URL: https://dgedm.com/a/dianpu/4819.html
Submission: On August 09 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 19 HTTP transactions. The main IP is 154.80.150.76, located in Hong Kong and belongs to SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK. The main domain is dgedm.com.
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.
This is the only time dgedm.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: imToken (Crypto)

Domain & IP information

IP Address AS Autonomous System
10 154.80.150.76 134175 (SH2206-AP...)
1 154.85.69.10 139057 (LDPL-AS-A...)
1 14.215.182.140 4134 (CHINANET-...)
1 156.237.140.196 134548 (DXTL-HK D...)
1 8.212.139.121 45102 (ALIBABA-C...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
19 7
Apex Domain
Subdomains
Transfer
10 dgedm.com
dgedm.com
223 KB
1 imtokenv.store
aq.imtokenv.store
1 aliyuncs.com
imto1ken.oss-ap-southeast-6.aliyuncs.com
1 KB
1 flcpw999.com
flcpw999.com
311 B
1 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8226
175 B
1 51.la
sdk.51.la — Cisco Umbrella Rank: 46121
13 KB
19 6
Domain Requested by
10 dgedm.com dgedm.com
1 aq.imtokenv.store imto1ken.oss-ap-southeast-6.aliyuncs.com
1 imto1ken.oss-ap-southeast-6.aliyuncs.com flcpw999.com
1 flcpw999.com dgedm.com
1 hm.baidu.com dgedm.com
1 sdk.51.la dgedm.com
19 6

This site contains links to these domains. Also see Links.

Domain
www.tsecevents.com
Subject Issuer Validity Valid
www.dgedm.com
R10
2024-07-30 -
2024-10-28
3 months crt.sh
*.51.la
Sectigo RSA Domain Validation Secure Server CA
2024-05-14 -
2025-05-14
a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
www.flcpw999.com
R10
2024-07-25 -
2024-10-23
3 months crt.sh
ap-southeast-6.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3
2023-11-27 -
2024-12-28
a year crt.sh
imtokenv.store
WE1
2024-08-09 -
2024-11-07
3 months crt.sh

This page contains 2 frames:

Primary Page: https://dgedm.com/a/dianpu/4819.html
Frame ID: B4491CC9F1D921F1210D1974D3659173
Requests: 18 HTTP requests in this frame

Frame: https://aq.imtokenv.store/
Frame ID: 4FF1F8EDF7D58DE1EA508FC9F9BD6A30
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

能给您带来协助就是咱们的高兴!imToken热烈欢迎咱们对imtoken获取eon宣布更多的见地_imToken|imToken官网|imToken钱包APP下载官网

