ddhahvdand.duckdns.org Open in urlscan Pro
185.217.0.248  Malicious Activity! Public Scan

URL: http://ddhahvdand.duckdns.org/
Submission: On November 05 via manual from JP — Scanned from JP

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 185.217.0.248, located in Isle Of Man and belongs to ICME, IM. The main domain is ddhahvdand.duckdns.org.
This is the only time ddhahvdand.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NTT Docomo (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
10 185.217.0.248 42237 (ICME)
1 49.102.154.13 ()
12 3
Apex Domain
Subdomains
Transfer
10 duckdns.org
ddhahvdand.duckdns.org
63 KB
1 docomo.ne.jp
id.smt.docomo.ne.jp
279 B
0 51.la Failed
js.users.51.la Failed
12 3
Domain Requested by
10 ddhahvdand.duckdns.org ddhahvdand.duckdns.org
1 id.smt.docomo.ne.jp ddhahvdand.duckdns.org
0 js.users.51.la Failed ddhahvdand.duckdns.org
12 3

This site contains no links.

Subject Issuer Validity Valid
id.smt.docomo.ne.jp
DigiCert TLS RSA SHA256 2020 CA1
2021-09-07 -
2022-10-01
a year crt.sh

This page contains 1 frames:

Primary Page: http://ddhahvdand.duckdns.org/
Frame ID: 4BE06B2BA7AA23F88DD9EB81D40072B7
Requests: 12 HTTP requests in this frame

Screenshot


Page Statistics

12
Requests

8 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

63 kB
Transfer

148 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ddhahvdand.duckdns.org/
12 KB
4 KB
Document
General
Full URL
http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
273029baf189880536e317f7dce1f7ef6fb257efe348ff3f74c36a59308a941e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Server
nginx
Date
Fri, 05 Nov 2021 08:35:18 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
auth_layout_v5_style.css
ddhahvdand.duckdns.org/static/docomo/
22 KB
7 KB
Stylesheet
General
Full URL
http://ddhahvdand.duckdns.org/static/docomo/auth_layout_v5_style.css
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
32c934398cdbd10d2687530b9af604abcac2165d758340a3c9079782cbb4ae81

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 10:13:50 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 05 Dec 2021 08:35:19 GMT
auth_layout_v5_pc.css
ddhahvdand.duckdns.org/static/docomo/
8 KB
3 KB
Stylesheet
General
Full URL
http://ddhahvdand.duckdns.org/static/docomo/auth_layout_v5_pc.css
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
5ee94193e7fa5debacb107ce62a50b56eb9afcba7de9268589a157c41c1efcce

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 10:13:50 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 05 Dec 2021 08:35:19 GMT
jquery-3.3.1.min.js
ddhahvdand.duckdns.org/static/js/
85 KB
34 KB
Script
General
Full URL
http://ddhahvdand.duckdns.org/static/js/jquery-3.3.1.min.js
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Oct 2019 04:31:04 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 05 Dec 2021 08:35:19 GMT
jquery.cookie.js
ddhahvdand.duckdns.org/static/js/
3 KB
2 KB
Script
General
Full URL
http://ddhahvdand.duckdns.org/static/js/jquery.cookie.js
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jan 2021 08:10:06 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 05 Dec 2021 08:35:19 GMT
jquery.loadmask.css
ddhahvdand.duckdns.org/static/css/
3 KB
1 KB
Stylesheet
General
Full URL
http://ddhahvdand.duckdns.org/static/css/jquery.loadmask.css
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
3b42273b8b17f400beb1b47527ea7b61195cb320a1a4c726ffd32650b7cf72b7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Jul 2020 13:02:10 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 05 Dec 2021 08:35:19 GMT
jquery.loadmask.min.js
ddhahvdand.duckdns.org/static/js/
6 KB
2 KB
Script
General
Full URL
http://ddhahvdand.duckdns.org/static/js/jquery.loadmask.min.js
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
a47f5828375f1660b81e10e39bc367bd8502697d6e0e93a520b1a26f6eee1862

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Jul 2020 11:01:12 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 05 Dec 2021 08:35:19 GMT
21174741.js
js.users.51.la/
0
0

logo_header.png
ddhahvdand.duckdns.org/static/docomo/
2 KB
2 KB
Image
General
Full URL
http://ddhahvdand.duckdns.org/static/docomo/logo_header.png
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:19 GMT
Last-Modified
Tue, 24 Dec 2019 10:13:50 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2120
Expires
Sun, 05 Dec 2021 08:35:19 GMT
loading.gif
ddhahvdand.duckdns.org/static/picture/
4 KB
4 KB
Image
General
Full URL
http://ddhahvdand.duckdns.org/static/picture/loading.gif
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
3c5cacbdad8f88e2639de87f92ffc832e6e60a2d77631f55350fd5f109237ced

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:20 GMT
Last-Modified
Mon, 14 Oct 2019 04:31:14 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3897
Expires
Sun, 05 Dec 2021 08:35:20 GMT
footer_copyright.png
ddhahvdand.duckdns.org/static/docomo/
4 KB
4 KB
Image
General
Full URL
http://ddhahvdand.duckdns.org/static/docomo/footer_copyright.png
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/
Protocol
HTTP/1.1
Server
185.217.0.248 , Isle Of Man, ASN42237 (ICME, IM),
Reverse DNS
Software
nginx /
Resource Hash
70dd543e24a0284cf0bd077a309c5fc9274d49f30fc04f3b716991c1462857ab

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:20 GMT
Last-Modified
Tue, 24 Dec 2019 10:13:50 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4104
Expires
Sun, 05 Dec 2021 08:35:20 GMT
bg_spring.png
id.smt.docomo.ne.jp/img/
102 B
279 B
Image
General
Full URL
https://id.smt.docomo.ne.jp/img/bg_spring.png
Requested by
Host: ddhahvdand.duckdns.org
URL: http://ddhahvdand.duckdns.org/static/docomo/auth_layout_v5_pc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.102.154.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://ddhahvdand.duckdns.org/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 05 Nov 2021 08:35:50 GMT
Last-Modified
Mon, 07 Nov 2016 05:53:17 GMT
Content-Length
102
X-Frame-Options
SAMEORIGIN
Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.users.51.la
URL
https://js.users.51.la/21174741.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NTT Docomo (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
ddhahvdand.duckdns.org/ Name: sessionid
Value: 94738d0ad9d22b6b759192962f03b89b

1 Console Messages

Source Level URL
Text
network error URL: https://js.users.51.la/21174741.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET