3vgc7j6c9.duckdns.org Open in urlscan Pro
117.52.17.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/Xn6kTXqXOS
Effective URL:
https://3vgc7j6c9.duckdns.org/
Submission: On June 23 via manual (June 23rd 2024, 12:33:06 pm UTC) from JP — Scanned from JP

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 20 HTTP transactions. The main IP is 117.52.17.131, located in Goyang-si, Korea, Republic Of and belongs to LGDACOM LG DACOM Corporation, KR. The main domain is 3vgc7j6c9.duckdns.org.
TLS certificate: Issued by R11 on June 21st 2024. Valid for: 3 months.

This is the only time 3vgc7j6c9.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SMBC (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	117.18.232.195 117.18.232.195	15133 (EDGECAST) (EDGECAST)
4	104.255.152.133 104.255.152.133	7040 (NETMINDERS) (NETMINDERS)
13	117.52.17.131 117.52.17.131	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
20	4

1 117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.255.152.133 (Canada)

ASN7040 (NETMINDERS, CA)

7c6idxtk8.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dg6pmr87r.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 117.52.17.131 (Goyang-si, Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

3vgc7j6c9.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	duckdns.org 7c6idxtk8.duckdns.org Failed dg6pmr87r.duckdns.org 3vgc7j6c9.duckdns.org	1 MB
1	t.co t.co — Cisco Umbrella Rank: 726	729 B
20	2

	Domain	Requested by
13	3vgc7j6c9.duckdns.org	dg6pmr87r.duckdns.org 3vgc7j6c9.duckdns.org
3	dg6pmr87r.duckdns.org	7c6idxtk8.duckdns.org dg6pmr87r.duckdns.org
1	7c6idxtk8.duckdns.org	t.co
1	t.co
20	4

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
2bjyedpo1.duckdns.org R11	`2024-06-21` - `2024-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://3vgc7j6c9.duckdns.org/
Frame ID: B0C2FCF8886C455877C876E39B8ED0FB
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/Xn6kTXqXOS Page URL
http://7c6idxtk8.duckdns.org/ Page URL
http://dg6pmr87r.duckdns.org/ HTTP 307
https://dg6pmr87r.duckdns.org/ HTTP 307
http://dg6pmr87r.duckdns.org/ Page URL
http://3vgc7j6c9.duckdns.org/ HTTP 307
https://3vgc7j6c9.duckdns.org/ Page URL

Detected technologies

Element UI (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

20
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

3
Countries

1399 kB
Transfer

2488 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/Xn6kTXqXOS Page URL
http://7c6idxtk8.duckdns.org/ Page URL
http://dg6pmr87r.duckdns.org/ HTTP 307
https://dg6pmr87r.duckdns.org/ HTTP 307
http://dg6pmr87r.duckdns.org/ Page URL
http://3vgc7j6c9.duckdns.org/ HTTP 307
https://3vgc7j6c9.duckdns.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://7c6idxtk8.duckdns.org/ HTTP 307
https://7c6idxtk8.duckdns.org/ HTTP 307
http://7c6idxtk8.duckdns.org/

Request Chain 6

http://dg6pmr87r.duckdns.org/ HTTP 307
https://dg6pmr87r.duckdns.org/ HTTP 307
http://dg6pmr87r.duckdns.org/

20 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Xn6kTXqXOS
t.co/ 277 B
729 B 128ms
121ms Document
text/html 117.18.232.195
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/Xn6kTXqXOS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.232.195 , Australia, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_m /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 194
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sun, 23 Jun 2024 12:32:48 GMT
expires: Sun, 23 Jun 2024 12:37:49 GMT
perf: 7402827104
referrer-policy: unsafe-url
server: tsa_m
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 6260d793829f77923849a414d1f96e69f80ca96914ac2c36bb08e2f3c3ecde20
x-response-time: 102
x-transaction-id: c53a375bd49189eb
x-xss-protection: 0

GET

/
7c6idxtk8.duckdns.org/
Redirect Chain

http://7c6idxtk8.duckdns.org/
https://7c6idxtk8.duckdns.org/
http://7c6idxtk8.duckdns.org/

0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
7c6idxtk8.duckdns.org/ 212 B
442 B 160ms
159ms Document
text/html 104.255.152.133
NETMINDERS

General

Check archive.org

Show headers Download Go to

Full URL: http://7c6idxtk8.duckdns.org/
Protocol: HTTP/1.1
Server: 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://t.co/Xn6kTXqXOS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 212
Content-Type: text/html
Date: Sun, 23 Jun 2024 12:32:53 GMT
ETag: "6678154a-d4"
Last-Modified: Sun, 23 Jun 2024 12:30:02 GMT
Server: nginx

GET
H/1.1

200
OK

/
dg6pmr87r.duckdns.org/
Redirect Chain

http://dg6pmr87r.duckdns.org/
https://dg6pmr87r.duckdns.org/
http://dg6pmr87r.duckdns.org/

