www.ihuang2.com Open in urlscan Pro
43.156.253.184 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ihuang2.com/cgi/index.html
Submission: On December 13 via manual (December 13th 2024, 4:08:53 am UTC) from JP — Scanned from SG

Summary HTTP 10 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 43.156.253.184, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.ihuang2.com.
TLS certificate: Issued by R11 on December 11th 2024. Valid for: 3 months.

This is the only time www.ihuang2.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NTT Docomo (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
8	43.156.253.184 43.156.253.184	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	49.102.154.3 49.102.154.3	9605 (DOCOMO NT...) (DOCOMO NTT DOCOMO)
10	3

8 43.156.253.184 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.ihuang2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.102.154.3 (Japan)

ASN9605 (DOCOMO NTT DOCOMO, INC., JP)

cfg.smt.docomo.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ihuang2.com www.ihuang2.com	395 KB
1	docomo.ne.jp cfg.smt.docomo.ne.jp
0	Failed function sub() { [native code] }. Failed
10	3

	Domain	Requested by
8	www.ihuang2.com	www.ihuang2.com
1	cfg.smt.docomo.ne.jp	www.ihuang2.com
0	localhost Failed	www.ihuang2.com
10	3

This site contains links to these domains. Also see Links.

Domain
id.smt.docomo.ne.jp
dpoint.onelink.me
www.nttdocomo.co.jp

Subject Issuer	Validity	Valid
qiangongzi58.com R11	`2024-12-11` - `2025-03-11`	3 months	crt.sh
cfg.smt.docomo.ne.jp DigiCert TLS RSA SHA256 2020 CA1	`2024-09-05` - `2025-09-30`	a year	crt.sh

This page contains 2 frames:

Frame: http://localhost/
Frame ID: C6715BDB63AC6F449E224D318D66C704
Requests: 12 HTTP requests in this frame

Frame: https://cfg.smt.docomo.ne.jp/nnlappsdk-7.0.2/iframe.html
Frame ID: CAF7AA62C40CE40D6A175D163310B931
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

dアカウント - ログイン

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

10 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

395 kB
Transfer

398 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://id.smt.docomo.ne.jp/

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/idpw_forget.html
Title: IDをお忘れの方

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/index.html
Title: dアカウントとは？

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/notice.html
Title: ご利用上の注意

Search URL Search Domain Scan URL

URL: https://dpoint.onelink.me/roGT?pid=dpc_login&af_dp=dpoint%3A%2F%2Ftop&af_web_dp=https%3A%2F%2Fdpoint.jp%2Fguide%2Fhowto_dpoint%2Fapp%2Findex.html

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/notice.html#p08
Title: 共用のパソコンやタブレットでの利用について

Search URL Search Domain Scan URL

URL: https://www.nttdocomo.co.jp/utility/privacy/
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/dlogin/rules.html
Title: ご利用規約/ご注意事項

