edm-rd01.gwm.cn
Open in
urlscan Pro
221.192.235.29
Malicious Activity!
Public Scan
Submission: On August 18 via api from US — Scanned from US
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on May 17th 2023. Valid for: a year.
This is the only time edm-rd01.gwm.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 221.192.235.29 221.192.235.29 | 4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone) | |
1 | 47.99.113.64 47.99.113.64 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
20 | 3 |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
edm-rd01.gwm.cn |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cdn.dcloud.net.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
gwm.cn
edm-rd01.gwm.cn |
1 MB |
1 |
dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 70221 |
579 B |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | edm-rd01.gwm.cn |
edm-rd01.gwm.cn
|
1 | cdn.dcloud.net.cn |
edm-rd01.gwm.cn
|
20 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gwm.cn GlobalSign RSA OV SSL CA 2018 |
2023-05-17 - 2024-06-17 |
a year | crt.sh |
*.dcloud.net.cn Certum Domain Validation CA SHA2 |
2023-08-07 - 2024-09-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://edm-rd01.gwm.cn/
Frame ID: 9EB12796926F1AE38F2E71185721E0F9
Requests: 22 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
edm-rd01.gwm.cn/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.f4fc78fe.css
edm-rd01.gwm.cn/static/ |
93 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.1681722409535.js
edm-rd01.gwm.cn/static/js/ |
1 MB 445 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.1681722409535.js
edm-rd01.gwm.cn/static/js/ |
1 MB 191 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow-grey.png
cdn.dcloud.net.cn/img/ |
136 B 579 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages-common-index.1681722409535.js
edm-rd01.gwm.cn/static/js/ |
72 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_select.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ |
1 KB 994 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
work.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ |
2 KB 973 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
to-do.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
message.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ |
2 KB 913 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mine.svg
edm-rd01.gwm.cn/static/svg/tab_bar/ |
1 KB 819 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ORDER_RECEIVE_TYPE
edm-rd01.gwm.cn/admin/api/v1/parameter-config/config-key/ |
50 B 219 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APP_DEBUG_ON_OFF
edm-rd01.gwm.cn/admin/api/v1/parameter-config/config-key/ |
50 B 219 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show.9e134a5f.png
edm-rd01.gwm.cn/static/img/ |
464 KB 466 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages-edm-dingding-alarm-alarm-area~pages-edm-dingding-alarm-alarm-details~pages-edm-dingding-alarm-~5c4fb8d0.1681722409535.js
edm-rd01.gwm.cn/static/js/ |
71 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages-edm-dingding-common-view-warehouse-list~pages-ems-add-part~pages-ems-repair~pages-login-index.1681722409535.js
edm-rd01.gwm.cn/static/js/ |
140 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages-login-index.1681722409535.js
edm-rd01.gwm.cn/static/js/ |
133 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
edm-rd01.gwm.cn/static/svg/common/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-key
edm-rd01.gwm.cn/admin/api/v1/auth/ |
262 B 582 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
edm-rd01.gwm.cn/static/svg/common/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture boolean| coverSupport object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.dcloud.net.cn/ | Name: __uni__uid Value: CgIBX2TfiSE8pH6c8XmxAg== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.dcloud.net.cn
edm-rd01.gwm.cn
221.192.235.29
47.99.113.64
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
15ed040cead5b78fbe6ba92bf4469ba3cd9f7bbe57053f2561fc9a9f6e00279e
17c981f03f2b64f75d9c0e542d041b5ac834c730af20249ff0f09005891004c3
28ed35732491543ec66327893cf373d181749e075e2d8d53b8df97769ac5abce
57a8fc7c3a01b271d1b012d9ee352e1b6eca24924a48d9681d70d04a09b5abdd
5a977a1440df3559d1e146c163aa98cb30d8a1d1cc0706747a5944c67337b654
666ca7ea15c98fcc31542596d466ad71217c1644cbe7241423cd1e0088bc7352
6fee1039b4a50827e7e6d2833444e47f490daec96a5e8c95e7a0d6db7ed73a27
7afbdad5134454a7b62633ae1cf87a89562f1bd5a86fe22269c48d29beffb123
8c63e1ba33ec126aa0c38dbf93b2425b44d90ef4d33557fd6117e01f9be83b16
8fccd2b74dff015d809e157e98d745a7e9ed46141f9eed62a6c9c8f2b85f03b2
9877ea4cd2829f98ee544d47f4140978a8f286c61f6aa04a6a61ef734377e668
a2855cadd6220e5626c32b17e82281ea7460350799937a1f3e629e2bb5aeb60a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
b3b02bc4cb3176191fd9344ad82c5c166ba92723381fc7ffb580213ce97d6908
cd22694d9cf0240ae89f84256fad8b96a51a8bba2df17301095e01015dd2dfa8
d3dcb07a2bccecf5e70e6e83912e46e273d5865343e8184c5de395d16b12d58a
d8e088888badfdbdf50da7202817b2723635bb8acd739862ef074ff2c3224196
e836f6a5ec791bc16d4f308bebacc9378d8f85ddd921313f1a2cc337ba21ede4
ff8015cbc55613c0e6b0d8949dbc403528305ef3aec85336a0c51d7ff883b1ff