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

79 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

5
Countries

238 kB
Transfer

333 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 4819.html
dgedm.com/a/dianpu/
8 KB
4 KB
Document
General
Full URL
https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
862ebfd57664bcf8239f5694869ec2cb85b566b6600013c408e1929ec376d337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 09 Aug 2024 14:56:23 GMT
etag
W/"65682f82-1fbe"
last-modified
Thu, 30 Nov 2023 06:45:22 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
style.css
dgedm.com/skin/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://dgedm.com/skin/css/style.css
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
fa2d8bec8db3e3ab806daf9ebe7fc9f9c3e1bb2353b67229311cf2f753811ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 07 Aug 2018 02:20:46 GMT
server
nginx
etag
W/"5b6901fe-2e6e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 10 Aug 2024 02:56:24 GMT
jquery.min.js
dgedm.com/skin/js/
91 KB
36 KB
Script
General
Full URL
https://dgedm.com/skin/js/jquery.min.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
fa411409e767595b83bf12f7204d69a856031ec9466998358316f6cbbfedd8a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 06 Aug 2018 00:52:56 GMT
server
nginx
etag
W/"5b679be8-16bb0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 10 Aug 2024 02:56:24 GMT
dj.js
dgedm.com/
436 B
650 B
Script
General
Full URL
https://dgedm.com/dj.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
f0e1de6628215b7a25dac6303f1dfee6500fb50e664d06d2773aaddea7233b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:24 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 01 Dec 2023 01:00:40 GMT
server
nginx
etag
"65693038-1b4"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
436
expires
Sat, 10 Aug 2024 02:56:24 GMT
yq.js
dgedm.com/
0
0
Script
General
Full URL
https://dgedm.com/yq.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:24 GMT
content-encoding
gzip
server
nginx
etag
W/"65ae1461-7f5"
vary
Accept-Encoding
content-type
text/html
cjx.js
dgedm.com/Plugins/apps/CaiJiXia/
2 KB
2 KB
Script
General
Full URL
https://dgedm.com/Plugins/apps/CaiJiXia/cjx.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
c5295e9bc5d73b08ca570e9b9aed94742d70ea16833fe3a9f11ae266225ed7a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 15 Sep 2023 06:11:46 GMT
server
nginx
etag
W/"6503f5a2-9b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 10 Aug 2024 02:56:24 GMT
js-sdk-pro.min.js
sdk.51.la/
34 KB
13 KB
Script
General
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.85.69.10 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer
https://dgedm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 14:56:25 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Ser
BC205_lt-obgp-fujian-xiamen-33-cache-2, BC8_DE-Frankfurt-Frankfurt-11-cache-1
jquery.superslide.2.1.1.js
dgedm.com/skin/js/
11 KB
4 KB
Script
General
Full URL
https://dgedm.com/skin/js/jquery.superslide.2.1.1.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
496bdf2635c9f9494f51d0ba63c8a43e5b6dfb7c88b4426e6a56f577d945e3e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 06 Aug 2018 00:52:56 GMT
server
nginx
etag
W/"5b679be8-2c9e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 10 Aug 2024 02:56:24 GMT
hm.js
hm.baidu.com/
0
175 B
Script
General
Full URL
https://hm.baidu.com/hm.js?a57231620e4230bd42ef7a98239365e4
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://dgedm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 14:56:25 GMT
Strict-Transport-Security
max-age=172800
Server
apache
Content-Length
0
Content-Type
text/plain; charset=utf-8
win.js
flcpw999.com/
98 B
311 B
Script
General
Full URL
https://flcpw999.com/win.js
Requested by
Host: dgedm.com
URL: https://dgedm.com/a/dianpu/4819.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.237.140.196 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 09 Aug 2024 14:56:26 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 09 Aug 2024 12:05:05 GMT
server
nginx
etag
"66b605f1-62"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
98
expires
Sat, 10 Aug 2024 02:56:26 GMT
win.js
imto1ken.oss-ap-southeast-6.aliyuncs.com/
3 KB
1 KB
Script
General
Full URL
https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js
Requested by
Host: flcpw999.com
URL: https://flcpw999.com/win.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.212.139.121 Manila, Philippines, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2d7b9ac3ff3aecceaf0e8fc829a66d12284d4227a3eabfdaad1d3b9977b7d687

Request headers

Referer
https://dgedm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 09 Aug 2024 14:56:27 GMT
Content-Encoding
gzip
x-oss-request-id
66B62E1B9A0F8338367B700A
Content-MD5
f2DrozUp+VXxl6Lz1kYADg==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Fri, 09 Aug 2024 11:53:32 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1597012239384530832
x-oss-server-time
1
/
aq.imtokenv.store/ Frame 4FF1
0
0
Document
General
Full URL
https://aq.imtokenv.store/
Requested by
Host: imto1ken.oss-ap-southeast-6.aliyuncs.com
URL: https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bf8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b0897cf2c854d54-FRA
content-encoding
br
content-type
text/html
date
Fri, 09 Aug 2024 14:56:29 GMT
last-modified
Wed, 03 Apr 2024 05:45:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUVeTAPEti04QkA6y6B2nEAWrq4V%2BObC9NYHZCxnsXap3nh7VDAgNoRLsxoQkip4EPMM0%2Fhn%2BjrJGEnDdifXaVTHoF5dL1oUs50H00VwW%2FmV9klUhmJxreSRfW90QKbQS1Zq0u%2F9KkLDFCN2CnLQzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
yq.js
dgedm.com/
0
0

