Report - bjxhxjcx.com/qkl/11701.html

Report Overview

Visited public
2025-04-19 12:00:18
Tags
Submit Tags
URL
bjxhxjcx.com/qkl/11701.html
Finishing URL
bjxhxjcx.com/qkl/11701.html
IP / ASN
104.21.96.1
#13335 CLOUDFLARENET
Title
如何有效恢复备份的比特币钱包指南如何有效恢_tpwallet官方网站

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bjxhxjcx.com	unknown	2017-08-11	2025-04-19	2025-04-19	14 kB	780 kB	104.21.16.1
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-16	2.1 kB	100 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-16	454 B	19 kB	142.250.74.10
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-04-16	465 B	20 kB	104.17.25.14
oudngmslhifnsf.gdmgcyy.com	unknown	2020-05-10	2024-02-01	2025-04-16	405 B	1.1 kB	156.224.2.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-04-18	medium	bjxhxjcx.com/qkl/11701.html	Crypto/Wallet

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed
2025-04-19	medium	bjxhxjcx.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	bjxhxjcx.com/static/js/vendor/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-06-29
Pretty URL bjxhxjcx.com/static/js/vendor/bootstrap.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-06-29 15:22 Times Seen256 Hash 3a4912f4311c63d3af01bcd3441959ce f1c0f5a8fc1868582dcfbb4e955893f129bf7e4b f203aa11401db444669a0a833bc0da0324f6c6b59bb8291a0e50af290ae7ff42 Loading...

	bjxhxjcx.com/static/js/jquery.magnific-popup.min.js	ScriptElement	20 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/jquery.magnific-popup.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-04 07:41 Times Seen15161 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	oudngmslhifnsf.gdmgcyy.com/tj.js	ScriptElement	805 B	2024-06-09	2025-04-29
Pretty URL oudngmslhifnsf.gdmgcyy.com/tj.js IP 156.224.2.38 ASN #133199 SonderCloud Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-09 08:30 Last Seen2025-04-29 12:34 Times Seen280 Hash b91b404e65a6d55f48e3e8929aaa6631 7feb40ab7aa9c2ff7458e6e89a74af63c5f56ae8 d73b625c5e38c3fd1e0d5a113374bec35307dd4cde91aca48167ee3dc33567ee Loading...

	bjxhxjcx.com/static/js/jquery.nice-select.min.js	ScriptElement	2.9 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/jquery.nice-select.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-04 06:36 Times Seen2042 Hash d13462ec489f9f0c309a811f85feb3d6 d9545f8b139eae5b387de1a60a84abe949c7e88f 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a Loading...

	bjxhxjcx.com/static/js/jquery.ajaxchimp.min.js	ScriptElement	4.8 kB	2023-03-07	2025-07-03
Pretty URL bjxhxjcx.com/static/js/jquery.ajaxchimp.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-03 13:25 Times Seen425 Hash 8eace32bdc314e746f5b01015115b3a8 90395aa2ff153cfb6d5c256a3f70bc4d545a3190 3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712 Loading...

	bjxhxjcx.com/static/js/easing.min.js	ScriptElement	2.3 kB	2023-03-07	2025-07-03
Pretty URL bjxhxjcx.com/static/js/easing.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2025-07-03 08:04 Times Seen681 Hash d64116a742887080b3a0abd09e0bdad7 8cd4375fc3c60237ea3994209d17a57ccbe6b0c6 901eb80cc3f8c274fe6711bd023884258839610c9274082a4881f71e2206b4fb Loading...

	bjxhxjcx.com/static/js/hoverIntent.js	ScriptElement	7.1 kB	2023-03-07	2025-06-30
Pretty URL bjxhxjcx.com/static/js/hoverIntent.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:45 Last Seen2025-06-30 08:08 Times Seen85 Hash 6fdf4814817af1a513273be884166dfd c48a39ec831f050690061910c363d2bcf76759eb 61168602288a63df2b3f98292b8dbea4e021ec0fd683444e49e4d95766a8a0e5 Loading...

	bjxhxjcx.com/static/js/mail-script.js	ScriptElement	1.2 kB	2023-03-07	2025-07-03
Pretty URL bjxhxjcx.com/static/js/mail-script.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-03 13:25 Times Seen286 Hash df98b7098690619c0c9e6b42b5a77b48 d3fe896ed8d259df077220f71fba197ff033d27e 01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd Loading...

	bjxhxjcx.com/static/js/waypoints.min.js	ScriptElement	8.0 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/waypoints.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-07-04 06:18 Times Seen3497 Hash dfe0eedf8da578f4a4c43b05448c51d9 812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520 a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Loading...

	bjxhxjcx.com/static/js/hexagons.min.js	ScriptElement	3.4 kB	2025-01-09	2025-06-26
Pretty URL bjxhxjcx.com/static/js/hexagons.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-09 12:30 Last Seen2025-06-26 13:20 Times Seen24 Hash 7886c815fb394f3580bd97739e264d7f 556165fe3bce3ede9de84812c04e0676dff77d0d 83b6c8e756da5edbc093bab7f5ebd1ef82c8612839a3daf5d886c8d14be039a9 Loading...

	bjxhxjcx.com/static/js/vendor/jquery-2.2.4.min.js	ScriptElement	86 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/vendor/jquery-2.2.4.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-07-04 06:48 Times Seen3334 Hash b354cc9d56a1da6b0c77604d1b153850 a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732 fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Loading...

	bjxhxjcx.com/static/js/owl.carousel.min.js	ScriptElement	40 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/owl.carousel.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36 Last Seen2025-07-04 03:38 Times Seen443 Hash db4c9c39a3af9343842156df81f25d08 36af2c0bc454462355584a535897ca5ec6371f3a e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481 Loading...

	bjxhxjcx.com/tj.js	ScriptElement	363 B	2024-10-27	2025-05-05
Pretty URL bjxhxjcx.com/tj.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-27 16:58 Last Seen2025-05-05 14:15 Times Seen22 Hash 1a57a47fe3aaf28b4864980bdeda1cf5 402ff5e38f3d6b2fa703df5ba9437b0743659e83 fd9600ac6e6a439e6b2a46360a04bc60361c63ec6f973f6751b7737a4e66089b Loading...

	bjxhxjcx.com/static/js/owl-carousel-thumb.min.js	ScriptElement	3.6 kB	2023-03-08	2025-06-26
Pretty URL bjxhxjcx.com/static/js/owl-carousel-thumb.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:33 Last Seen2025-06-26 13:20 Times Seen23 Hash a4ce825d7443f94b264979f96626b467 8d7981e2f0b97152f90bd6465114523267676dc3 3c440dc3cae731812a91363cd1ff95d7145119a8c7870c88f2c0b0e6b80b7a5c Loading...

	bjxhxjcx.com/static/js/superfish.min.js	ScriptElement	4.5 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/superfish.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-07-04 06:02 Times Seen476 Hash 0ae5f61bdbb22e9677a14a751a1a7d29 b2365b4a513ea54d366bfffa7d99c825b178a637 f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0 Loading...

	bjxhxjcx.com/static/js/main.js	ScriptElement	12 kB	2025-01-09	2025-06-26
Pretty URL bjxhxjcx.com/static/js/main.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-09 12:30 Last Seen2025-06-26 13:20 Times Seen20 Hash 1bf17910a94d3c25989a1d236bc0a419 cc3be3dd8447175a7958f359f93eb774f8e090c5 2d20a7c7a6abc5d3a2defd69caaa64bbebab437df7ccff596794ccf49509b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-07-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-04 07:19 Times Seen80564 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	bjxhxjcx.com/qkl/11701.html	Eval	87 B	2024-04-04	2025-07-02
Pretty URL bjxhxjcx.com/qkl/11701.html IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-04-04 05:50 Last Seen2025-07-02 15:21 Times Seen379 Hash deab99731237b52d1b60dd7d144a15c0 1cd0ca53fbd8c8943a02250ab2e4e47a66e420da e1bfbe54fd1f16ed88120eae9549e8cf7d708eb595d8c787930215b22b4497c2 Loading...

	bjxhxjcx.com/qkl/11701.html	Eval	611 B	2024-06-09	2025-04-29
Pretty URL bjxhxjcx.com/qkl/11701.html IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-06-09 08:30 Last Seen2025-04-29 12:34 Times Seen275 Hash 9512450c43a616469513e6f0a3cf0957 130557e34c1d4ca4a794977a5855debce59b0156 43fcad7926cd2cef9732d939c76b72f328b561359a542a3d53f67956a67c666c Loading...

	bjxhxjcx.com/static/js/tilt.jquery.min.js	ScriptElement	5.6 kB	2023-03-07	2025-07-04
Pretty URL bjxhxjcx.com/static/js/tilt.jquery.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-07-04 01:48 Times Seen738 Hash 034d38aaa44f4ac1723c041d215eb146 6dccde4d78b77b035d9da0396385ade6141864cb 6951eec0a8c0c9b2eab72c4f579765e0f190165822919ddc791bb391096fd7c0 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0c62e4b2ef2dd122138f49484f5df37e	64 B	2024-04-04 05:50	2025-07-02 15:21
Pretty Observations First Seen2024-04-04 05:50 Last Seen2025-07-02 15:21 Times Seen379 Hash 0c62e4b2ef2dd122138f49484f5df37e ff69377d20545562b648b7607e40251bcb0a004f 97e41672c8ac279bcf8d69500df45bf1b8650ecc272a99d9bcb34872c99edc56 Loading...

HTTP Transactions (38)

URL IP Response Size

GET bjxhxjcx.com/static/css/linearicons.css

104.21.16.1

200 OK

8.4 kB

URL GET
bjxhxjcx.com/static/css/linearicons.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text
Size
8.4 kB (8362 bytes)
Hash
3d521f166004a36cd1fb211f51c7e02d
7f112ce30590dce0cbb3b17e9f0a5f705ead4682
f0767561c44fc65c14649e3a39539525178803e8b75dd7ca036f5fd717623402

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/linearicons.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fel4diVbliOcXgshtNwE%2BBvsdKqExM%2B6A1Njp7gutJNZGPS%2BxVyQAbECAkSH9%2BC8pxuebuFu2KCtRCayxWxANnD7%2BTFh7D9o%2B%2Bn6Sn1J5koMcpQIvC5okhFUhmKU%2Bag%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 15 May 2017 09:26:32 GMT
vary: Accept-Encoding
etag: W/"59197448-20aa"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2d1e03712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5845&min_rtt=1468&rtt_var=3275&sent=58&recv=91&lost=0&retrans=0&sent_bytes=6239&recv_bytes=5503&delivery_rate=1951&cwnd=12000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=554&x=16"

GET bjxhxjcx.com/static/css/owl.carousel.css

104.21.16.1

200 OK

4.3 kB

URL GET
bjxhxjcx.com/static/css/owl.carousel.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text, with CRLF line terminators
Size
4.3 kB (4285 bytes)
Hash
bf23e63d0afebc11d844cd32b090fb6b
779f876e61d14ce915401b4af00e5f67393decb2
d5d23027b15224f7ccf9ef91f47154a4d82546ce6315b3071cf4377832beb78d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/owl.carousel.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmb5b7M0jGj5Kn6fQVPsnlrMRDbk3i3A29uKA40eYulX9cioqJlm2u98ZyayOjrN2TpBqzvVXbEECAM2WYtPmneNM2dfEDxJyvVqG%2BkArtS5r0MnybF0HeQ1i1jVZ38%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 20 Feb 2017 02:40:46 GMT
vary: Accept-Encoding
etag: W/"58aa572e-10bd"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2dce0e712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5040&min_rtt=1468&rtt_var=2591&sent=103&recv=102&lost=0&retrans=0&sent_bytes=44973&recv_bytes=8110&delivery_rate=664020&cwnd=24000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=652&x=16"

