urlscan.io logo urlscan.io
SecurityTrails logo

www.duiwaai.com Open in urlscan Pro
202.168.149.137  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.duiwaai.com/web/index/index1
Submission Tags: @ipnigh
Submission: On July 08 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 202.168.149.137, located in Hong Kong and belongs to VTL-AS-AP Vanta Telecommunications Limited, HK. The main domain is www.duiwaai.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on July 8th 2019. Valid for: a year.
This is the only time www.duiwaai.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Japan Post (Transportation)

Domain & IP information

IP Address AS Autonomous System
22 202.168.149.137 135544 (VTL-AS-AP...)
2 103.235.46.191 55967 (CNNIC-BAI...)
24 2
Apex Domain
Subdomains		 Transfer
22 duiwaai.com
www.duiwaai.com
121 KB
2 baidu.com
hm.baidu.com
12 KB
24 2
Domain Requested by
22 www.duiwaai.com www.duiwaai.com
2 hm.baidu.com www.duiwaai.com
24 2

This site contains no links.

Subject Issuer Validity Valid
www.duiwaai.com
Encryption Everywhere DV TLS CA - G2		 2019-07-08 -
2020-07-07		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-05-09 -
2020-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.duiwaai.com/web/index/index1
Frame ID: E6A4FDFE154F1317D7F86B10F18AC637
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

133 kB
Transfer

293 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index1
www.duiwaai.com/web/index/ 		38 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx / PHP/7.0.33
Resource Hash
52e79279b832584f1e8b6daa4109743fc01bbcb57c635707d18cf673ed73160d

Request headers

Host
www.duiwaai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 08 Jul 2019 04:57:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.33
Content-Encoding
gzip
css.css
www.duiwaai.com/themes/default/web/public/assets/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/css/css.css
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
540a2fd5caeec33ba5ec2d4629b43669ba97f453cecacba48140dc949e2789ba

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Apr 2019 06:59:20 GMT
Server
nginx
ETag
W/"5cbc14c8-496a"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 07 Aug 2019 04:57:40 GMT
jquery.js
www.duiwaai.com/static/js/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duiwaai.com/static/js/jquery.js
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2019 03:32:32 GMT
Server
nginx
ETag
W/"5c999d50-16bb3"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 07 Aug 2019 04:57:40 GMT
layer.js
www.duiwaai.com/static/js/layer/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duiwaai.com/static/js/layer/layer.js
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f7a8ebd36df16d9e0e5b5fb0f3582907c71069081d4162f0058cd86ac9c5cb2f

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2019 03:32:32 GMT
Server
nginx
ETag
W/"5c999d50-5487"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 07 Aug 2019 04:57:40 GMT
layer.css
www.duiwaai.com/static/js/layer/skin/default/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.duiwaai.com/static/js/layer/skin/default/layer.css?v=3.0.3303
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/static/js/layer/layer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
fefc5c5314aa67b5e56ab4d5e8aab61af50a9ca93df64786b24f77a46a5c22f8

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2019 03:32:32 GMT
Server
nginx
ETag
W/"5c999d50-38a3"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 07 Aug 2019 04:57:40 GMT
jsencrypt.min.js
www.duiwaai.com/static/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duiwaai.com/static/js/jsencrypt.min.js
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
3d53831ff7e3a2e4d9afe67b1511d7b3d392af508a99c9c1f158da78c0c04fd7

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2019 05:10:26 GMT
Server
nginx
ETag
W/"5cf0b742-e180"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 07 Aug 2019 04:57:40 GMT
pic1.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic1.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
73d08b73737c54140c40029d8ad6acc66dfb0de4d5b66f3c581eb7e1172715be

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-749"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1865
Expires
Wed, 07 Aug 2019 04:57:40 GMT
pic11.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		116 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic11.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
03ea48171e574da5a3c9245577a3f6382e5ff85fd637ac9e11bc02811446cd53

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-74"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116
Expires
Wed, 07 Aug 2019 04:57:40 GMT
pic12.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		96 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic12.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e429dfd548f3b582cecc3c79e3d3ef0eba6d7948873b87fb4d8a87ed81eab0e1

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-60"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic37.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		942 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic37.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0ab16da7372f629e6a1753bc645c1d424154ee7ec9fabdd297c47adc2d5d0ee0

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Sat, 20 Apr 2019 10:27:58 GMT
Server
nginx
ETag
"5cbaf42e-3ae"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
942
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic10.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		166 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic10.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
20eb14849277421432478402b65bfbf9706f1470b8e8ca928fea4778b4b83aa8

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-a6"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic2.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic2.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
8779629e16bcdc8f8d61c03cc1ac221c04c18ba52a57111d8a172fb60f5dc361

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-3e66"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15974
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic3.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		298 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic3.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5ac5afb1ce254c8eed01a06c0f0afbb118c84b8c6d047a5f63044c7c178c451c

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-12a"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
298
Expires
Wed, 07 Aug 2019 04:57:40 GMT
pic4.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		247 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic4.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
7224e0f52ff91d9300381026dfad2c48676fc47e8e6742d5ec3a01442cd8affd

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-f7"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
247
Expires
Wed, 07 Aug 2019 04:57:40 GMT
pic5.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		264 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic5.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d3fd8dedfeb60369d3372dc158ac5fbf2d376ee258b98c6c85f00aa96b085fab

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-108"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
264
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic13.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		167 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic13.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
c217ad9d9afbe34b1daf38ec2104044335477f9ca785ba8fc601ec5956e30716

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-a7"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
167
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic6.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic6.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e2b91d79a3ff9dd923d4269f31fe5de72fc5bea9ec5d18a3856562ae4362aa6b

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-3a5"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
933
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic8.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		326 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic8.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
341a66fdbe4f3c3b9565c0d581428078b558e2f72cabe8fe0bde88b1ec83e70e

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-146"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
326
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic14.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		83 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic14.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f6af25b4817443b6f8a33a07ff248f5e4f283b9e8ec9c2844c0aef9d37bd3fdd

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-53"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Wed, 07 Aug 2019 04:57:41 GMT
pic15.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		291 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/pic15.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a1dc1d7258a1fb8d48bd93fe26e9227ff299956592308344609adf8e4ecb67cf

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:41 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-123"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
291
Expires
Wed, 07 Aug 2019 04:57:41 GMT
line.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		203 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/line.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
50e7fc6d3025ca01f15950c486fdf4624cfc1b2d5e501f046929639b6996a145

Request headers

Referer
https://www.duiwaai.com/themes/default/web/public/assets/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Last-Modified
Thu, 18 Apr 2019 19:01:42 GMT
Server
nginx
ETag
"5cb8c996-cb"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203
Expires
Wed, 07 Aug 2019 04:57:40 GMT
1.png
www.duiwaai.com/themes/default/web/public/assets/img/ 		937 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duiwaai.com/themes/default/web/public/assets/img/1.png
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.168.149.137 , Hong Kong, ASN135544 (VTL-AS-AP Vanta Telecommunications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0a280bc978bab05cf4acda875f40910188181aaf1e26b7dfd578c497939f6dc3

Request headers

Referer
https://www.duiwaai.com/themes/default/web/public/assets/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:40 GMT
Last-Modified
Sun, 21 Apr 2019 06:34:24 GMT
Server
nginx
ETag
"5cbc0ef0-3a9"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
937
Expires
Wed, 07 Aug 2019 04:57:40 GMT
hm.js
hm.baidu.com/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?c0f09912d66dc08578e432aad4d22e88
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
b6a2cb780d52260945d6997d8afcaa32a875a1429259a9a98902f04b6688e172
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 08 Jul 2019 04:57:51 GMT
Content-Encoding
gzip
Server
apache
Etag
93e8d1e010dd7a85b2220b6fbaab8b7a
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11875
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=970260141&si=c0f09912d66dc08578e432aad4d22e88&v=1.2.51&lv=1&sn=10867&ct=!!
Requested by
Host: www.duiwaai.com
URL: https://www.duiwaai.com/web/index/index1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.duiwaai.com/web/index/index1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Jul 2019 04:57:52 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Japan Post (Transportation)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| layer object| JSEncryptExports function| JSEncrypt object| KJUR object| Hex object| Base64 function| ASN1 string| PublicKey number| id function| tijiao function| get_data object| _hmt boolean| _bdhm_loaded_c0f09912d66dc08578e432aad4d22e88 object| mini_tangram_log_vaezy9

2 Cookies

Domain/Path Name / Value
.duiwaai.com/ Name: Hm_lpvt_c0f09912d66dc08578e432aad4d22e88
Value: 1562561872
.duiwaai.com/ Name: Hm_lvt_c0f09912d66dc08578e432aad4d22e88
Value: 1562561872

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
www.duiwaai.com
103.235.46.191
202.168.149.137
03ea48171e574da5a3c9245577a3f6382e5ff85fd637ac9e11bc02811446cd53
0a280bc978bab05cf4acda875f40910188181aaf1e26b7dfd578c497939f6dc3
0ab16da7372f629e6a1753bc645c1d424154ee7ec9fabdd297c47adc2d5d0ee0
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
20eb14849277421432478402b65bfbf9706f1470b8e8ca928fea4778b4b83aa8
341a66fdbe4f3c3b9565c0d581428078b558e2f72cabe8fe0bde88b1ec83e70e
3d53831ff7e3a2e4d9afe67b1511d7b3d392af508a99c9c1f158da78c0c04fd7
50e7fc6d3025ca01f15950c486fdf4624cfc1b2d5e501f046929639b6996a145
52e79279b832584f1e8b6daa4109743fc01bbcb57c635707d18cf673ed73160d
540a2fd5caeec33ba5ec2d4629b43669ba97f453cecacba48140dc949e2789ba
5ac5afb1ce254c8eed01a06c0f0afbb118c84b8c6d047a5f63044c7c178c451c
7224e0f52ff91d9300381026dfad2c48676fc47e8e6742d5ec3a01442cd8affd
73d08b73737c54140c40029d8ad6acc66dfb0de4d5b66f3c581eb7e1172715be
8779629e16bcdc8f8d61c03cc1ac221c04c18ba52a57111d8a172fb60f5dc361
a1dc1d7258a1fb8d48bd93fe26e9227ff299956592308344609adf8e4ecb67cf
b6a2cb780d52260945d6997d8afcaa32a875a1429259a9a98902f04b6688e172
c217ad9d9afbe34b1daf38ec2104044335477f9ca785ba8fc601ec5956e30716
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3fd8dedfeb60369d3372dc158ac5fbf2d376ee258b98c6c85f00aa96b085fab
e2b91d79a3ff9dd923d4269f31fe5de72fc5bea9ec5d18a3856562ae4362aa6b
e429dfd548f3b582cecc3c79e3d3ef0eba6d7948873b87fb4d8a87ed81eab0e1
f6af25b4817443b6f8a33a07ff248f5e4f283b9e8ec9c2844c0aef9d37bd3fdd
f7a8ebd36df16d9e0e5b5fb0f3582907c71069081d4162f0058cd86ac9c5cb2f
fefc5c5314aa67b5e56ab4d5e8aab61af50a9ca93df64786b24f77a46a5c22f8