urlscan.io logo urlscan.io
SecurityTrails logo

edm-rd01.gwm.cn Open in urlscan Pro
221.192.235.29  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://edm-rd01.gwm.cn/
Submission: On August 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 221.192.235.29, located in China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is edm-rd01.gwm.cn.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on May 17th 2023. Valid for: a year.
This is the only time edm-rd01.gwm.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
19 221.192.235.29 4837 (CHINA169-...)
1 47.99.113.64 37963 (ALIBABA-C...)
20 3
Apex Domain
Subdomains		 Transfer
19 gwm.cn
edm-rd01.gwm.cn
1 MB
1 dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 70221
579 B
20 2
Domain Requested by
19 edm-rd01.gwm.cn edm-rd01.gwm.cn
1 cdn.dcloud.net.cn edm-rd01.gwm.cn
20 2

This site contains no links.

Subject Issuer Validity Valid
*.gwm.cn
GlobalSign RSA OV SSL CA 2018		 2023-05-17 -
2024-06-17		 a year crt.sh
*.dcloud.net.cn
Certum Domain Validation CA SHA2		 2023-08-07 -
2024-09-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://edm-rd01.gwm.cn/
Frame ID: 9EB12796926F1AE38F2E71185721E0F9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1233 kB
Transfer

3724 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
edm-rd01.gwm.cn/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
d8e088888badfdbdf50da7202817b2723635bb8acd739862ef074ff2c3224196

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 15:07:06 GMT
etag
W/"643d7d40-7be"
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
vary
Accept-Encoding
index.f4fc78fe.css
edm-rd01.gwm.cn/static/ 		93 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/index.f4fc78fe.css
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
15ed040cead5b78fbe6ba92bf4469ba3cd9f7bbe57053f2561fc9a9f6e00279e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:06 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-17334"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
chunk-vendors.1681722409535.js
edm-rd01.gwm.cn/static/js/ 		1 MB
445 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/js/chunk-vendors.1681722409535.js
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
ff8015cbc55613c0e6b0d8949dbc403528305ef3aec85336a0c51d7ff883b1ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:06 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-179821"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
index.1681722409535.js
edm-rd01.gwm.cn/static/js/ 		1 MB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/js/index.1681722409535.js
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
5a977a1440df3559d1e146c163aa98cb30d8a1d1cc0706747a5944c67337b654

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:06 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-12b2bf"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
shadow-grey.png
cdn.dcloud.net.cn/img/ 		136 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/index.f4fc78fe.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.99.113.64 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 15:07:13 GMT
Last-Modified
Thu, 06 Jun 2019 06:42:07 GMT
Server
nginx
ETag
"5cf8b5bf-88"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
close
Accept-Ranges
bytes
Content-Length
136
Expires
Fri, 18 Aug 2023 17:07:13 GMT
pages-common-index.1681722409535.js
edm-rd01.gwm.cn/static/js/ 		72 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/js/pages-common-index.1681722409535.js
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/index.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
d3dcb07a2bccecf5e70e6e83912e46e273d5865343e8184c5de395d16b12d58a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-11e45"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
home_select.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ 		1 KB
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/tab_bar/home_select.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
8fccd2b74dff015d809e157e98d745a7e9ed46141f9eed62a6c9c8f2b85f03b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-5fb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
work.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ 		2 KB
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/tab_bar/work.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
57a8fc7c3a01b271d1b012d9ee352e1b6eca24924a48d9681d70d04a09b5abdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-787"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
to-do.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/tab_bar/to-do.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
666ca7ea15c98fcc31542596d466ad71217c1644cbe7241423cd1e0088bc7352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-a07"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
message.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ 		2 KB
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/tab_bar/message.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
a2855cadd6220e5626c32b17e82281ea7460350799937a1f3e629e2bb5aeb60a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-64d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
mine.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ 		1 KB
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/tab_bar/mine.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
b3b02bc4cb3176191fd9344ad82c5c166ba92723381fc7ffb580213ce97d6908

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-461"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
ORDER_RECEIVE_TYPE
edm-rd01.gwm.cn/admin/api/v1/parameter-config/config-key/ 		50 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/admin/api/v1/parameter-config/config-key/ORDER_RECEIVE_TYPE
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/chunk-vendors.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
cd22694d9cf0240ae89f84256fad8b96a51a8bba2df17301095e01015dd2dfa8

Request headers

Referer
https://edm-rd01.gwm.cn/
accept-language
en-US,en;q=0.9
appId
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
tenantId
undefined

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 15:07:19 GMT
server
openresty
content-length
50
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
APP_DEBUG_ON_OFF
edm-rd01.gwm.cn/admin/api/v1/parameter-config/config-key/ 		50 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/admin/api/v1/parameter-config/config-key/APP_DEBUG_ON_OFF
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/chunk-vendors.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
cd22694d9cf0240ae89f84256fad8b96a51a8bba2df17301095e01015dd2dfa8

Request headers

Referer
https://edm-rd01.gwm.cn/
accept-language
en-US,en;q=0.9
appId
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
tenantId
undefined

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 15:07:19 GMT
server
openresty
content-length
50
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
show.9e134a5f.png
edm-rd01.gwm.cn/static/img/ 		464 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/img/show.9e134a5f.png
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
7afbdad5134454a7b62633ae1cf87a89562f1bd5a86fe22269c48d29beffb123

