www.my-docomios.vcdutmq.cn
Open in
urlscan Pro
112.213.127.232
Malicious Activity!
Public Scan
Submission: On March 09 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on March 8th 2023. Valid for: 3 months.
This is the only time www.my-docomios.vcdutmq.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NTT Docomo (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 112.213.127.232 112.213.127.232 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
3 | 49.102.154.13 49.102.154.13 | 9605 (DOCOMO NT...) (DOCOMO NTT DOCOMO) | |
12 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
vcdutmq.cn
www.my-docomios.vcdutmq.cn |
724 KB |
3 |
docomo.ne.jp
id.smt.docomo.ne.jp |
3 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
9 | www.my-docomios.vcdutmq.cn |
www.my-docomios.vcdutmq.cn
|
3 | id.smt.docomo.ne.jp |
www.my-docomios.vcdutmq.cn
|
12 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
id.smt.docomo.ne.jp |
www.nttdocomo.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.my-docomios.vcdutmq.cn R3 |
2023-03-08 - 2023-06-06 |
3 months | crt.sh |
id.smt.docomo.ne.jp DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-07 - 2023-09-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.my-docomios.vcdutmq.cn/cgi/card.jsp
Frame ID: 0186C6252217F48DE410FAEB37EDB470
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
dアカウント - ご本人様の確認 - 会員情報入力Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- <!-- (?:End )?Google Tag Manager -->
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: プライバシーポリシー
Search URL Search Domain Scan URL
Title: ご利用規約/ご注意事項
Search URL Search Domain Scan URL
Title: ご利用にあたって
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
card.jsp
www.my-docomios.vcdutmq.cn/cgi/ |
31 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3_common_v2.css
www.my-docomios.vcdutmq.cn/cgi/style/css/ |
71 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.my-docomios.vcdutmq.cn/cgi/js/ |
49 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.my-docomios.vcdutmq.cn/cgi/js/ |
287 KB 289 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.0.3.js
www.my-docomios.vcdutmq.cn/cgi/js/ |
245 KB 247 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
www.my-docomios.vcdutmq.cn/cgi/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FGT008_22v1.js
www.my-docomios.vcdutmq.cn/cgi/js/ |
26 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.png
www.my-docomios.vcdutmq.cn/cgi/style/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_copyright.png
www.my-docomios.vcdutmq.cn/cgi/style/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dac_authls.js
id.smt.docomo.ne.jp/js/ |
11 B 208 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
empty.gif
id.smt.docomo.ne.jp/img/ |
43 B 219 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dac_auth_v3.js
id.smt.docomo.ne.jp/js/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NTT Docomo (Telecommunication)43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| gblObj number| startYear number| endYear function| isResultChk function| imgUpdate function| createSelectBox function| createSelectBoxB01 function| createSelectBoxB02 function| createSelectBoxB03 function| openYmdBirth01List function| openYmdBirth02List function| openYmdBirth03List function| selectYmdBirth01 function| selectYmdBirth02 function| selectYmdBirth03 function| formCtrl_ymdbirth function| formCtrl_ymdbirth01 function| formCtrl_ymdbirth02 function| formCtrl_ymdbirth03 function| formCtrl_ymdbirthExist function| isExist function| isLeapYear function| openExYearList function| openExMonthList function| selectExYear function| selectExMonth function| formCtrl_exYear function| formCtrl_exYear1 function| formCtrl_exMonth1 object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer object| _rl function| _auth_v3a function| _auth_v3g function| _auth_v3b object| _autha function| _authb1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.my-docomios.vcdutmq.cn/cgi | Name: JSESSIONID Value: FEB3677EB27BBD9C9AEB715CF19CE238 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
id.smt.docomo.ne.jp
www.my-docomios.vcdutmq.cn
112.213.127.232
49.102.154.13
126adcd668df35cdc4e83948b880d7f15bc4e6a99ccd9af4a3e0aeb62287b3c6
2509dd3d94f53ba150ebd0d43bf71ff531c8fbef45b17279112111ce3b8482d9
350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
a3c9fd0c973e9c8c2108768d614d2e9b12a691784ca3208801951773c95bdc8b
a52d993f8a710d1801049e556050fb4d953216dc070a19dfd4bd000dd6743887
be31e385d717b3d46ce1f57c83e9a648c772b573ad28a01c09ea95e6007a4095
c19b74c4929be59afb9e994619d819c26366ef2e0cc97486064488e0bfbe595d
c7c72b974a93f3b3de19ea5c8725654e3e36a3f4d6b07bc2c21303064869d4f8
cbb66f73861ac5aef51bac8f1d2d66676a1650fc5fe828cd3b98fc61a68c89cf
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
fbfe3e78d5424a08bb6cd34d67ce34667ef9eefdf29140ebbc1a45b5574115d7