GET bjxhxjcx.com/static/css/main.css

104.21.16.1

200 OK

84 kB

URL GET
bjxhxjcx.com/static/css/main.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
assembler source, ASCII text, with very long lines (551)
Size
84 kB (83614 bytes)
Hash
726c3480ba0ec8cc5a7cfdc9ada85b77
e296e4139567ce4406d9924ce67944659d36e230
4ef65134ff029a21779ae04f733be96e21c1b9f62f5bdb81c8e0b40a2f0d0210

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/main.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmneQ%2Bewo3HjxIe%2BTydS9jdvTOIAKwsST%2FPVr2ybSqvX8HPrH1xuJoqIAUhciQiSrOmBqgfdwibPKhQzoBtrPZx3qXe7LVMyrkXCP0jK3t3NsaJNXUZ%2BnrMDPnT1qas%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 31 Dec 1979 16:00:00 GMT
vary: Accept-Encoding
etag: W/"12ce3580-1469e"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2dce0f712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5040&min_rtt=1468&rtt_var=2591&sent=103&recv=102&lost=0&retrans=0&sent_bytes=44973&recv_bytes=8110&delivery_rate=664020&cwnd=24000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=652&x=16"

GET bjxhxjcx.com/static/css/hexagons.min.css

104.21.16.1

200 OK

10 kB

URL GET
bjxhxjcx.com/static/css/hexagons.min.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text, with very long lines (9408)
Size
10 kB (9957 bytes)
Hash
8a43e6596b6bfc57c3e68a4a1c1aec99
4ebc72b77f02ca66c9f9de94ecfd491369cf5dc2
e49f40633ec0312df00576bab62c2230882c1369418fbd678c14b3130b0ce52e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/hexagons.min.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fw%2B7jBtKPD3un4NJ66NF7dNgl4D0ra84d81LWqzDZiTsZwqNGZMZvKZomzp7ZGnm7VrcfKWsj%2BMFpfx2KNymKYnseHNtcxaCdeG6Hx7h8VVAKkl6sc1zRFFHq4DRfyQ%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 15 Sep 2015 13:03:38 GMT
vary: Accept-Encoding
etag: W/"55f8172a-26e5"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2dce0d712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5040&min_rtt=1468&rtt_var=2591&sent=103&recv=102&lost=0&retrans=0&sent_bytes=44973&recv_bytes=8110&delivery_rate=664020&cwnd=24000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=651&x=16"

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjxhxjcx.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:03:46 GMT
expires: Fri, 17 Apr 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 179775
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bjxhxjcx.com/favicon.ico

104.21.16.1

404 Not Found

148 B

URL GET
bjxhxjcx.com/favicon.ico
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
HTML document, ASCII text
Size
148 B (148 bytes)
Hash
630e1f9fef1a483fe84154e2d0d046df
f10e0cf39fb920a438116caaea80a71e0dcdc162
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 19 Apr 2025 12:00:03 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8QQTgeq4b5YcoAct3IfyPjTJGUuunsevnX14hQvrGoS3G0AYJdGaaEHMIrRZMH%2Fer33Jo5KovWSpFDmESUz9CJMzkzTGh3PeOLmYqwVatCchEE0HWA19egflKUpdiE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 932c3d3d7ed5712a-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8194&min_rtt=1468&rtt_var=8067&sent=346&recv=121&lost=0&retrans=0&sent_bytes=306377&recv_bytes=13617&delivery_rate=922310&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=4195&x=16"

GET bjxhxjcx.com/static/css/magnific-popup.css

104.21.16.1

200 OK

7.0 kB

URL GET
bjxhxjcx.com/static/css/magnific-popup.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text
Size
7.0 kB (6951 bytes)
Hash
30b593b71d7672658f89bfea0ab360c9
d6963db6faa9294387bb3175813a61bc3f859437
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/magnific-popup.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCt4c53eEzbBP5W4su4nZuOwOEdZxk6IgVHcbTd3QWjFlYdaP%2B3vhYr7PsUlRFndaaJviLVuWtkATAyCQc9CFjw8XYck0DuDj%2FWo2nn6mAi99CtmneF2MISUEowcYBY%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 17 Jul 2017 02:32:56 GMT
vary: Accept-Encoding
etag: W/"596c21d8-1b27"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2dce0b712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5040&min_rtt=1468&rtt_var=2591&sent=102&recv=101&lost=0&retrans=0&sent_bytes=44947&recv_bytes=7826&delivery_rate=664020&cwnd=24000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=651&x=16"

GET bjxhxjcx.com/static/js/superfish.min.js

104.21.16.1

200 OK

4.5 kB

URL GET
bjxhxjcx.com/static/js/superfish.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (4246)
Size
4.5 kB (4474 bytes)
Hash
0ae5f61bdbb22e9677a14a751a1a7d29
b2365b4a513ea54d366bfffa7d99c825b178a637
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/superfish.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rD4FMppI86QcuDjHi865Eklk5X18K9xfZSUgZXKFjppW2AsWZeACqYYQV0apO%2Fqdg%2FuejHEkBAxtH%2BdiaBI8nkI5aUhsW6uEY%2Bc%2BsU8VioqrPaCdHK6UlydouNjWKAI%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 08 Jan 2018 09:14:10 GMT
vary: Accept-Encoding
etag: W/"5a533662-117a"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e3e18712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=141&recv=109&lost=0&retrans=0&sent_bytes=80948&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=717&x=16"