729 B
960 B

2218ms
172ms

Document
text/html

104.255.152.133
NETMINDERS

General

Check archive.org

Show headers Download Go to

Full URL: http://dg6pmr87r.duckdns.org/
Requested by: Host: 7c6idxtk8.duckdns.org
URL: http://7c6idxtk8.duckdns.org/
Protocol: HTTP/1.1
Server: 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: http://7c6idxtk8.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 729
Content-Type: text/html
Date: Sun, 23 Jun 2024 12:32:58 GMT
ETag: "6678155e-2d9"
Last-Modified: Sun, 23 Jun 2024 12:30:22 GMT
Server: nginx

Redirect headers

Location: http://dg6pmr87r.duckdns.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 404
Not Found index-0cd7bfcc.js
dg6pmr87r.duckdns.org/assets/ 0
0 174ms
173ms Script
text/html 104.255.152.133
NETMINDERS

General

Check archive.org

Show headers Download Go to

Full URL: http://dg6pmr87r.duckdns.org/assets/index-0cd7bfcc.js
Requested by: Host: dg6pmr87r.duckdns.org
URL: http://dg6pmr87r.duckdns.org/
Protocol: HTTP/1.1
Server: 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://dg6pmr87r.duckdns.org/
Origin: http://dg6pmr87r.duckdns.org
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Date: Sun, 23 Jun 2024 12:32:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 146
Content-Type: text/html

GET
H/1.1 404
Not Found index-02bdfd07.css
dg6pmr87r.duckdns.org/assets/ 0
0 175ms
174ms Stylesheet
text/html 104.255.152.133
NETMINDERS

General

Check archive.org

Show headers Download Go to

Full URL: http://dg6pmr87r.duckdns.org/assets/index-02bdfd07.css
Requested by: Host: dg6pmr87r.duckdns.org
URL: http://dg6pmr87r.duckdns.org/
Protocol: HTTP/1.1
Server: 104.255.152.133 , Canada, ASN7040 (NETMINDERS, CA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: http://dg6pmr87r.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Date: Sun, 23 Jun 2024 12:32:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 146
Content-Type: text/html

GET
H2

200

Primary Request / Show response
3vgc7j6c9.duckdns.org/
Redirect Chain

http://3vgc7j6c9.duckdns.org/
https://3vgc7j6c9.duckdns.org/

373 B
527 B

2311ms
83ms

Document
text/html

117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3vgc7j6c9.duckdns.org/

Requested by

Host: dg6pmr87r.duckdns.org
URL: http://dg6pmr87r.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

655d6c7013550353444260eca072e522c9c5119a870ed97b737e69242699c684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: http://dg6pmr87r.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

accept-ranges: bytes
content-length: 373
content-type: text/html
date: Sun, 23 Jun 2024 12:33:00 GMT
etag: "6677ed49-175"
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
strict-transport-security: max-age=31536000

Redirect headers

Location: https://3vgc7j6c9.duckdns.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index-2ece4977.js Show response
3vgc7j6c9.duckdns.org/assets/ 898 KB
323 KB 254ms
253ms Script
application/javascript 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3vgc7j6c9.duckdns.org/assets/index-2ece4977.js

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

4832a3f83dec69bac1d509585ad6094e48be0aff38b972cdf7b1b2f8700aebc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3vgc7j6c9.duckdns.org/
Origin: https://3vgc7j6c9.duckdns.org
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: W/"6677ed49-e08bd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index-438ecace.css
3vgc7j6c9.duckdns.org/assets/ 614 KB
116 KB 170ms
168ms Stylesheet
text/css 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3vgc7j6c9.duckdns.org/assets/index-438ecace.css

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

438ecacee425dd592a6fe24b6e43860b13d3e3b32a3365fea8fda112deda2351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: W/"6677ed49-999d9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 NotoSansJP-Regular-6f076fa9.otf
3vgc7j6c9.duckdns.org/assets/ 689 KB
690 KB 113ms
113ms Font
application/octet-stream 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3vgc7j6c9.duckdns.org/assets/NotoSansJP-Regular-6f076fa9.otf

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/assets/index-438ecace.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

6f076fa938dd29d11c94520f91df2f493cfb9816d5b8ce4cb59f05cd6cb3d22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3vgc7j6c9.duckdns.org/assets/index-438ecace.css
Origin: https://3vgc7j6c9.duckdns.org
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-ac3bc"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 705468

GET
H2 200 icon-779b6a9e.ttf
3vgc7j6c9.duckdns.org/assets/ 22 KB
22 KB 83ms
82ms Font
application/octet-stream 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3vgc7j6c9.duckdns.org/assets/icon-779b6a9e.ttf?yt5i04

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/assets/index-438ecace.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

779b6a9e830345c6aaaec9a8e0e041cddcc22d2e514686f5901847eb6b5f5967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3vgc7j6c9.duckdns.org/assets/index-438ecace.css
Origin: https://3vgc7j6c9.duckdns.org
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-57b0"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 22448

GET
H2 200 logo_smbc_01-485e5bfb.svg
3vgc7j6c9.duckdns.org/assets/ 7 KB
2 KB 84ms
82ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/logo_smbc_01-485e5bfb.svg

