dafum.sp9939.com
Open in
urlscan Pro
107.154.192.220
Public Scan
Effective URL: https://dafum.sp9939.com/agency/login
Submission: On May 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 9th 2023. Valid for: a year.
This is the only time dafum.sp9939.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 107.154.192.220 107.154.192.220 | 19551 (INCAPSULA) (INCAPSULA) | |
10 | 2 |
ASN19551 (INCAPSULA, US)
PTR: 107.154.192.220.ip.incapdns.net
dafum.sp9939.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
sp9939.com
1 redirects
dafum.sp9939.com |
225 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
11 | dafum.sp9939.com |
1 redirects
dafum.sp9939.com
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wildsan.sp9939.com Sectigo RSA Domain Validation Secure Server CA |
2023-11-09 - 2024-12-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dafum.sp9939.com/agency/login
Frame ID: F17735B2E7A98D6212AF1D376D81E75B
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
管理端Page URL History Show full URLs
-
https://dafum.sp9939.com/
HTTP 302
https://dafum.sp9939.com/agency/login Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dafum.sp9939.com/
HTTP 302
https://dafum.sp9939.com/agency/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
dafum.sp9939.com/agency/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
dafum.sp9939.com/css/base/bootstrap/ |
131 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
dafum.sp9939.com/css/base/font-awesome-4.7.0/ |
29 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
dafum.sp9939.com/static/css/ |
30 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
dafum.sp9939.com/js/base/ |
85 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
dafum.sp9939.com/ |
137 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
dafum.sp9939.com/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.d3c76df.jpg
dafum.sp9939.com/static/img/ |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
dafum.sp9939.com/assets/fonts/font-awesome-4.7.0/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
dafum.sp9939.com/ |
644 B 790 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| demoDomain6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dafum.sp9939.com/ | Name: WEBSESSID Value: u8t9pne2ld540qjmpnc0dga6m3 |
|
dafum.sp9939.com/ | Name: agency_lang Value: zh_CN |
|
dafum.sp9939.com/ | Name: NSC_MC_OJX_NHU_BQ170_70-71 Value: ffffffffc3a0b45745525d5f4f58455e445a4a423660 |
|
.sp9939.com/ | Name: visid_incap_2656803 Value: wxTVuleHSOqzCdyfm9bteTqUQmYAAAAAQUIPAAAAAAD6aQ3AC2fRp1Aa2kqbBioP |
|
.sp9939.com/ | Name: nlbi_2656803 Value: qnz5X7WC/EICT2gMTTleHQAAAAAZEzsNZQ4Nf/gMs45QXalg |
|
.sp9939.com/ | Name: incap_ses_474_2656803 Value: jjpZRydkUFPkgt5rjfyTBjyUQmYAAAAAS4M8FRUo+3GZ6qwcajfcHw== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dafum.sp9939.com
107.154.192.220
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
5192a38a2ccdd071486714cde2e5d34edd8b6c76bdad8617b8181bdb5771abf1
624579e2ca8fe9a12c3c58cf0e8d8c02fed731a7d851b9761b496eb2f3fcfe52
627f60550796417598d8f7533229f2f6917d3a232996ad9a684c1c20d22ce8e3
6f9f0ab27a32b88f90e6a767403a3a6046c24deab98c27ee05780f1631723ff7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9dc5b7a0a0bcaee107a15ce0c9b855859b5c9b0b6be54cf998660c5cbb5fcc52
a57f39600dbea607a904e0c38610b13a94a75e750e6987bdfb109cefbe36d65d
ce78a5039756b3d9229df5cb68582c10d9fbdbe0940e8082c318b4918afc527d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f11a05f1c758bc8989e6b071d90f09bf791793e66c0b44ddce37dfe39f7709c0