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/terms.html
Title: ご利用にあたって

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response www.ihuang2.com/cgi/	406 B 536 B	34ms 21ms	Document text/html	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `ff285d0fd3a5ddb5216fc5af9afeb023a6664a762b96be13a6da63f8045a3d7a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 406 content-type text/html date Fri, 13 Dec 2024 04:08:48 GMT etag W/"406-1706722186000" last-modified Wed, 31 Jan 2024 17:29:46 GMT server Apache vary Accept-Encoding
GET H2	200	chunk-vendors.3f1a91bb.js Show response www.ihuang2.com/cgi/static/js/	173 KB 175 KB	36ms 35ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/chunk-vendors.3f1a91bb.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `6b13b848fa311670dfb9fe7b1225c6ddc3ea3e844a0590b891904da861b65215` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"177546-1706715028000" accept-ranges bytes content-length 177546 date Fri, 13 Dec 2024 04:08:48 GMT last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	app.2b8eb24d.js Show response www.ihuang2.com/cgi/static/js/	5 KB 6 KB	37ms 36ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `63db3870b55faa8fae34c4a7168306a24df33f8838e920f22a8f6b47b8ebffa2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"5554-1706716834000" accept-ranges bytes content-length 5554 date Fri, 13 Dec 2024 04:08:48 GMT last-modified Wed, 31 Jan 2024 16:00:34 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	172.fae44055.js Show response www.ihuang2.com/cgi/static/js/	137 KB 138 KB	12ms 11ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/172.fae44055.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `e9c4d8032eb29dbb5beeec2755bc15e2da375fdf5e1c9045201a26c0e0a3f8fc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"140673-1706715028000" accept-ranges bytes content-length 140673 date Fri, 13 Dec 2024 04:08:48 GMT last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	717.12c11281.css www.ihuang2.com/cgi/static/css/	26 KB 26 KB	7ms 6ms	Stylesheet text/css	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/css/717.12c11281.css Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `b20d8c37d103635f0b962f47137a7d4e4bbea09e2a51ed472c6ab96bd3dda376` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"26597-1706715028000" accept-ranges bytes content-length 26597 date Fri, 13 Dec 2024 04:08:48 GMT last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type text/css server Apache vary Accept-Encoding
GET H2	200	717.86a80b4d.js Show response www.ihuang2.com/cgi/static/js/	19 KB 19 KB	9ms 8ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/717.86a80b4d.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `c5b09f7e1258ba3ccce6988a8eb6a150aeb897397fd3d9ecf49780fd8e4ceafd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"19258-1706715038000" accept-ranges bytes content-length 19258 date Fri, 13 Dec 2024 04:08:48 GMT last-modified Wed, 31 Jan 2024 15:30:38 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H/1.1	200 OK	iframe.html cfg.smt.docomo.ne.jp/nnlappsdk-7.0.2/ Frame CAF7	0 0	798ms 278ms	Document text/html	49.102.154.3 DOCOMO NTT DOCOMO
General Check archive.org Show headers Download Go to Full URL https://cfg.smt.docomo.ne.jp/nnlappsdk-7.0.2/iframe.html Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/chunk-vendors.3f1a91bb.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 49.102.154.3 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP), Reverse DNS Software / Resource Hash Request headers Referer https://www.ihuang2.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Content-Length 1118 Content-Type text/html; charset=UTF-8 Date Fri, 13 Dec 2024 04:08:49 GMT Last-Modified Mon, 24 Jul 2023 06:29:34 GMT
GET H2	200	pageServlet Show response www.ihuang2.com/cgi/api/	2 B 99 B	18ms 17ms	XHR text/html	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/api/pageServlet?pageid=0 Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/172.fae44055.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, / Referer https://www.ihuang2.com/cgi/index.html Response headers content-length 2 date Fri, 13 Dec 2024 04:08:48 GMT content-type text/html;charset=UTF-8 server Apache
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	banner06.d570862c.jpg www.ihuang2.com/cgi/static/img/	31 KB 31 KB	20ms 20ms	Image image/jpeg	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ihuang2.com/cgi/static/img/banner06.d570862c.jpg Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `687b4426ef7e1103232a8fbd32cae8a85a512b021596718b9e7f1a732239773d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ihuang2.com/cgi/index.html Response headers accept-ranges bytes content-length 31292 date Fri, 13 Dec 2024 04:08:48 GMT etag W/"31292-1706715028000" last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type image/jpeg server Apache
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `126adcd668df35cdc4e83948b880d7f15bc4e6a99ccd9af4a3e0aeb62287b3c6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	102 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET		/ localhost/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: http://localhost/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NTT Docomo (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkcgi boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ihuang2.com/cgi	1969-12-31 23:59:59	Name: JSESSIONID Value: 16E7FD1B29D9C3A1C1753E364B55630B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfg.smt.docomo.ne.jp
localhost
www.ihuang2.com
localhost
43.156.253.184
49.102.154.3
126adcd668df35cdc4e83948b880d7f15bc4e6a99ccd9af4a3e0aeb62287b3c6
293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9
350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356
63db3870b55faa8fae34c4a7168306a24df33f8838e920f22a8f6b47b8ebffa2
687b4426ef7e1103232a8fbd32cae8a85a512b021596718b9e7f1a732239773d
6b13b848fa311670dfb9fe7b1225c6ddc3ea3e844a0590b891904da861b65215
b20d8c37d103635f0b962f47137a7d4e4bbea09e2a51ed472c6ab96bd3dda376
c5b09f7e1258ba3ccce6988a8eb6a150aeb897397fd3d9ecf49780fd8e4ceafd
d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567
e9c4d8032eb29dbb5beeec2755bc15e2da375fdf5e1c9045201a26c0e0a3f8fc
ff285d0fd3a5ddb5216fc5af9afeb023a6664a762b96be13a6da63f8045a3d7a

www.ihuang2.com Open in urlscan Pro 43.156.253.184 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

10 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

395 kBTransfer

398 kBSize

1 Cookies

9 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

www.ihuang2.com Open in urlscan Pro
43.156.253.184 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

10 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

395 kB
Transfer

398 kB
Size

1
Cookies

10 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!