cjx.js
dgedm.com/Plugins/apps/CaiJiXia/
0
0

js-sdk-pro.min.js
sdk.51.la/
0
0

jquery.superslide.2.1.1.js
dgedm.com/skin/js/
0
0

nav.png
dgedm.com/skin/images/
1 KB
1 KB
Image
General
Full URL
https://dgedm.com/skin/images/nav.png
Requested by
Host: dgedm.com
URL: https://dgedm.com/skin/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
942b7b17b40f92178d40d332b418b1bdb819a98a702b2c81a5793b4c86ee3724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/skin/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:27 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Aug 2018 00:52:56 GMT
server
nginx
etag
"5b679be8-521"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1313
expires
Sun, 08 Sep 2024 14:56:27 GMT
banner.jpg
dgedm.com/skin/images/
167 KB
167 KB
Image
General
Full URL
https://dgedm.com/skin/images/banner.jpg
Requested by
Host: dgedm.com
URL: https://dgedm.com/skin/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
fe3569e3dac9f1b6e88db2c174faa4e17ab42d11c4eebccf60fe3e0844416e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/skin/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:27 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Aug 2018 00:52:56 GMT
server
nginx
etag
"5b679be8-29b58"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
170840
expires
Sun, 08 Sep 2024 14:56:27 GMT
favicon.ico
dgedm.com/
4 KB
4 KB
Other
General
Full URL
https://dgedm.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.80.150.76 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dgedm.com/a/dianpu/4819.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:56:31 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 22 Jan 2024 07:08:18 GMT
server
nginx
etag
"65ae1462-10be"
content-type
image/x-icon
accept-ranges
bytes
content-length
4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dgedm.com
URL
https://dgedm.com/yq.js
Domain
dgedm.com
URL
https://dgedm.com/Plugins/apps/CaiJiXia/cjx.js
Domain
sdk.51.la
URL
https://sdk.51.la/js-sdk-pro.min.js
Domain
dgedm.com
URL
https://dgedm.com/skin/js/jquery.superslide.2.1.1.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: imToken (Crypto)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| _hmt string| l_a_n_g_age string| sen_type string| c_d1 string| c_d2 string| NbPe2$DTh2 string| dmQDYbpgh4$mtVUaU4

1 Cookies

Domain/Path Name / Value
.imtokenv.store/ Name: cf_clearance
Value: sDthQce2BwgP6l25ETRVpMZBNd2EHzUYQc1DGAxS_Co-1723215390-1.0.1.1-ax1l8aHYZ1uxmHcyvdrU5uroqK2eYySCxOuCWxdD3wEQn_VZlBxCfB.xwJx37v9LeVycks7OqQ_TomDgvxx7Kw

12 Console Messages

Source Level URL
Text
network error URL: https://dgedm.com/yq.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://flcpw999.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://flcpw999.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://flcpw999.com/win.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://flcpw999.com/win.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://dgedm.com/a/dianpu/4819.html
Message:
Refused to load the script 'https://dgedm.com/yq.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dgedm.com/a/dianpu/4819.html
Message:
Refused to load the script 'https://dgedm.com/Plugins/apps/CaiJiXia/cjx.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dgedm.com/a/dianpu/4819.html
Message:
Refused to load the script 'https://sdk.51.la/js-sdk-pro.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dgedm.com/a/dianpu/4819.html(Line 22)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-QMcm1/1Bgujo2tL+7qFW1bo6BKXlD/6oOHojAcs4Ih4='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://dgedm.com/a/dianpu/4819.html(Line 24)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-5FBLq0M3CKxVRYNYfiJbCUkPlVwrs5C2JhFnt4UPWrs='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://dgedm.com/a/dianpu/4819.html
Message:
Refused to load the script 'https://dgedm.com/skin/js/jquery.superslide.2.1.1.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dgedm.com/a/dianpu/4819.html(Line 123)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-LePPWXTY3NVzINKsuRiuoiUs1eIqJRqmnOBVyMC3ct4='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000