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:20 GMT
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
"643d7d40-74138"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
475448
pages-edm-dingding-alarm-alarm-area~pages-edm-dingding-alarm-alarm-details~pages-edm-dingding-alarm-~5c4fb8d0.1681722409535.js
edm-rd01.gwm.cn/static/js/ 		71 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/js/pages-edm-dingding-alarm-alarm-area~pages-edm-dingding-alarm-alarm-details~pages-edm-dingding-alarm-~5c4fb8d0.1681722409535.js
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/index.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
8c63e1ba33ec126aa0c38dbf93b2425b44d90ef4d33557fd6117e01f9be83b16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/pages/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:20 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-11c03"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
pages-edm-dingding-common-view-warehouse-list~pages-ems-add-part~pages-ems-repair~pages-login-index.1681722409535.js
edm-rd01.gwm.cn/static/js/ 		140 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/js/pages-edm-dingding-common-view-warehouse-list~pages-ems-add-part~pages-ems-repair~pages-login-index.1681722409535.js
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/index.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
6fee1039b4a50827e7e6d2833444e47f490daec96a5e8c95e7a0d6db7ed73a27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/pages/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:21 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-23189"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
pages-login-index.1681722409535.js
edm-rd01.gwm.cn/static/js/ 		133 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/static/js/pages-login-index.1681722409535.js
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/index.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
e836f6a5ec791bc16d4f308bebacc9378d8f85ddd921313f1a2cc337ba21ede4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/pages/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:21 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-21583"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
logo.svg
edm-rd01.gwm.cn/static/svg/common/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/common/logo.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/pages/login/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
28ed35732491543ec66327893cf373d181749e075e2d8d53b8df97769ac5abce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/pages/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:24 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-db2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
public-key
edm-rd01.gwm.cn/admin/api/v1/auth/ 		262 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edm-rd01.gwm.cn/admin/api/v1/auth/public-key
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/static/js/chunk-vendors.1681722409535.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
9877ea4cd2829f98ee544d47f4140978a8f286c61f6aa04a6a61ef734377e668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edm-rd01.gwm.cn/pages/login/index
accept-language
en-US,en;q=0.9
appId
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
tenantId
undefined

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 15:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17c981f03f2b64f75d9c0e542d041b5ac834c730af20249ff0f09005891004c3

Request headers

Referer
Origin
https://edm-rd01.gwm.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
logo.svg
edm-rd01.gwm.cn/static/svg/common/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edm-rd01.gwm.cn/static/svg/common/logo.svg
Requested by
Host: edm-rd01.gwm.cn
URL: https://edm-rd01.gwm.cn/pages/login/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.192.235.29 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
28ed35732491543ec66327893cf373d181749e075e2d8d53b8df97769ac5abce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://edm-rd01.gwm.cn/pages/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:07:25 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 17:09:20 GMT
server
openresty
etag
W/"643d7d40-db2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| coverSupport object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages

1 Cookies

Domain/Path Name / Value
.dcloud.net.cn/ Name: __uni__uid
Value: CgIBX2TfiSE8pH6c8XmxAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
edm-rd01.gwm.cn
221.192.235.29
47.99.113.64
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
15ed040cead5b78fbe6ba92bf4469ba3cd9f7bbe57053f2561fc9a9f6e00279e
17c981f03f2b64f75d9c0e542d041b5ac834c730af20249ff0f09005891004c3
28ed35732491543ec66327893cf373d181749e075e2d8d53b8df97769ac5abce
57a8fc7c3a01b271d1b012d9ee352e1b6eca24924a48d9681d70d04a09b5abdd
5a977a1440df3559d1e146c163aa98cb30d8a1d1cc0706747a5944c67337b654
666ca7ea15c98fcc31542596d466ad71217c1644cbe7241423cd1e0088bc7352
6fee1039b4a50827e7e6d2833444e47f490daec96a5e8c95e7a0d6db7ed73a27
7afbdad5134454a7b62633ae1cf87a89562f1bd5a86fe22269c48d29beffb123
8c63e1ba33ec126aa0c38dbf93b2425b44d90ef4d33557fd6117e01f9be83b16
8fccd2b74dff015d809e157e98d745a7e9ed46141f9eed62a6c9c8f2b85f03b2
9877ea4cd2829f98ee544d47f4140978a8f286c61f6aa04a6a61ef734377e668
a2855cadd6220e5626c32b17e82281ea7460350799937a1f3e629e2bb5aeb60a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
b3b02bc4cb3176191fd9344ad82c5c166ba92723381fc7ffb580213ce97d6908
cd22694d9cf0240ae89f84256fad8b96a51a8bba2df17301095e01015dd2dfa8
d3dcb07a2bccecf5e70e6e83912e46e273d5865343e8184c5de395d16b12d58a
d8e088888badfdbdf50da7202817b2723635bb8acd739862ef074ff2c3224196
e836f6a5ec791bc16d4f308bebacc9378d8f85ddd921313f1a2cc337ba21ede4
ff8015cbc55613c0e6b0d8949dbc403528305ef3aec85336a0c51d7ff883b1ff