GET bjxhxjcx.com/static/js/waypoints.min.js

104.21.16.1

200 OK

8.0 kB

URL GET
bjxhxjcx.com/static/js/waypoints.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (7808)
Size
8.0 kB (8044 bytes)
Hash
dfe0eedf8da578f4a4c43b05448c51d9
812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/waypoints.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6iDzwoRpI8%2Bcby2QcWlH9%2BIr%2BSY7TMdxf1UdWz7%2B235QMZF0rowbPVvr%2F0cZYxEAJCTXXbptx56sE%2BENYU1AsL6m%2F2VCjdeBLwtlNMM%2FrhOcm84iPI823M5ZYFY58MY%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 06 Dec 2017 09:29:52 GMT
vary: Accept-Encoding
etag: W/"5a27b890-1f6c"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e4e25712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7793&min_rtt=1468&rtt_var=8198&sent=192&recv=110&lost=0&retrans=0&sent_bytes=137646&recv_bytes=12031&delivery_rate=263460&cwnd=54000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=725&x=16"

GET bjxhxjcx.com/static/js/jquery.nice-select.min.js

104.21.16.1

200 OK

2.9 kB

URL GET
bjxhxjcx.com/static/js/jquery.nice-select.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2822)
Size
2.9 kB (2942 bytes)
Hash
d13462ec489f9f0c309a811f85feb3d6
d9545f8b139eae5b387de1a60a84abe949c7e88f
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/jquery.nice-select.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BlxhBMTMTSFTbT9CESdjzHRkn6j0MsFKPKzJ9UqRRHFoe3ZvIgotAYxkFK%2F6RxCG4%2FXkrza7x3iUanzyx%2Ft%2BkM4y8pIbNquNmImZgegfUD1cZQNbP0n%2BoLsPjdZASs%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 08 May 2016 13:32:24 GMT
vary: Accept-Encoding
etag: W/"572f3fe8-b7e"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e4e22712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7793&min_rtt=1468&rtt_var=8198&sent=192&recv=110&lost=0&retrans=0&sent_bytes=137646&recv_bytes=12031&delivery_rate=263460&cwnd=54000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=724&x=16"

GET fonts.googleapis.com/css?family=Poppins:400,600|Roboto:400,400i,500

142.250.74.10

200 OK

18 kB

URL GET
fonts.googleapis.com/css?family=Poppins:400,600|Roboto:400,400i,500
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint06:13:4C:49:F4:23:BB:58:C3:31:41:0E:F9:E0:C5:EF:74:A9:0C:67
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
ASCII text, with very long lines (1572)
Size
18 kB (17937 bytes)
Hash
a4ad77e30034d1801aa6a8cda47898cf
e505233b7e4bdd14d06c2e0f4df5ef5d232e8d7e
9e1019ffa69b51eb427c2a78f58e66ad9022489c15b436305451c4346d76947b

HTTP Headers

GET /css?family=Poppins:400,600|Roboto:400,400i,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Apr 2025 12:00:00 GMT
date: Sat, 19 Apr 2025 12:00:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bjxhxjcx.com/static/img/logo.png

104.21.16.1

200 OK

1.5 kB

URL GET
bjxhxjcx.com/static/img/logo.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
PNG image data, 108 x 36, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1536 bytes)
Hash
bb0f185735c1e4587da82b7ef4403ace
fc2f1ecd0019f1515e0012d29349b1811a00df5c
7ed24510b42ed7ac5bf0090d5b7c84e10a16633c6113e31d3a41349ea2bed9d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/img/logo.png HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pra%2F%2BXpjl98pv%2BJUcHVi7uiTd%2FGFJOlqzPmYC540y2zp3rUavhl3Fp%2FDfCuGwXaUZGtf%2FzVOddDVuJ6FrXUBy0e2f21qv5%2BEt4W7YgYv%2FQ5EtF9hHDMNrsUF52sKNI8%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 01 Oct 2018 08:38:10 GMT
vary: Accept-Encoding
etag: W/"5bb1dcf2-600"
expires: Mon, 19 May 2025 09:46:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2dee11712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4788&min_rtt=1468&rtt_var=2449&sent=132&recv=103&lost=0&retrans=0&sent_bytes=75453&recv_bytes=8155&delivery_rate=1323011&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=665&x=16"

GET bjxhxjcx.com/static/js/tilt.jquery.min.js

104.21.16.1

200 OK

5.6 kB

URL GET
bjxhxjcx.com/static/js/tilt.jquery.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (5640), with no line terminators
Size
5.6 kB (5640 bytes)
Hash
034d38aaa44f4ac1723c041d215eb146
6dccde4d78b77b035d9da0396385ade6141864cb
6951eec0a8c0c9b2eab72c4f579765e0f190165822919ddc791bb391096fd7c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/tilt.jquery.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCz5LKd2EPSL5Ekt%2BmDylgxIk%2B%2BEMEExKio8YaL73SFghwfr4gimwWAY5VvFxm23vMvqVHzd8LmY%2B6IPKk6wwX%2Fy8XpFqlR7GwvfIJIrL3dmRyw%2Fa%2BNnvq%2BTIQM4cRc%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 01 Oct 2018 08:38:10 GMT
vary: Accept-Encoding
etag: W/"5bb1dcf2-1608"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e3e1b712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6582&min_rtt=1468&rtt_var=6690&sent=230&recv=112&lost=0&retrans=0&sent_bytes=178195&recv_bytes=12123&delivery_rate=3961651&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=736&x=16"

GET bjxhxjcx.com/static/js/easing.min.js

104.21.16.1

200 OK

2.3 kB

URL GET
bjxhxjcx.com/static/js/easing.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (2301), with CRLF line terminators
Size
2.3 kB (2303 bytes)
Hash
d64116a742887080b3a0abd09e0bdad7
8cd4375fc3c60237ea3994209d17a57ccbe6b0c6
901eb80cc3f8c274fe6711bd023884258839610c9274082a4881f71e2206b4fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/easing.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RT1EQeUv%2FAp1ephsIiWFsDg6lqCKQgtmjY0rIgrJjeQfN7ul5RQthxjZG588sBBIeNdlXkoadPSuGoQvS3tXb0iLESC1ISNPgGpy1EH%2B%2BVvK5sQnMPkwYMO9J1%2BLKsA%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 08 Jan 2018 09:14:10 GMT
vary: Accept-Encoding
etag: W/"5a533662-8ff"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e3e1d712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=181&recv=109&lost=0&retrans=0&sent_bytes=125731&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=721&x=16"

