www.ihuang2.com Open in urlscan Pro
43.156.253.184 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ihuang2.com/cgi/index.html
Submission: On December 13 via api (December 13th 2024, 3:04:20 am UTC) from US — Scanned from JP

Summary HTTP 10 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 43.156.253.184, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.ihuang2.com.
TLS certificate: Issued by R11 on December 11th 2024. Valid for: 3 months.

This is the only time www.ihuang2.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NTT Docomo (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
9	43.156.253.184 43.156.253.184	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	49.102.154.3 49.102.154.3	9605 (DOCOMO NT...) (DOCOMO NTT DOCOMO)
10	3

9 43.156.253.184 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.ihuang2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.102.154.3 (Japan)

ASN9605 (DOCOMO NTT DOCOMO, INC., JP)

cfg.smt.docomo.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ihuang2.com www.ihuang2.com	396 KB
1	docomo.ne.jp cfg.smt.docomo.ne.jp
10	2

	Domain	Requested by
9	www.ihuang2.com	www.ihuang2.com
1	cfg.smt.docomo.ne.jp	www.ihuang2.com
10	2

This site contains links to these domains. Also see Links.

Domain
id.smt.docomo.ne.jp
dpoint.onelink.me
www.nttdocomo.co.jp

Subject Issuer	Validity	Valid
qiangongzi58.com R11	`2024-12-11` - `2025-03-11`	3 months	crt.sh
cfg.smt.docomo.ne.jp DigiCert TLS RSA SHA256 2020 CA1	`2024-09-05` - `2025-09-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.ihuang2.com/cgi/index.html
Frame ID: 1B2541753108A0E9BCC85DA3D4C09D3D
Requests: 12 HTTP requests in this frame

Frame: https://cfg.smt.docomo.ne.jp/nnlappsdk-7.0.2/iframe.html
Frame ID: F69485D11C34163B5928FA8781EE331E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

dアカウント - ログイン

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

10 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

396 kB
Transfer

399 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://id.smt.docomo.ne.jp/

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/idpw_forget.html
Title: IDをお忘れの方

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/index.html
Title: dアカウントとは？

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/notice.html
Title: ご利用上の注意

Search URL Search Domain Scan URL

URL: https://dpoint.onelink.me/roGT?pid=dpc_login&af_dp=dpoint%3A%2F%2Ftop&af_web_dp=https%3A%2F%2Fdpoint.jp%2Fguide%2Fhowto_dpoint%2Fapp%2Findex.html

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/notice.html#p08
Title: 共用のパソコンやタブレットでの利用について

Search URL Search Domain Scan URL

URL: https://www.nttdocomo.co.jp/utility/privacy/
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/dlogin/rules.html
Title: ご利用規約/ご注意事項

