va4v77pp.duckdns.org Open in urlscan Pro
104.255.152.133 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://va4v77pp.duckdns.org/
Submission: On June 17 via api (June 17th 2024, 1:49:32 am UTC) from US — Scanned from CA

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 104.255.152.133, located in Canada and belongs to NETMINDERS, CA. The main domain is va4v77pp.duckdns.org.

This is the only time va4v77pp.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NTT Docomo (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
21	104.255.152.133 104.255.152.133		7040 (NETMINDERS) (NETMINDERS)
22	2

21 104.255.152.133 (Canada)

ASN7040 (NETMINDERS, CA)

va4v77pp.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	duckdns.org va4v77pp.duckdns.org	1 MB
0	dcloud.net.cn Failed cdn.dcloud.net.cn Failed
22	2

	Domain	Requested by
21	va4v77pp.duckdns.org	va4v77pp.duckdns.org
0	cdn.dcloud.net.cn Failed	va4v77pp.duckdns.org
22	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://va4v77pp.duckdns.org/
Frame ID: B527B8C64A3C2A0E548DF0A15E1F946B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

undefined

Page URL History Show full URLs

http://va4v77pp.duckdns.org/ HTTP 307
https://va4v77pp.duckdns.org/ HTTP 307
http://va4v77pp.duckdns.org/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

22
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1253 kB
Transfer

1583 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://va4v77pp.duckdns.org/ HTTP 307
https://va4v77pp.duckdns.org/ HTTP 307
http://va4v77pp.duckdns.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response va4v77pp.duckdns.org/ Redirect Chain http://va4v77pp.duckdns.org/ https://va4v77pp.duckdns.org/ http://va4v77pp.duckdns.org/	840 B 1 KB	18ms 17ms	Document text/html	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/ Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `87da5f189257721a13c77f7bb32dd3613e3a0a2356ced729ea0cc9a4bdac2c42` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 840 Content-Type text/html Date Mon, 17 Jun 2024 01:49:27 GMT ETag "65f5bf43-348" Last-Modified Sat, 16 Mar 2024 15:48:19 GMT Server nginx Redirect headers Location http://va4v77pp.duckdns.org/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	uni.07e52d16.css va4v77pp.duckdns.org/assets/	1 KB 835 B	17ms 17ms	Stylesheet text/css	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/assets/uni.07e52d16.css Requested by Host: va4v77pp.duckdns.org URL: http://va4v77pp.duckdns.org/ Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `07e52d16eab103cde90a03bb0f7285a1366ae5874ee1f00841d645ff43966634` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:45:03 GMT Server nginx ETag W/"65d3777f-445" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Mon, 17 Jun 2024 13:49:27 GMT
GET H/1.1	200 OK	index-a3f073a0.js Show response va4v77pp.duckdns.org/assets/	94 KB 40 KB	37ms 21ms	Script application/javascript	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/assets/index-a3f073a0.js Requested by Host: va4v77pp.duckdns.org URL: http://va4v77pp.duckdns.org/ Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `afb7780a0afb3f7bdb63200ae54fe51473d2ef5c28a6c3af0f263e2922993183` Request headers Referer http://va4v77pp.duckdns.org/ Origin http://va4v77pp.duckdns.org Accept-Language en-CA,en;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:45:03 GMT Server nginx ETag W/"65d3777f-1762e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Mon, 17 Jun 2024 13:49:27 GMT
GET H/1.1	200 OK	index-44297b41.css va4v77pp.duckdns.org/assets/	4 KB 2 KB	34ms 18ms	Stylesheet text/css	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/assets/index-44297b41.css Requested by Host: va4v77pp.duckdns.org URL: http://va4v77pp.duckdns.org/ Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `44297b414ff828ce846be5e65b9c2f267e6ea6295e065f91eea35f1833d4069d` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:45:03 GMT Server nginx ETag W/"65d3777f-ec4" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Mon, 17 Jun 2024 13:49:27 GMT
GET H/1.1	200 OK	pages-index-index.7b6c1bb5.js Show response va4v77pp.duckdns.org/assets/	8 KB 5 KB	18ms 18ms	Script application/javascript	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/assets/pages-index-index.7b6c1bb5.js Requested by Host: va4v77pp.duckdns.org URL: http://va4v77pp.duckdns.org/assets/index-a3f073a0.js Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `19fe381743e14f6befce6298e5a90405d44f433bfadd37abce7afab13e596dc1` Request headers Referer http://va4v77pp.duckdns.org/assets/index-a3f073a0.js Origin http://va4v77pp.duckdns.org Accept-Language en-CA,en;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Tue, 02 Apr 2024 10:08:49 GMT Server nginx ETag W/"660bd931-1f8a" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Mon, 17 Jun 2024 13:49:27 GMT
GET H/1.1	404 Not Found	favicon.ico va4v77pp.duckdns.org/	548 B 696 B	17ms 17ms	Other text/html	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/favicon.ico Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Server nginx Connection keep-alive Content-Length 548 Content-Type text/html
GET H/1.1	200 OK	index.css va4v77pp.duckdns.org/static/css/	4 KB 2 KB	18ms 17ms	Stylesheet text/css	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Full URL http://va4v77pp.duckdns.org/static/css/index.css Requested by Host: va4v77pp.duckdns.org URL: http://va4v77pp.duckdns.org/assets/index-a3f073a0.js Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `21ca84f6f6bbfe2a4e27b23704634f80a67ce9d33d23d26e961603bd1a42f22d` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:16:30 GMT Server nginx ETag W/"65f5b7ce-1010" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Mon, 17 Jun 2024 13:49:27 GMT
GET H/1.1	200 OK	logo-f24f6eb0.png va4v77pp.duckdns.org/assets/	8 KB 9 KB	18ms 18ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/logo-f24f6eb0.png Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `22de9975408fe75e94c2ec2c612bd874eb4ee7e158b900294ba4285fdf2f05a3` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:24:51 GMT Server nginx ETag W/"65f5b9c3-21bc" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	topbanner-b629c3c2.png va4v77pp.duckdns.org/assets/	55 KB 54 KB	23ms 19ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/topbanner-b629c3c2.png Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `b629c3c290d55f4bdc6aace4dfb809fe6a388df4a793a4b33364ca75dd0fd1f2` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:45:03 GMT Server nginx ETag W/"65d3777f-daf8" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	wenzi1-d1d062fe.png va4v77pp.duckdns.org/assets/	10 KB 10 KB	33ms 18ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/wenzi1-d1d062fe.png Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `d37372b4fdda1878546c9e2dca770ddb718dfd03be3b14f07a3f703092c54863` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:19:00 GMT Server nginx ETag W/"65f5b864-262d" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	wenzi2-d5a2a494.png va4v77pp.duckdns.org/assets/	8 KB 8 KB	34ms 19ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/wenzi2-d5a2a494.png Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `d5a2a49470cf7a7063292ec14f1baa47cc41dd6459528db1bc25286d4c566e4e` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:45:03 GMT Server nginx ETag W/"65d3777f-2107" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	tu1-b1ddc6d0.png va4v77pp.duckdns.org/assets/	38 KB 38 KB	32ms 20ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/tu1-b1ddc6d0.png Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `b1ddc6d02f7c472793efc4b57a5e7399d9578ffaadca2ca924fc74b4852bdcd1` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Mon, 19 Feb 2024 15:45:03 GMT Server nginx ETag W/"65d3777f-9793" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	1-85b7a68d.jpg va4v77pp.duckdns.org/assets/	155 KB 127 KB	22ms 20ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/1-85b7a68d.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `ffd083934935c13e41a58e4f974ae5b982ca650cfa84b8b6425d043fe53393db` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:45:18 GMT Server nginx ETag W/"65f5be8e-26af4" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	2-fd352367.jpg va4v77pp.duckdns.org/assets/	228 KB 198 KB	21ms 19ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/2-fd352367.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `699845d02a197fb90e0adb264ead432f3a9daa6574c21f9c3dd6848f652ba87e` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:45:45 GMT Server nginx ETag W/"65f5bea9-3905c" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	3-9f7c6283.jpg va4v77pp.duckdns.org/assets/	188 KB 122 KB	60ms 20ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/3-9f7c6283.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `9f7c6283db42f8966f0e809a7202b6e2f2f18f9e1e0c10eb90379b9b5a13a62c` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:43:01 GMT Server nginx ETag W/"65f5be05-2f1bd" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	4-85522e9e.jpg va4v77pp.duckdns.org/assets/	106 KB 75 KB	69ms 29ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/4-85522e9e.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `85522e9e0cd1b576f002745cd22c84b3fd797e2eacdf35319e85d29c5e6a0549` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:43:02 GMT Server nginx ETag W/"65f5be06-1a634" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	5-8a4879e9.jpg va4v77pp.duckdns.org/assets/	215 KB 162 KB	84ms 18ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/5-8a4879e9.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `604972b1f9b31f40ed54a231c5f55e25f41b138bc43f06c1777f8d90fc70b628` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:45:24 GMT Server nginx ETag W/"65f5be94-35d12" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	6-e431ac81.jpg va4v77pp.duckdns.org/assets/	149 KB 119 KB	63ms 18ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/6-e431ac81.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `9851f0ef6ec7d7012161ba7de43dfe61ae0683b69c9a9fe34251fe32f4b41e34` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:45:16 GMT Server nginx ETag W/"65f5be8c-25269" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	7-499c11e1.jpg va4v77pp.duckdns.org/assets/	169 KB 141 KB	37ms 19ms	Image image/jpeg	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/7-499c11e1.jpg Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `fcef8054e8c4f1db57ef18f1a261c7feb2270c9b2858882bf10884e86a36d5ef` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:39:55 GMT Server nginx ETag W/"65f5bd4b-2a37d" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d59e6dab7ec39dc3ecf8b2f9377eb95f5d39636019bdd0210b43c58442675de8` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	wenzi0-3f132efc.png va4v77pp.duckdns.org/assets/	10 KB 10 KB	36ms 17ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/assets/wenzi0-3f132efc.png Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `d37372b4fdda1878546c9e2dca770ddb718dfd03be3b14f07a3f703092c54863` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:18:38 GMT Server nginx ETag W/"65f5b84e-262d" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET H/1.1	200 OK	logo1.png va4v77pp.duckdns.org/static/images/	130 KB 130 KB	57ms 18ms	Image image/png	104.255.152.133 NETMINDERS
General Check archive.org Show headers Download Go to Show image Full URL http://va4v77pp.duckdns.org/static/images/logo1.png Requested by Host: va4v77pp.duckdns.org URL: http://va4v77pp.duckdns.org/static/css/index.css Protocol HTTP/1.1 Server 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA), Reverse DNS Software nginx / Resource Hash `14a076d4b530a76243d0eb747207210a8f7037d5afb2672d907e0b79c1993540` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer http://va4v77pp.duckdns.org/static/css/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 17 Jun 2024 01:49:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Mar 2024 15:00:47 GMT Server nginx ETag W/"65f5b41f-2082b" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Wed, 17 Jul 2024 01:49:27 GMT
GET		shadow-grey.png cdn.dcloud.net.cn/img/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.dcloud.net.cn
URL: https://cdn.dcloud.net.cn/img/shadow-grey.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NTT Docomo (Telecommunication)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://va4v77pp.duckdns.org/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
va4v77pp.duckdns.org
cdn.dcloud.net.cn
104.255.152.133
07e52d16eab103cde90a03bb0f7285a1366ae5874ee1f00841d645ff43966634
14a076d4b530a76243d0eb747207210a8f7037d5afb2672d907e0b79c1993540
19fe381743e14f6befce6298e5a90405d44f433bfadd37abce7afab13e596dc1
21ca84f6f6bbfe2a4e27b23704634f80a67ce9d33d23d26e961603bd1a42f22d
22de9975408fe75e94c2ec2c612bd874eb4ee7e158b900294ba4285fdf2f05a3
44297b414ff828ce846be5e65b9c2f267e6ea6295e065f91eea35f1833d4069d
604972b1f9b31f40ed54a231c5f55e25f41b138bc43f06c1777f8d90fc70b628
699845d02a197fb90e0adb264ead432f3a9daa6574c21f9c3dd6848f652ba87e
85522e9e0cd1b576f002745cd22c84b3fd797e2eacdf35319e85d29c5e6a0549
87da5f189257721a13c77f7bb32dd3613e3a0a2356ced729ea0cc9a4bdac2c42
9851f0ef6ec7d7012161ba7de43dfe61ae0683b69c9a9fe34251fe32f4b41e34
9f7c6283db42f8966f0e809a7202b6e2f2f18f9e1e0c10eb90379b9b5a13a62c
afb7780a0afb3f7bdb63200ae54fe51473d2ef5c28a6c3af0f263e2922993183
b1ddc6d02f7c472793efc4b57a5e7399d9578ffaadca2ca924fc74b4852bdcd1
b629c3c290d55f4bdc6aace4dfb809fe6a388df4a793a4b33364ca75dd0fd1f2
d37372b4fdda1878546c9e2dca770ddb718dfd03be3b14f07a3f703092c54863
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d59e6dab7ec39dc3ecf8b2f9377eb95f5d39636019bdd0210b43c58442675de8
d5a2a49470cf7a7063292ec14f1baa47cc41dd6459528db1bc25286d4c566e4e
fcef8054e8c4f1db57ef18f1a261c7feb2270c9b2858882bf10884e86a36d5ef
ffd083934935c13e41a58e4f974ae5b982ca650cfa84b8b6425d043fe53393db

va4v77pp.duckdns.org Open in urlscan Pro 104.255.152.133 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1253 kBTransfer

1583 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

va4v77pp.duckdns.org Open in urlscan Pro
104.255.152.133 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1253 kB
Transfer

1583 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!