GET bjxhxjcx.com/static/js/hoverIntent.js

104.21.16.1

200 OK

7.1 kB

URL GET
bjxhxjcx.com/static/js/hoverIntent.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
7.1 kB (7078 bytes)
Hash
6fdf4814817af1a513273be884166dfd
c48a39ec831f050690061910c363d2bcf76759eb
61168602288a63df2b3f98292b8dbea4e021ec0fd683444e49e4d95766a8a0e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/hoverIntent.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=189CJiA1TwDig6Unb3D5SwP4uuYr5U5q%2FZ6XstFq6xVY7tHKhuNw%2FfbGCA9sDPe9pFbKrF4cW%2FoP75ScbqCXOi52aYRyli4KS9dtDD3YOaV5ajMygwpnD24GJ8sp9QA%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 08 Jan 2018 09:14:10 GMT
vary: Accept-Encoding
etag: W/"5a533662-1ba6"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e3e19712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7105&min_rtt=1468&rtt_var=7524&sent=227&recv=111&lost=0&retrans=0&sent_bytes=174915&recv_bytes=12077&delivery_rate=2390455&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=733&x=16"

GET bjxhxjcx.com/static/js/jquery.ajaxchimp.min.js

104.21.16.1

200 OK

4.8 kB

URL GET
bjxhxjcx.com/static/js/jquery.ajaxchimp.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text
Size
4.8 kB (4820 bytes)
Hash
8eace32bdc314e746f5b01015115b3a8
90395aa2ff153cfb6d5c256a3f70bc4d545a3190
3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/jquery.ajaxchimp.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZzU8MCzawUwKAq7T8gz3mTvvga6OA3tQ3u4Qd0c6cLgucKOiQhJ8wlLGkFigLasqzm4v9yCHHdOl9ilj6U26IhHmB%2FLOV0o2caB1RfhJvSvIFM5elXi%2BcAyViBMyWM%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 27 Aug 2017 08:45:04 GMT
vary: Accept-Encoding
etag: W/"59a28690-12d4"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e3e1f712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7105&min_rtt=1468&rtt_var=7524&sent=224&recv=111&lost=0&retrans=0&sent_bytes=171723&recv_bytes=12077&delivery_rate=2390455&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=730&x=16"

GET bjxhxjcx.com/static/js/hexagons.min.js

104.21.16.1

200 OK

3.4 kB

URL GET
bjxhxjcx.com/static/js/hexagons.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (3421), with no line terminators
Size
3.4 kB (3421 bytes)
Hash
7886c815fb394f3580bd97739e264d7f
556165fe3bce3ede9de84812c04e0676dff77d0d
83b6c8e756da5edbc093bab7f5ebd1ef82c8612839a3daf5d886c8d14be039a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/hexagons.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kW5wWIdbrzoRke%2Be%2FKyNQv7BThx7EDQbdZDCzHHXFI9wfauHVcMU7l4lYAP%2BQ6A6RRnBAOyAlhfnRPxFIojvlf3dZuZssUsCLjxVZ76J1wvAXARQcXfsEjdLyOthZOg%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 15 Sep 2015 13:03:38 GMT
vary: Accept-Encoding
etag: W/"55f8172a-d5d"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e3e20712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=138&recv=109&lost=0&retrans=0&sent_bytes=79634&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=716&x=16"

GET bjxhxjcx.com/static/img/banner.jpg

104.21.16.1

200 OK

35 kB

URL GET
bjxhxjcx.com/static/img/banner.jpg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Macintosh), datetime=2018:10:02 08:43:58], baseline, precision 8, 1920x450, components 3
Size
35 kB (34911 bytes)
Hash
36bafead5902a850fc7a2ce8a5e708a2
18ea7b3a521ae5f14e363552d4938e32a7c45eaf
110c743cfe099958c79e0d7a04e15a1e0904ad6d62fbbf6df757810b3fdc3b65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/img/banner.jpg HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 12:00:01 GMT
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRba%2BqrnE0W2rnLur1hkpLgGZ6Q9ZnwzXy7fo38fD%2BPkQB%2Bngn0hcyLtj%2B7h51oMSixw98Wd7KqJGvbRh4vLx6oygWK7c41Lq%2FnFJna9RXJmdwGyHi8gwhls8J9Dp64%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 02 Oct 2018 00:44:02 GMT
vary: Accept-Encoding
etag: W/"5bb2bf52-885f"
expires: Sun, 18 May 2025 18:00:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 64760
cf-ray: 932c3d3a9eba712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10100&min_rtt=1468&rtt_var=12341&sent=239&recv=115&lost=0&retrans=0&sent_bytes=184893&recv_bytes=12505&delivery_rate=238541&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=2705&x=16"

GET bjxhxjcx.com/images/defaultpic.gif

104.21.16.1

200 OK

6.4 kB

URL GET
bjxhxjcx.com/images/defaultpic.gif
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
PNG image data, 512 x 330, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6408 bytes)
Hash
a22087b8272e7e8c1ef5702ba943ad93
02865bfb0c215e061f515a77882657a9aceee9e1
f4e3729058237486921233ba5eb99c641a4bff858279fb7d36b48ab42ab9989a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/defaultpic.gif HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: image/gif
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeuNp43Ewc4UPIboOVchTU3Kk2qs0iOSffbJEUbuFav0Bg3s1dj4jP9zaUG2OpqUN7R1tScd%2FyLYBwiQkwN%2FZy%2Bhnw5qTT3EMC5XI22JokllZtVS9Il%2FgHIDLqK23Q0%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 30 Oct 2023 20:31:56 GMT
vary: Accept-Encoding
etag: W/"654012bc-1908"
expires: Sun, 18 May 2025 18:00:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 64765
cf-ray: 932c3d2e3e17712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=144&recv=109&lost=0&retrans=0&sent_bytes=83646&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=718&x=16"

GET bjxhxjcx.com/static/js/vendor/jquery-2.2.4.min.js

104.21.16.1

200 OK

86 kB

URL GET
bjxhxjcx.com/static/js/vendor/jquery-2.2.4.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
86 kB (85577 bytes)
Hash
b354cc9d56a1da6b0c77604d1b153850
a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/vendor/jquery-2.2.4.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6QlxKRKEFXe1AElGG1X%2B0YYr6Zamb%2FJ0ZE0i0U43CXejeJwMo1V9Di64DrlAe%2B0%2F4DQinGZWdyOUfxKx%2FW7MRYp42U6N8%2FidY%2BT8hlP17nVpmQTLcX2mVZlcfrn%2F0Kg%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 15 May 2017 10:42:08 GMT
vary: Accept-Encoding
etag: W/"59198600-14e49"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e3e16712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=144&recv=109&lost=0&retrans=0&sent_bytes=83646&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=718&x=16"

GET bjxhxjcx.com/static/js/vendor/bootstrap.min.js

104.21.16.1

200 OK

51 kB

URL GET
bjxhxjcx.com/static/js/vendor/bootstrap.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (50759)
Size
51 kB (51041 bytes)
Hash
3a4912f4311c63d3af01bcd3441959ce
f1c0f5a8fc1868582dcfbb4e955893f129bf7e4b
f203aa11401db444669a0a833bc0da0324f6c6b59bb8291a0e50af290ae7ff42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/vendor/bootstrap.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6kwjrGBHheXxUyiNK%2Brdh9e6mmOohd%2FDzveA3MRFNXtiUIRn9Zc55V8NxwgXlutwsSMssOJDn2vsjYWoUtraoPao%2BwUKPYTlGglTi5%2BcjEJe7ZaIx3bQf8YiTREUg1I%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 28 Aug 2018 04:27:26 GMT
vary: Accept-Encoding
etag: W/"5b84cf2e-c761"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e3e1a712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=181&recv=109&lost=0&retrans=0&sent_bytes=125731&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=721&x=16"

GET bjxhxjcx.com/static/js/owl.carousel.min.js

104.21.16.1

200 OK

40 kB

URL GET
bjxhxjcx.com/static/js/owl.carousel.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (32068), with CRLF line terminators
Size
40 kB (40402 bytes)
Hash
db4c9c39a3af9343842156df81f25d08
36af2c0bc454462355584a535897ca5ec6371f3a
e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/owl.carousel.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hirXrB6JMVl1Z0b2SuQciUAL%2BbZ7r9jSOT4tnby8aBg54S3ZFUXBL0%2FGnjVeZI47STVvNJfHM6uKdcK9QfBWWbp5CHbofKkkikDQv9VcNdynwDn7UmrmI2mGxZ%2FApQ%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 20 Feb 2017 02:40:46 GMT
vary: Accept-Encoding
etag: W/"58aa572e-9dd2"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e3e1c712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=181&recv=109&lost=0&retrans=0&sent_bytes=125731&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=723&x=16"

GET bjxhxjcx.com/static/js/owl-carousel-thumb.min.js

104.21.16.1

200 OK

3.6 kB

URL GET
bjxhxjcx.com/static/js/owl-carousel-thumb.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (3644)
Size
3.6 kB (3645 bytes)
Hash
a4ce825d7443f94b264979f96626b467
8d7981e2f0b97152f90bd6465114523267676dc3
3c440dc3cae731812a91363cd1ff95d7145119a8c7870c88f2c0b0e6b80b7a5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/owl-carousel-thumb.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rs8c%2FJO3NGHY4UYHjRXQDjT0SARMEWJM6Bmtd8THVucia%2BuoZ3ai%2Fxck3StuOv4opMIourbLRQxbUaHRzKMAlWDuFWTP%2FdA5vSA1aOlJATX5Bc093wSroJksedwrMc%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 18 Sep 2018 11:13:40 GMT
vary: Accept-Encoding
etag: W/"5ba0dde4-e3d"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e3e1e712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=136&recv=109&lost=0&retrans=0&sent_bytes=77731&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=716&x=16"

GET cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

19 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
19 kB (19188 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjxhxjcx.com
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
cf-ray: 932c3d2eeadc5696-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 227842
expires: Thu, 09 Apr 2026 11:59:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsmVvIUCnAwdXSU6%2B9q%2F1nrW3loTznrxMGJgErVn9LimveP2sWhikMs%2BgVshNKFz%2B8%2FYE0IjXl6VCDU7EyceHWdGpfYthScpdrf5UqD5ihP6By06f2UXPh04%2FL1r2MidUMMJkYAL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bjxhxjcx.com/static/js/jquery.magnific-popup.min.js

104.21.16.1

200 OK

20 kB

URL GET
bjxhxjcx.com/static/js/jquery.magnific-popup.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (20087)
Size
20 kB (20216 bytes)
Hash
ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/jquery.magnific-popup.min.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Er7rp7kW%2BGfNU1EDmvDYc2OtjnKtA6hdk5cBePRGbr1HD8xXqJCBoz1UyERqWxNrwKBv5Q8TWUrUzB0HqkU4ozqTQNmgmbxvU7l2zP%2FghAEJ9gGxDjxUvJYu2oH1f3c%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 04 Jun 2017 17:11:48 GMT
vary: Accept-Encoding
etag: W/"59343f54-4ef8"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e3e21712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8590&min_rtt=1468&rtt_var=8805&sent=144&recv=109&lost=0&retrans=0&sent_bytes=83646&recv_bytes=11985&delivery_rate=1405875&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=718&x=16"

