/
Redirect Chain
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_pc.css
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/css/auth_layout_v5_pc.css
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_pc.css
8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_pc.css
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.42.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-42-59.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
5ee94193e7fa5debacb107ce62a50b56eb9afcba7de9268589a157c41c1efcce
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 23:40:34 GMT
last-modified
Wed, 18 Dec 2019 07:32:37 GMT
X-Powered-By
Express
x-frame-options
ALLOWALL
access-control-allow-methods
, get
content-type
text/css; charset=UTF-8
transfer-encoding
chunked
Connection
keep-alive
access-control-allow-headers
, x-requested-with, accept

Redirect headers

Location
/css/auth_layout_v5_pc.css
Date
Thu, 23 Jan 2020 23:40:34 GMT
Connection
keep-alive
X-Powered-By
Express
Content-Length
48
Vary
Accept
Content-Type
text/plain; charset=utf-8
logo_header.png
er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/
Redirect Chain
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/img/logo_header.png
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/img/logo_header.png
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/logo_header.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/logo_header.png
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.42.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-42-59.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 23:40:34 GMT
last-modified
Thu, 12 Oct 2017 09:43:02 GMT
X-Powered-By
Express
x-frame-options
ALLOWALL
access-control-allow-methods
, get
content-type
image/png
Connection
keep-alive
access-control-allow-headers
, x-requested-with, accept
Content-Length
2120

Redirect headers

Location
/img/logo_header.png
Date
Thu, 23 Jan 2020 23:40:34 GMT
Connection
keep-alive
X-Powered-By
Express
Content-Length
42
Vary
Accept
Content-Type
text/plain; charset=utf-8
footer_copyright.png
er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/
Redirect Chain
  • https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/https://id.smt.docomo.ne.jp/img/footer_copyright.png
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/https://id.smt.docomo.ne.jp/img/footer_copyright.png
  • https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/footer_copyright.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/img/footer_copyright.png
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.42.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-42-59.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d27fb126f122a2a567a0eb0a6b9d32edc61ff441a3d99522f8bc989b297ecce3
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 23:40:35 GMT
last-modified
Mon, 06 Jan 2020 02:15:22 GMT
X-Powered-By
Express
x-frame-options
ALLOWALL
access-control-allow-methods
, get
content-type
image/png
Connection
keep-alive
access-control-allow-headers
, x-requested-with, accept
Content-Length
4006

Redirect headers

Location
/img/footer_copyright.png
Date
Thu, 23 Jan 2020 23:40:34 GMT
Connection
keep-alive
X-Powered-By
Express
Content-Length
47
Vary
Accept
Content-Type
text/plain; charset=utf-8
gtm.js
www.googletagmanager.com/ 		140 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ9HH4
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d7c7c99a14edc07ec0e38b016348eb19f7835957c56f847512c639cd34d69d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 23:40:35 GMT
content-encoding
br
last-modified
Thu, 23 Jan 2020 23:14:34 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
33366
x-xss-protection
0
expires
Thu, 23 Jan 2020 23:40:35 GMT
bg_spring.png
id.smt.docomo.ne.jp/img/ 		102 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.smt.docomo.ne.jp/img/bg_spring.png
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.102.154.13 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP),
Reverse DNS
Software
/
Resource Hash
293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://er-o26x994spg2my5l2xpnmtq.karte-io-works.in/css/auth_layout_v5_pc.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 23 Jan 2020 23:40:36 GMT
Last-Modified
Mon, 07 Nov 2016 05:53:17 GMT
Content-Length
102
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ9HH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4022
date
Thu, 23 Jan 2020 22:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 24 Jan 2020 00:33:33 GMT
empty.gif
id.smt.docomo.ne.jp/img/ 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.smt.docomo.ne.jp/img/empty.gif?t=g&acs_url=https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Requested by
Host: er-66ynkm8b1v62rp95lek41r.karte-io-works.in
URL: https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.102.154.13 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP),
Reverse DNS
Software
/
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://er-66ynkm8b1v62rp95lek41r.karte-io-works.in/authx/cgi/baseauth
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 23 Jan 2020 23:40:36 GMT
Last-Modified
Fri, 21 Sep 2018 12:33:35 GMT
Content-Length
43
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NTT Docomo (Telecommunication)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __kartePreviewInframe function| ga boolean| __karte_loaded string| __karte_proxy_iframe_cookie object| simpleRemoteCallMethods boolean| isKartePreview object| tracker string| scrid string| err_code object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| _auth_pv_ga object| _autha function| _authb object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

2 Console Messages

Source Level URL
Text
console-api info URL: https://admin.karte.io/libs/preview-inframe/build.js(Line 18393)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api info URL: https://admin.karte.io/libs/preview-inframe/build.js(Line 18404)
Message:
You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOWALL