URL: https://nttdocomo.top/
Submission Tags: krdtest
Submission: On June 20 via api from JP

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 180.215.9.68, located in Shatin, Hong Kong and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is nttdocomo.top.
TLS certificate: Issued by R3 on June 20th 2021. Valid for: 3 months.
This is the only time nttdocomo.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NTT Docomo (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
10 180.215.9.68 64050 (BCPL-SG B...)
10 1
Apex Domain
Subdomains
Transfer
10 nttdocomo.top
nttdocomo.top
195 KB
10 1
Domain Requested by
10 nttdocomo.top nttdocomo.top
10 1

This site contains no links.

Subject Issuer Validity Valid
nttdocomo.top
R3
2021-06-20 -
2021-09-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nttdocomo.top/
Frame ID: 8657F56272D9FC986F1083DB24AFA7DD
Requests: 10 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

195 kB
Transfer

516 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nttdocomo.top/
3 KB
1 KB
Document
General
Full URL
https://nttdocomo.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
293a024e84b8b2028992f86a929699181693d1bfc8e500532f9a761fc7fe91aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
nttdocomo.top
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sun, 20 Jun 2021 04:30:16 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip
layui.css
nttdocomo.top/assets/files/style/css/
78 KB
17 KB
Stylesheet
General
Full URL
https://nttdocomo.top/assets/files/style/css/layui.css
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
1aeca5b75e0d8c5b59db3116ec7d4c05e6d2922776e41043278d26d02dfdee9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/css/layui.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:16 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-137c9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:16 GMT
normalize.css
nttdocomo.top/assets/files/style/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://nttdocomo.top/assets/files/style/css/normalize.css
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
2e16a67f6d66d11462890ffbb47a2d9097ac0a9fa09695ab78637ef0cc66766a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/css/normalize.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:16 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-1955"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:16 GMT
style.css
nttdocomo.top/assets/files/style/css/
3 KB
1016 B
Stylesheet
General
Full URL
https://nttdocomo.top/assets/files/style/css/style.css
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
db06310df8b2bc77275f8fc03f5e71cc136bfd6ce22cf571f5bc9cb57392e82d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:16 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-ca0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:16 GMT
layui.js
nttdocomo.top/assets/files/style/
284 KB
105 KB
Script
General
Full URL
https://nttdocomo.top/assets/files/style/layui.js
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
2ab9c8d891c7dcc844c389b51ef0a7a85b14c5a49b15b540e46928937a216e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/layui.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:16 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-4710e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:16 GMT
jquery.min.js
nttdocomo.top/assets/files/js/
94 KB
37 KB
Script
General
Full URL
https://nttdocomo.top/assets/files/js/jquery.min.js
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/js/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:16 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:46:58 GMT
server
nginx
etag
W/"60b1ab22-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:16 GMT
laydate.css
nttdocomo.top/assets/files/style/css/modules/laydate/default/
7 KB
2 KB
Stylesheet
General
Full URL
https://nttdocomo.top/assets/files/style/css/modules/laydate/default/laydate.css?v=5.3.1
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/assets/files/style/layui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/css/modules/laydate/default/laydate.css?v=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:17 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-1cc5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:17 GMT
layer.css
nttdocomo.top/assets/files/style/css/modules/layer/default/
14 KB
3 KB
Stylesheet
General
Full URL
https://nttdocomo.top/assets/files/style/css/modules/layer/default/layer.css?v=3.5.1
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/assets/files/style/layui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/css/modules/layer/default/layer.css?v=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:17 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-37bf"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:17 GMT
code.css
nttdocomo.top/assets/files/style/css/modules/
1 KB
722 B
Stylesheet
General
Full URL
https://nttdocomo.top/assets/files/style/css/modules/code.css?v=2
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/assets/files/style/layui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/css/modules/code.css?v=2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nttdocomo.top
referer
https://nttdocomo.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nttdocomo.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:17 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
W/"60b1ab25-527"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sun, 20 Jun 2021 16:30:17 GMT
iconfont.woff2
nttdocomo.top/assets/files/style/font/
25 KB
26 KB
Font
General
Full URL
https://nttdocomo.top/assets/files/style/font/iconfont.woff2?v=256
Requested by
Host: nttdocomo.top
URL: https://nttdocomo.top/assets/files/style/css/layui.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.215.9.68 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/assets/files/style/font/iconfont.woff2?v=256
pragma
no-cache
origin
https://nttdocomo.top
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
nttdocomo.top
referer
https://nttdocomo.top/assets/files/style/css/layui.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://nttdocomo.top
Referer
https://nttdocomo.top/assets/files/style/css/layui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 04:30:17 GMT
last-modified
Sat, 29 May 2021 02:47:01 GMT
server
nginx
etag
"60b1ab25-656c"
strict-transport-security
max-age=31536000
content-type
font/woff2
accept-ranges
bytes
content-length
25964

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NTT Docomo (Telecommunication)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| layui function| lay number| errors object| layer object| jQuery112405814242087023862 function| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000