GET bjxhxjcx.com/static/js/mail-script.js

104.21.16.1

200 OK

1.2 kB

URL GET
bjxhxjcx.com/static/js/mail-script.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text
Size
1.2 kB (1230 bytes)
Hash
df98b7098690619c0c9e6b42b5a77b48
d3fe896ed8d259df077220f71fba197ff033d27e
01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/mail-script.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DpvdhBHYOEeKxNUnmswIgSKdgbjMvQWXcBmMAJC%2Fkj0DvKYAUO3BNYbVikML08ajC1J2l1jCaEWVZG0bHUVOKhDgMOIopZoHhYcwrv2XeE9YE7A8S6%2BD0HZF1u6pS2I%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 29 Jan 2018 10:55:36 GMT
vary: Accept-Encoding
etag: W/"5a6efda8-4ce"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2e4e24712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7105&min_rtt=1468&rtt_var=7524&sent=226&recv=111&lost=0&retrans=0&sent_bytes=173718&recv_bytes=12077&delivery_rate=2390455&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=731&x=16"

GET bjxhxjcx.com/static/js/main.js

104.21.16.1

200 OK

12 kB

URL GET
bjxhxjcx.com/static/js/main.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (1695)
Size
12 kB (12304 bytes)
Hash
1bf17910a94d3c25989a1d236bc0a419
cc3be3dd8447175a7958f359f93eb774f8e090c5
2d20a7c7a6abc5d3a2defd69caaa64bbebab437df7ccff596794ccf49509b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/main.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwZtWReRd0a4Lcf2Dwd3z07NBrpawtMRt5VPGcPi20EaYdX4UZ7vprBNNd8TZVsF7Soca5ISncv4ZxGNO1FFl%2FKp53LshJ1IvbpzUtOGk9%2BD36dTKLYvM0vw89GzMQI%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 03 Oct 2018 01:10:34 GMT
vary: Accept-Encoding
etag: W/"5bb4170a-3010"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2e4e23712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6582&min_rtt=1468&rtt_var=6690&sent=233&recv=112&lost=0&retrans=0&sent_bytes=180874&recv_bytes=12123&delivery_rate=3961651&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=737&x=16"

GET fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjxhxjcx.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 09:32:10 GMT
expires: Fri, 17 Apr 2026 09:32:10 GMT
cache-control: public, max-age=31536000
age: 181671
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bjxhxjcx.com/static/css/font-awesome.min.css

104.21.16.1

200 OK

31 kB

URL GET
bjxhxjcx.com/static/css/font-awesome.min.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
31 kB (31004 bytes)
Hash
a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/font-awesome.min.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XITLZxC3Z0e1JMwbU2QBwnER3%2BaKCW2ZHiWDoyBzuGwGmmi25KxQr8MTmvRURmR5nyVDqrJyO6X2ma%2BsNHTc6YWbDFKcc6MePscXPLxEYW4NtuSRJYL29OQi5h%2FJlBM%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 20 Feb 2017 02:40:46 GMT
vary: Accept-Encoding
etag: W/"58aa572e-791c"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2dce09712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5674&min_rtt=1468&rtt_var=2798&sent=68&recv=99&lost=0&retrans=0&sent_bytes=8947&recv_bytes=7736&delivery_rate=63300&cwnd=12000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=645&x=16"

GET bjxhxjcx.com/static/css/bootstrap.css

104.21.16.1

200 OK

184 kB

URL GET
bjxhxjcx.com/static/css/bootstrap.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text
Size
184 kB (183481 bytes)
Hash
eabfbeeb69bcd7096f1096c8853022ea
4397b30a538c8e287034b0a67be353c92716df7c
5beb0011ec164ce463074fe96489be6b6927568ebf8ae48b6337a50fc3149c19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/bootstrap.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBtIaMPfrPjuYmpjv6Ow0Br473tbWGhers2ACKsu6gjZqJBaatwB8B6h3en97sqE2EZ%2B9ziJxDqggn9aLwNb%2Fe9R2EAjF84zpzWTl3891hPJsbPR1DHc3CG3EJ8lgYs%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 28 Aug 2018 04:31:14 GMT
vary: Accept-Encoding
etag: W/"5b84d012-2ccb9"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7980
cf-ray: 932c3d2dce0a712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5674&min_rtt=1468&rtt_var=2798&sent=77&recv=99&lost=0&retrans=0&sent_bytes=17646&recv_bytes=7736&delivery_rate=63300&cwnd=12000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=647&x=16"

GET bjxhxjcx.com/tj.js

104.21.16.1

200 OK

363 B

URL GET
bjxhxjcx.com/tj.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
JavaScript source, ASCII text, with very long lines (361)
Size
363 B (363 bytes)
Hash
1a57a47fe3aaf28b4864980bdeda1cf5
402ff5e38f3d6b2fa703df5ba9437b0743659e83
fd9600ac6e6a439e6b2a46360a04bc60361c63ec6f973f6751b7737a4e66089b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tj.js HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CSeWbG19NE1RbsMX1y3kmoOdRbmpwnpw1WxhM1Xk8Iw0HUOeMzcl0U9%2BpshaD%2BJ2KKcc%2BgAa%2BS2SS4OxiGbpcxaD%2FYXzgriSIIq01qrzbJcrSb22zXqGJDGG2oB2ps%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 30 Oct 2024 03:14:48 GMT
etag: W/"6721a4a8-16b"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 7980
content-encoding: br
cf-ray: 932c3d2dde10712a-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4788&min_rtt=1468&rtt_var=2449&sent=131&recv=103&lost=0&retrans=0&sent_bytes=74525&recv_bytes=8155&delivery_rate=1323011&cwnd=48000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=658&x=16"

GET oudngmslhifnsf.gdmgcyy.com/tj.js

156.224.2.38

200 OK

805 B

URL GET
oudngmslhifnsf.gdmgcyy.com/tj.js
IP
156.224.2.38:443
ASN
#133199 SonderCloud Limited

