va4v77pp.duckdns.org
Open in
urlscan Pro
104.255.152.133
Malicious Activity!
Public Scan
Submission: On June 19 via automatic, source phishtank — Scanned from CA
Summary
This is the only time va4v77pp.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NTT Docomo (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 104.255.152.133 104.255.152.133 | 7040 (NETMINDERS) (NETMINDERS) | |
1 | 124.222.174.117 124.222.174.117 | () () | |
22 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
duckdns.org
va4v77pp.duckdns.org |
1 MB |
1 |
dcloud.net.cn
cdn.dcloud.net.cn |
579 B |
22 | 2 |
Domain | Requested by | |
---|---|---|
21 | va4v77pp.duckdns.org |
va4v77pp.duckdns.org
|
1 | cdn.dcloud.net.cn |
va4v77pp.duckdns.org
|
22 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dcloud.net.cn Certum Domain Validation CA SHA2 |
2023-08-05 - 2024-09-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://va4v77pp.duckdns.org/
Frame ID: 103D77EAEBE8E92F6956D01EBBF24825
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
undefinedPage URL History Show full URLs
-
http://va4v77pp.duckdns.org/
HTTP 307
https://va4v77pp.duckdns.org/ HTTP 307
http://va4v77pp.duckdns.org/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://va4v77pp.duckdns.org/
HTTP 307
https://va4v77pp.duckdns.org/ HTTP 307
http://va4v77pp.duckdns.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
va4v77pp.duckdns.org/ Redirect Chain
|
840 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uni.07e52d16.css
va4v77pp.duckdns.org/assets/ |
1 KB 835 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-a3f073a0.js
va4v77pp.duckdns.org/assets/ |
94 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-44297b41.css
va4v77pp.duckdns.org/assets/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pages-index-index.7b6c1bb5.js
va4v77pp.duckdns.org/assets/ |
8 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
va4v77pp.duckdns.org/ |
548 B 696 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
va4v77pp.duckdns.org/static/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-f24f6eb0.png
va4v77pp.duckdns.org/assets/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topbanner-b629c3c2.png
va4v77pp.duckdns.org/assets/ |
55 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wenzi1-d1d062fe.png
va4v77pp.duckdns.org/assets/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wenzi2-d5a2a494.png
va4v77pp.duckdns.org/assets/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tu1-b1ddc6d0.png
va4v77pp.duckdns.org/assets/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1-85b7a68d.jpg
va4v77pp.duckdns.org/assets/ |
155 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2-fd352367.jpg
va4v77pp.duckdns.org/assets/ |
228 KB 198 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3-9f7c6283.jpg
va4v77pp.duckdns.org/assets/ |
188 KB 122 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4-85522e9e.jpg
va4v77pp.duckdns.org/assets/ |
106 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-8a4879e9.jpg
va4v77pp.duckdns.org/assets/ |
215 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6-e431ac81.jpg
va4v77pp.duckdns.org/assets/ |
149 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7-499c11e1.jpg
va4v77pp.duckdns.org/assets/ |
169 KB 141 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wenzi0-3f132efc.png
va4v77pp.duckdns.org/assets/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo1.png
va4v77pp.duckdns.org/static/images/ |
130 KB 130 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow-grey.png
cdn.dcloud.net.cn/img/ |
136 B 579 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NTT Docomo (Telecommunication)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence boolean| coverSupport object| uni object| wx function| rpx2px object| __uniConfig object| __uniLayout object| __uniRoutes boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.dcloud.net.cn
va4v77pp.duckdns.org
104.255.152.133
124.222.174.117
07e52d16eab103cde90a03bb0f7285a1366ae5874ee1f00841d645ff43966634
14a076d4b530a76243d0eb747207210a8f7037d5afb2672d907e0b79c1993540
19fe381743e14f6befce6298e5a90405d44f433bfadd37abce7afab13e596dc1
21ca84f6f6bbfe2a4e27b23704634f80a67ce9d33d23d26e961603bd1a42f22d
22de9975408fe75e94c2ec2c612bd874eb4ee7e158b900294ba4285fdf2f05a3
44297b414ff828ce846be5e65b9c2f267e6ea6295e065f91eea35f1833d4069d
604972b1f9b31f40ed54a231c5f55e25f41b138bc43f06c1777f8d90fc70b628
699845d02a197fb90e0adb264ead432f3a9daa6574c21f9c3dd6848f652ba87e
85522e9e0cd1b576f002745cd22c84b3fd797e2eacdf35319e85d29c5e6a0549
87da5f189257721a13c77f7bb32dd3613e3a0a2356ced729ea0cc9a4bdac2c42
9851f0ef6ec7d7012161ba7de43dfe61ae0683b69c9a9fe34251fe32f4b41e34
9f7c6283db42f8966f0e809a7202b6e2f2f18f9e1e0c10eb90379b9b5a13a62c
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
afb7780a0afb3f7bdb63200ae54fe51473d2ef5c28a6c3af0f263e2922993183
b1ddc6d02f7c472793efc4b57a5e7399d9578ffaadca2ca924fc74b4852bdcd1
b629c3c290d55f4bdc6aace4dfb809fe6a388df4a793a4b33364ca75dd0fd1f2
d37372b4fdda1878546c9e2dca770ddb718dfd03be3b14f07a3f703092c54863
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d59e6dab7ec39dc3ecf8b2f9377eb95f5d39636019bdd0210b43c58442675de8
d5a2a49470cf7a7063292ec14f1baa47cc41dd6459528db1bc25286d4c566e4e
fcef8054e8c4f1db57ef18f1a261c7feb2270c9b2858882bf10884e86a36d5ef
ffd083934935c13e41a58e4f974ae5b982ca650cfa84b8b6425d043fe53393db