dgedm.com
Open in
urlscan Pro
154.80.150.76
Malicious Activity!
Public Scan
Submission: On August 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.
This is the only time dgedm.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: imToken (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 154.80.150.76 154.80.150.76 | 134175 (SH2206-AP...) (SH2206-AP UNIT A17) | |
1 | 154.85.69.10 154.85.69.10 | 139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.) | |
1 | 14.215.182.140 14.215.182.140 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
1 | 156.237.140.196 156.237.140.196 | 134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service) | |
1 | 8.212.139.121 8.212.139.121 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:bf8f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 7 |
ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK)
dgedm.com |
ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
imto1ken.oss-ap-southeast-6.aliyuncs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
dgedm.com
dgedm.com |
223 KB |
1 |
imtokenv.store
aq.imtokenv.store |
|
1 |
aliyuncs.com
imto1ken.oss-ap-southeast-6.aliyuncs.com |
1 KB |
1 |
flcpw999.com
flcpw999.com |
311 B |
1 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8226 |
175 B |
1 |
51.la
sdk.51.la — Cisco Umbrella Rank: 46121 |
13 KB |
19 | 6 |
Domain | Requested by | |
---|---|---|
10 | dgedm.com |
dgedm.com
|
1 | aq.imtokenv.store |
imto1ken.oss-ap-southeast-6.aliyuncs.com
|
1 | imto1ken.oss-ap-southeast-6.aliyuncs.com |
flcpw999.com
|
1 | flcpw999.com |
dgedm.com
|
1 | hm.baidu.com |
dgedm.com
|
1 | sdk.51.la |
dgedm.com
|
19 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tsecevents.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.dgedm.com R10 |
2024-07-30 - 2024-10-28 |
3 months | crt.sh |
*.51.la Sectigo RSA Domain Validation Secure Server CA |
2024-05-14 - 2025-05-14 |
a year | crt.sh |
baidu.com GlobalSign RSA OV SSL CA 2018 |
2024-07-08 - 2025-08-09 |
a year | crt.sh |
www.flcpw999.com R10 |
2024-07-25 - 2024-10-23 |
3 months | crt.sh |
ap-southeast-6.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-11-27 - 2024-12-28 |
a year | crt.sh |
imtokenv.store WE1 |
2024-08-09 - 2024-11-07 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://dgedm.com/a/dianpu/4819.html
Frame ID: B4491CC9F1D921F1210D1974D3659173
Requests: 18 HTTP requests in this frame
Frame:
https://aq.imtokenv.store/
Frame ID: 4FF1F8EDF7D58DE1EA508FC9F9BD6A30
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
能给您带来协助就是咱们的高兴!imToken热烈欢迎咱们对imtoken获取eon宣布更多的见地_imToken|imToken官网|imToken钱包APP下载官网Detected technologies
Baidu Analytics (百度统计) (Analytics) ExpandDetected patterns
- hm\.baidu\.com/hm\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 主页
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
4819.html
dgedm.com/a/dianpu/ |
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
dgedm.com/skin/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
dgedm.com/skin/js/ |
91 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dj.js
dgedm.com/ |
436 B 650 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yq.js
dgedm.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cjx.js
dgedm.com/Plugins/apps/CaiJiXia/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js-sdk-pro.min.js
sdk.51.la/ |
34 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.superslide.2.1.1.js
dgedm.com/skin/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
0 175 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
win.js
flcpw999.com/ |
98 B 311 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
win.js
imto1ken.oss-ap-southeast-6.aliyuncs.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
aq.imtokenv.store/ Frame 4FF1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
yq.js
dgedm.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cjx.js
dgedm.com/Plugins/apps/CaiJiXia/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js-sdk-pro.min.js
sdk.51.la/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.superslide.2.1.1.js
dgedm.com/skin/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav.png
dgedm.com/skin/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg
dgedm.com/skin/images/ |
167 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dgedm.com/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dgedm.com
- URL
- https://dgedm.com/yq.js
- Domain
- dgedm.com
- URL
- https://dgedm.com/Plugins/apps/CaiJiXia/cjx.js
- Domain
- sdk.51.la
- URL
- https://sdk.51.la/js-sdk-pro.min.js
- Domain
- dgedm.com
- URL
- https://dgedm.com/skin/js/jquery.superslide.2.1.1.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: imToken (Crypto)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery object| _hmt string| l_a_n_g_age string| sen_type string| c_d1 string| c_d2 string| NbPe2$DTh2 string| dmQDYbpgh4$mtVUaU41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.imtokenv.store/ | Name: cf_clearance Value: sDthQce2BwgP6l25ETRVpMZBNd2EHzUYQc1DGAxS_Co-1723215390-1.0.1.1-ax1l8aHYZ1uxmHcyvdrU5uroqK2eYySCxOuCWxdD3wEQn_VZlBxCfB.xwJx37v9LeVycks7OqQ_TomDgvxx7Kw |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aq.imtokenv.store
dgedm.com
flcpw999.com
hm.baidu.com
imto1ken.oss-ap-southeast-6.aliyuncs.com
sdk.51.la
dgedm.com
sdk.51.la
14.215.182.140
154.80.150.76
154.85.69.10
156.237.140.196
2606:4700:3037::ac43:bf8f
8.212.139.121
2d7b9ac3ff3aecceaf0e8fc829a66d12284d4227a3eabfdaad1d3b9977b7d687
373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4
496bdf2635c9f9494f51d0ba63c8a43e5b6dfb7c88b4426e6a56f577d945e3e9
5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512
862ebfd57664bcf8239f5694869ec2cb85b566b6600013c408e1929ec376d337
942b7b17b40f92178d40d332b418b1bdb819a98a702b2c81a5793b4c86ee3724
c5295e9bc5d73b08ca570e9b9aed94742d70ea16833fe3a9f11ae266225ed7a8
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0e1de6628215b7a25dac6303f1dfee6500fb50e664d06d2773aaddea7233b4f
fa2d8bec8db3e3ab806daf9ebe7fc9f9c3e1bb2353b67229311cf2f753811ab1
fa411409e767595b83bf12f7204d69a856031ec9466998358316f6cbbfedd8a6
fe3569e3dac9f1b6e88db2c174faa4e17ab42d11c4eebccf60fe3e0844416e64