Search URL Search Domain Scan URL

URL: https://id.smt.docomo.ne.jp/src/utility/terms.html
Title: ご利用にあたって

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response www.ihuang2.com/cgi/	406 B 536 B	563ms 81ms	Document text/html	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `ff285d0fd3a5ddb5216fc5af9afeb023a6664a762b96be13a6da63f8045a3d7a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes content-length 406 content-type text/html date Fri, 13 Dec 2024 03:04:15 GMT etag W/"406-1706722186000" last-modified Wed, 31 Jan 2024 17:29:46 GMT server Apache vary Accept-Encoding
GET H2	200	chunk-vendors.3f1a91bb.js Show response www.ihuang2.com/cgi/static/js/	173 KB 175 KB	76ms 76ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/chunk-vendors.3f1a91bb.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `6b13b848fa311670dfb9fe7b1225c6ddc3ea3e844a0590b891904da861b65215` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"177546-1706715028000" accept-ranges bytes content-length 177546 date Fri, 13 Dec 2024 03:04:15 GMT last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	app.2b8eb24d.js Show response www.ihuang2.com/cgi/static/js/	5 KB 6 KB	151ms 150ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `63db3870b55faa8fae34c4a7168306a24df33f8838e920f22a8f6b47b8ebffa2` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"5554-1706716834000" accept-ranges bytes content-length 5554 date Fri, 13 Dec 2024 03:04:15 GMT last-modified Wed, 31 Jan 2024 16:00:34 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	172.fae44055.js Show response www.ihuang2.com/cgi/static/js/	137 KB 138 KB	76ms 76ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/172.fae44055.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `e9c4d8032eb29dbb5beeec2755bc15e2da375fdf5e1c9045201a26c0e0a3f8fc` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"140673-1706715028000" accept-ranges bytes content-length 140673 date Fri, 13 Dec 2024 03:04:15 GMT last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	717.12c11281.css www.ihuang2.com/cgi/static/css/	26 KB 26 KB	77ms 77ms	Stylesheet text/css	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/css/717.12c11281.css Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `b20d8c37d103635f0b962f47137a7d4e4bbea09e2a51ed472c6ab96bd3dda376` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"26597-1706715028000" accept-ranges bytes content-length 26597 date Fri, 13 Dec 2024 03:04:15 GMT last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type text/css server Apache vary Accept-Encoding
GET H2	200	717.86a80b4d.js Show response www.ihuang2.com/cgi/static/js/	19 KB 19 KB	77ms 77ms	Script application/javascript	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/static/js/717.86a80b4d.js Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/app.2b8eb24d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `c5b09f7e1258ba3ccce6988a8eb6a150aeb897397fd3d9ecf49780fd8e4ceafd` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers etag W/"19258-1706715038000" accept-ranges bytes content-length 19258 date Fri, 13 Dec 2024 03:04:15 GMT last-modified Wed, 31 Jan 2024 15:30:38 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H/1.1	200 OK	iframe.html cfg.smt.docomo.ne.jp/nnlappsdk-7.0.2/ Frame F694	0 0	25ms 11ms	Document text/html	49.102.154.3 DOCOMO NTT DOCOMO
General Check archive.org Show headers Download Go to Full URL https://cfg.smt.docomo.ne.jp/nnlappsdk-7.0.2/iframe.html Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/chunk-vendors.3f1a91bb.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 49.102.154.3 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP), Reverse DNS Software / Resource Hash Request headers Referer https://www.ihuang2.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Length 1118 Content-Type text/html; charset=UTF-8 Date Fri, 13 Dec 2024 03:04:15 GMT Last-Modified Mon, 24 Jul 2023 06:29:34 GMT
GET H2	200	pageServlet Show response www.ihuang2.com/cgi/api/	0 120 B	627ms 627ms	XHR text/html	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/cgi/api/pageServlet?pageid=0 Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/static/js/172.fae44055.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, / Referer https://www.ihuang2.com/cgi/index.html Response headers content-length 0 date Fri, 13 Dec 2024 03:04:16 GMT content-type text/html;charset=UTF-8 server Apache
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/png
GET H2	200	banner06.d570862c.jpg www.ihuang2.com/cgi/static/img/	31 KB 31 KB	77ms 76ms	Image image/jpeg	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ihuang2.com/cgi/static/img/banner06.d570862c.jpg Requested by Host: www.ihuang2.com URL: https://www.ihuang2.com/cgi/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `687b4426ef7e1103232a8fbd32cae8a85a512b021596718b9e7f1a732239773d` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers accept-ranges bytes content-length 31292 date Fri, 13 Dec 2024 03:04:15 GMT etag W/"31292-1706715028000" last-modified Wed, 31 Jan 2024 15:30:28 GMT content-type image/jpeg server Apache
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `126adcd668df35cdc4e83948b880d7f15bc4e6a99ccd9af4a3e0aeb62287b3c6` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	102 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/png
GET H2	404	favicon.ico www.ihuang2.com/	896 B 946 B	130ms 129ms	Other text/html	43.156.253.184 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ihuang2.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.156.253.184 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Apache / Resource Hash `ee9e712afd80f1b726611498e4385dcae8dadbf9cbac32de53cffc060efade4d` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://www.ihuang2.com/cgi/index.html Response headers content-length 896 date Fri, 13 Dec 2024 03:04:15 GMT content-type text/html;charset=utf-8 content-language ja server Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NTT Docomo (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkcgi boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ihuang2.com/cgi	1969-12-31 23:59:59	Name: JSESSIONID Value: 246E68632B6F43A19643DFD8E1E53084

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ihuang2.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfg.smt.docomo.ne.jp
www.ihuang2.com
43.156.253.184
49.102.154.3
126adcd668df35cdc4e83948b880d7f15bc4e6a99ccd9af4a3e0aeb62287b3c6
293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9
350f4d5bef39bf376d051c55cde14d8def0435a34f1cf5f3a5355fe0bc2cb356
63db3870b55faa8fae34c4a7168306a24df33f8838e920f22a8f6b47b8ebffa2
687b4426ef7e1103232a8fbd32cae8a85a512b021596718b9e7f1a732239773d
6b13b848fa311670dfb9fe7b1225c6ddc3ea3e844a0590b891904da861b65215
b20d8c37d103635f0b962f47137a7d4e4bbea09e2a51ed472c6ab96bd3dda376
c5b09f7e1258ba3ccce6988a8eb6a150aeb897397fd3d9ecf49780fd8e4ceafd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c4d8032eb29dbb5beeec2755bc15e2da375fdf5e1c9045201a26c0e0a3f8fc
ee9e712afd80f1b726611498e4385dcae8dadbf9cbac32de53cffc060efade4d
ff285d0fd3a5ddb5216fc5af9afeb023a6664a762b96be13a6da63f8045a3d7a

www.ihuang2.com Open in urlscan Pro 43.156.253.184 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

10 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

396 kBTransfer

399 kBSize

1 Cookies

9 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.ihuang2.com Open in urlscan Pro
43.156.253.184 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

10 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

396 kB
Transfer

399 kB
Size

1
Cookies

10 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!