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

485e5bfbda7308d10582d03f7dc04ede5efe692df0ced5bcad7cb5071d7c3b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: W/"6677ed49-1a31"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 logo_01-794a8451.svg
3vgc7j6c9.duckdns.org/assets/ 3 KB
2 KB 84ms
83ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/logo_01-794a8451.svg

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

794a8451958635ae295689499311a6208eff440ace9b1118ea4b7555b672aa85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: W/"6677ed49-b8a"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 ico_help_01-34e169ad.svg
3vgc7j6c9.duckdns.org/assets/ 526 B
682 B 84ms
83ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/ico_help_01-34e169ad.svg

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-20e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 526

GET
H2 200 ico_help_01-34e169ad.svg
3vgc7j6c9.duckdns.org/assets/ 526 B
682 B 85ms
83ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/ico_help_01-34e169ad.svg?version=20210509

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-20e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 526

GET
H2 200 ico_blank_01-6bd298af.svg
3vgc7j6c9.duckdns.org/assets/ 914 B
1 KB 85ms
84ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/ico_blank_01-6bd298af.svg?version=20210509

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-392"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 914

GET
H2 200 ico_blank_01-6bd298af.svg
3vgc7j6c9.duckdns.org/assets/ 914 B
1 KB 85ms
84ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/ico_blank_01-6bd298af.svg

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-392"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 914

GET
H2 200 ico_close_01-eeb30484.svg
3vgc7j6c9.duckdns.org/assets/ 499 B
656 B 85ms
84ms Image
image/svg+xml 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3vgc7j6c9.duckdns.org/assets/ico_close_01-eeb30484.svg?version=20210509

Requested by

Host: 3vgc7j6c9.duckdns.org
URL: https://3vgc7j6c9.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-1f3"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 499

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d316f7ba5748503fdeae7f6fbfd9d43ca14dc359908292ea53c961577e0ec61c

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

Content-Type: image/png

GET
H2 200 favicon.ico
3vgc7j6c9.duckdns.org/ 373 B
526 B 82ms
82ms Other
text/html 117.52.17.131
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3vgc7j6c9.duckdns.org/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.52.17.131 Goyang-si, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

655d6c7013550353444260eca072e522c9c5119a870ed97b737e69242699c684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://3vgc7j6c9.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15

Response headers

date: Sun, 23 Jun 2024 12:33:01 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Jun 2024 09:39:21 GMT
server: nginx
etag: "6677ed49-175"
content-type: text/html
accept-ranges: bytes
content-length: 373

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 7c6idxtk8.duckdns.org
URL: http://7c6idxtk8.duckdns.org/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SMBC (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 07:08:25	Name: muc Value: 7ea5b089-dfb2-4d24-8f87-e7dc855c9ce6
.t.co/	1970-01-21 07:08:25	Name: muc_ads Value: 7ea5b089-dfb2-4d24-8f87-e7dc855c9ce6
3vgc7j6c9.duckdns.org/	1970-01-20 21:33:09	Name: sessionid Value: c13e7824a228b585029a3ea69d1659c2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/Xn6kTXqXOS Message: Unrecognized Content-Security-Policy directive 'referrer'.
network	error	URL: http://dg6pmr87r.duckdns.org/assets/index-0cd7bfcc.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dg6pmr87r.duckdns.org/assets/index-02bdfd07.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation	verbose	URL: https://3vgc7j6c9.duckdns.org/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3vgc7j6c9.duckdns.org
7c6idxtk8.duckdns.org
dg6pmr87r.duckdns.org
t.co
7c6idxtk8.duckdns.org
104.255.152.133
117.18.232.195
117.52.17.131
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5
438ecacee425dd592a6fe24b6e43860b13d3e3b32a3365fea8fda112deda2351
4832a3f83dec69bac1d509585ad6094e48be0aff38b972cdf7b1b2f8700aebc9
485e5bfbda7308d10582d03f7dc04ede5efe692df0ced5bcad7cb5071d7c3b69
655d6c7013550353444260eca072e522c9c5119a870ed97b737e69242699c684
6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6
6f076fa938dd29d11c94520f91df2f493cfb9816d5b8ce4cb59f05cd6cb3d22e
779b6a9e830345c6aaaec9a8e0e041cddcc22d2e514686f5901847eb6b5f5967
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
794a8451958635ae295689499311a6208eff440ace9b1118ea4b7555b672aa85
b95b07be24572c9cbde4ee8a4e2279ec7106b6bac2a04f14cac6017f47d48a74
d316f7ba5748503fdeae7f6fbfd9d43ca14dc359908292ea53c961577e0ec61c
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc

3vgc7j6c9.duckdns.org Open in urlscan Pro 117.52.17.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

70 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

3 Countries

1399 kBTransfer

2488 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

3 Cookies

4 Console Messages

Security Headers

Indicators

3vgc7j6c9.duckdns.org Open in urlscan Pro
117.52.17.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

3
Countries

1399 kB
Transfer

2488 kB
Size

3
Cookies

20 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!