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerLet's Encrypt
Subjectoudngmslhifnsf.gdmgcyy.com
Fingerprint67:FA:6A:47:D7:8F:2B:66:5E:6B:74:C1:A7:E9:5D:E1:BF:00:E9:48
ValiditySat, 15 Mar 2025 08:28:00 GMT - Fri, 13 Jun 2025 08:27:59 GMT

File type
JavaScript source, ASCII text, with very long lines (805), with no line terminators
Size
805 B (805 bytes)
Hash
b91b404e65a6d55f48e3e8929aaa6631
7feb40ab7aa9c2ff7458e6e89a74af63c5f56ae8
d73b625c5e38c3fd1e0d5a113374bec35307dd4cde91aca48167ee3dc33567ee

HTTP Headers

GET /tj.js HTTP/1.1
Host: oudngmslhifnsf.gdmgcyy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.3
Date: Sat, 19 Apr 2025 12:00:01 GMT
Content-Type: application/javascript
Content-Length: 805
Last-Modified: Sun, 19 May 2024 07:52:07 GMT
Connection: keep-alive
ETag: "6649afa7-325"
Accept-Ranges: bytes

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjxhxjcx.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:03:46 GMT
expires: Fri, 17 Apr 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 179775
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bjxhxjcx.com/static/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.16.1

200 OK

77 kB

URL GET
bjxhxjcx.com/static/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/static/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 12:00:01 GMT
content-type: font/woff2
content-length: 77160
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKyE5j7PHHiKGVfCFLCRkBmZ7t16DVAekE%2FpwpExvN2rsp2Nzm4MaRWtp3%2BtugZYJlhwLjSAptXzhZHiqFYEvBJaCWd%2FbrpvdJr6Ab7Fd3jr710%2FNjfBRMm6NLXKXuk%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 20 Feb 2017 02:40:46 GMT
etag: "58aa572e-12d68"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 560
accept-ranges: bytes
cf-ray: 932c3d3b3ec0712a-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9086&min_rtt=1468&rtt_var=11285&sent=257&recv=117&lost=0&retrans=0&sent_bytes=203558&recv_bytes=12902&delivery_rate=952906&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=2802&x=16"

GET bjxhxjcx.com/static/fonts/Linearicons-Free.woff2?w118d

104.21.16.1

200 OK

22 kB

URL GET
bjxhxjcx.com/static/fonts/Linearicons-Free.woff2?w118d
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21780, version 1.0
Size
22 kB (21780 bytes)
Hash
03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/Linearicons-Free.woff2?w118d HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/static/css/linearicons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 12:00:01 GMT
content-type: font/woff2
content-length: 21780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnCYBQuoFIaIaMBi%2FhSU0JvouB2f%2BT7bdotnIAZS5hACc8GcOQtteA6avLjmhjmemdEL1qUFtX9J82rOyXkdCXR7SzCr9mJcMl40wqAEucKt6h2ynNutnZLTGoYKbJg%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 23 May 2015 10:30:36 GMT
etag: "556056cc-5514"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 560
accept-ranges: bytes
cf-ray: 932c3d3bbec8712a-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8958&min_rtt=1468&rtt_var=8718&sent=325&recv=119&lost=0&retrans=0&sent_bytes=283373&recv_bytes=13291&delivery_rate=2012792&cwnd=108000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=2881&x=16"

GET bjxhxjcx.com/qkl/11701.html

104.21.16.1

200 OK

24 kB

URL User Request GET
bjxhxjcx.com/qkl/11701.html
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1929), with CRLF, LF line terminators
Size
24 kB (23513 bytes)
Hash
d5621b3ab2e95a7651e243e85e1243e4
20288ae4f837cb1f9b10abc37477aef1ddf91805
2aefbee84775d7fcf31566cc043feab287e3106cc69adcabaa49cf0d97b967fb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /qkl/11701.html HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 11:59:58 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 17 Mar 2025 02:01:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 932c3d238c6056bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bjxhxjcx.com/static/css/nice-select.css

104.21.16.1

200 OK

4.0 kB

URL GET
bjxhxjcx.com/static/css/nice-select.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subjectbjxhxjcx.com
FingerprintB8:72:D9:CF:1A:0C:B9:B3:8E:2E:A2:6E:63:DE:04:F1:24:CD:46:F5
ValiditySun, 16 Mar 2025 15:29:31 GMT - Sat, 14 Jun 2025 16:26:55 GMT

File type
ASCII text
Size
4.0 kB (4007 bytes)
Hash
a7ace323b9fc8a831a6e64feb23fa0b9
9317ad29306bc72eb3fa92981be8141fcd394e7c
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/nice-select.css HTTP/1.1
Host: bjxhxjcx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bjxhxjcx.com/qkl/11701.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 11:59:59 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMws9MVd7V0b7sTEbAs1KtCZhYKDy6Kog8tJhJFmI91dpsmk%2Bjlb8HxX%2BQW1elkq%2FDe3gp2lPoDTw4Um2cxF2DcBulMo1nAHg95Zu7icEXQ5QRy4oVTBDG81UFuzMNE%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 08 May 2016 13:32:24 GMT
vary: Accept-Encoding
etag: W/"572f3fe8-fa7"
expires: Sat, 19 Apr 2025 21:46:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 7981
cf-ray: 932c3d2dce0c712a-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5674&min_rtt=1468&rtt_var=2798&sent=80&recv=99&lost=0&retrans=0&sent_bytes=20947&recv_bytes=7736&delivery_rate=63300&cwnd=12000&unsent_bytes=0&cid=b5d2a2c51d30aa24&ts=648&x=16"

GET fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.35

200 OK

8.0 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bjxhxjcx.com/qkl/11701.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjxhxjcx.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 09:35:01 GMT
expires: Fri, 17 Apr 2026 09:35:01 GMT
cache-control: public, max-age=31536000
age: 181500
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML