Report - beatsthealternative.me/

Report Overview

Visited public
2025-02-24 02:30:28
Tags
URL
beatsthealternative.me/
Finishing URL
beatsthealternative.me/
IP / ASN
34.92.98.45
#396982 GOOGLE-CLOUD-PLATFORM
Title
澳洲幸运5官网-幸运5分彩官网开奖-在线开奖结果-官方开奖号码历史免费查询、Science news and product reviews.

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
beatsthealternative.me	unknown	2024-03-06	2016-11-02	2024-01-11	2.2 kB	199 kB	34.92.98.45
studyfinds.org	135462	2016-11-04	2017-08-01	2024-12-07	2.5 kB	98 kB	172.67.147.32
bd51static.com	unknown	2021-10-07	2021-10-07	2025-02-22	333 B	775 B	35.215.190.193
kjw-1688.com	unknown	2025-02-10	2025-02-24	2025-02-24	11 kB	650 kB	34.150.30.15
api.api168168.com	unknown	2020-10-09	2020-10-09	2025-02-24	2.4 kB	58 kB	35.241.106.141

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed
2025-02-24	medium	kjw-1688.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	kjw-1688.com/webapp/js/lib/date.js	ScriptElement	7.9 kB	2023-03-07	2025-04-19
Pretty URL kjw-1688.com/webapp/js/lib/date.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-04-19 22:12 Times Seen131 Hash a9256f059d597b6c3fa046e00d457fcd a5d5298fd6737d99e4dd71f9b1f686849f5f87da 5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e Loading...

	kjw-1688.com/webapp/js/local/ssc/head_aozxy5.js	ScriptElement	338 B	2023-03-10	2025-04-19
Pretty URL kjw-1688.com/webapp/js/local/ssc/head_aozxy5.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23 Last Seen2025-04-19 22:12 Times Seen46 Hash c3261b46b0ab83708346a608d8c628ce 39835e5d93ce2c5473c7375d9e4492878e598081 a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97 Loading...

	beatsthealternative.me/	ScriptElement	476 B	2023-03-07	2025-05-08
Pretty URL beatsthealternative.me/ IP 34.92.98.45 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 04:21 Times Seen16531 Hash ce71388c2d441cfb9ef0985bc4e5bb71 1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a Loading...

	kjw-1688.com/webapp/js/lib/jquery.async.js	ScriptElement	902 B	2023-03-07	2025-04-19
Pretty URL kjw-1688.com/webapp/js/lib/jquery.async.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-04-19 22:12 Times Seen130 Hash 2e3cd10cd7579756c32b479d018996ce f802c0231c81b061352b3c7bb4c64c143ce353f2 9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f Loading...

	kjw-1688.com/webapp/js/lib/jquery-1.9.1.js	ScriptElement	93 kB	2023-03-07	2025-04-19
Pretty URL kjw-1688.com/webapp/js/lib/jquery-1.9.1.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-04-19 22:12 Times Seen118 Hash 0ced1955d04ad67f93c642501960172d e346705c96ed71fef43144a893dc26f0d1ff2a81 7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90 Loading...

	kjw-1688.com/webapp/js/lib/config.js	ScriptElement	9.3 kB	2024-12-17	2025-04-05
Pretty URL kjw-1688.com/webapp/js/lib/config.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-17 12:32 Last Seen2025-04-05 21:51 Times Seen6 Hash eeffdb51b819e3cf8ac0803326e329a7 cf626ac4262a72c3f7a8c34cee16ba03c95e2918 0786f02381c37333f2b54dfdbdf77ed09c40c1850f7a72718cb430f4011d5096 Loading...

	beatsthealternative.me/js/lazyload.min5bf8.js	ScriptElement	9.4 kB	2023-03-13	2025-05-07
Pretty URL beatsthealternative.me/js/lazyload.min5bf8.js IP 34.92.98.45 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:16 Last Seen2025-05-07 23:02 Times Seen732 Hash b4edcd1be13b85ed07b019a0158233f5 410d4f063b36cbd908c7733272cc3b9ef615e9e0 58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef Loading...

	kjw-1688.com/webapp/js/lib/Sortable.min.js	ScriptElement	0 B	0001-01-01	2025-05-08
Pretty URL kjw-1688.com/webapp/js/lib/Sortable.min.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-08 06:13 Times Seen4629659 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kjw-1688.com/webapp/js/lib/drawLines.js	ScriptElement	25 kB	2023-03-07	2025-04-19
Pretty URL kjw-1688.com/webapp/js/lib/drawLines.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-04-19 22:12 Times Seen130 Hash 7db0502baf867aa0663475b899ffb19e a69f4ef6ab52c62d9885dc55b733c8c37687383e 8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb Loading...

	kjw-1688.com/webapp/js/lib/iscroll.js	ScriptElement	20 kB	2023-03-07	2025-04-19
Pretty URL kjw-1688.com/webapp/js/lib/iscroll.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-04-19 22:12 Times Seen131 Hash 3249e269b6bf59a9596ff4dd4908bd74 16f804a74f66585bf01bb2217997a2a4ff0c4a23 3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c Loading...

	kjw-1688.com/webapp/js/local/tools/tools.js	ScriptElement	102 kB	2024-12-17	2025-04-05
Pretty URL kjw-1688.com/webapp/js/local/tools/tools.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-17 12:32 Last Seen2025-04-05 21:51 Times Seen6 Hash 11182d3863b1c773059248f024e210f8 c9848cb3343f89f42bac3c218d06d89f775d6223 864d6107b91bfbc6e34980c94ba40285648aa27e280456dec5bd78975460b4c8 Loading...

	bd51static.com/11sp.js	ScriptElement	1.1 kB	2025-02-24	2025-02-24
Pretty URL bd51static.com/11sp.js IP 35.215.190.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-24 02:30 Last Seen2025-02-24 02:30 Times Seen1 Hash 61390b866f4e161a780c43949e2e562e 4e1cd54665bf3f70a4766ff6abcfd66eae975ce7 eb8b14f7ff1df74ad433b53bc5eb38c83c46bc6269b8be086060228a31f181d8 Loading...

	beatsthealternative.me/main.js	ScriptElement	1.2 kB	2025-02-24	2025-02-24
Pretty URL beatsthealternative.me/main.js IP 34.92.98.45 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-24 02:30 Last Seen2025-02-24 02:30 Times Seen1 Hash b3029ede619d93f455814c0d3ab87d00 26dff4ed44bc8ac04cd6385c7076d2714ee3036d 6c1924a7d3714ee669f242888bfb61dac3a200c8df3045a46d8bca65ff3c8b2f Loading...

	kjw-1688.com/webapp/js/local/ssc/index.js	ScriptElement	81 kB	2023-03-10	2025-04-19
Pretty URL kjw-1688.com/webapp/js/local/ssc/index.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23 Last Seen2025-04-19 22:12 Times Seen46 Hash 7cbf7c3e6596443aea193db26588a203 dc9284b3d853f40b1f892dc853002b1cbf2e700a ae8b3e11044bfe4ada3cbe02de1e3a8b9f7476b4cb8cf6e8a29074e423d254e9 Loading...

	beatsthealternative.me/	ScriptElement	12 kB	2025-02-24	2025-02-24
Pretty URL beatsthealternative.me/ IP 34.92.98.45 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-24 02:30 Last Seen2025-02-24 02:30 Times Seen1 Hash 1a4bbf2684c45a4bad1e27ae7bdbe4a2 718e6886adaa11ee065817a13d69b0aaf63fbd09 28d7410a03918142ddd310267c4781be8dfb9c56f0b06126102eb4b719208afc Loading...

	kjw-1688.com/webapp/js/lib/pk10BaseTrend.js	ScriptElement	6.7 kB	2023-03-07	2025-04-19
Pretty URL kjw-1688.com/webapp/js/lib/pk10BaseTrend.js IP 34.150.30.15 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-04-19 22:12 Times Seen130 Hash 6f6fadebe51378762442a2211edfef60 abb6dd63e315112728f3540ef124480e4b1e9048 441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8d92ea1aaeb41df2742919e923f73f1b	421 B	2025-02-24 02:30	2025-02-24 02:30
Pretty Observations First Seen2025-02-24 02:30 Last Seen2025-02-24 02:30 Times Seen1 Hash 8d92ea1aaeb41df2742919e923f73f1b 9a2ebff79a74e8e4edf1b3b80e07775ec0ffc8bf d37a6fffee5f0c98ec30b552a34d8017a5c4d124a5b432dca73d52b3290d8fde Loading...

	#2 Eval - 2f3b48fd8fa4db2f39788116dbf87bee	405 B	2023-03-07 12:24	2025-02-27 08:54
Pretty Observations First Seen2023-03-07 12:24 Last Seen2025-02-27 08:54 Times Seen99 Hash 2f3b48fd8fa4db2f39788116dbf87bee 5d672a2f88557fe219a75d809a5e86825c68ed1c d6f708d137516644dd0ba5704ca91727587b8c5265f10442ce34ffe67f07c48d Loading...

		Size	First Seen	Last Seen
	#1 Write - fe2c3bfdb35c023c36f4683171ccb81e	402 B	2025-02-24 02:30	2025-02-24 02:30
Pretty Observations First Seen2025-02-24 02:30 Last Seen2025-02-24 02:30 Times Seen1 Hash fe2c3bfdb35c023c36f4683171ccb81e 692aac1f9c5db4d86339dc70a025db59ddb209ef 3a4d57e6ef59310736185b47c633f0f8762a3f3306763feaff7c28d8a633c8ce Loading...

HTTP Transactions (40)

URL IP Response Size

beatsthealternative.me/main.js

34.92.98.45

200 OK

539 B

URL GET HTTP/1.1
beatsthealternative.me/main.js
IP
34.92.98.45:80
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://beatsthealternative.me/

File type
JavaScript source, ASCII text, with very long lines (473), with CRLF line terminators
Size
539 B (539 bytes)
Hash
b3029ede619d93f455814c0d3ab87d00
26dff4ed44bc8ac04cd6385c7076d2714ee3036d
6c1924a7d3714ee669f242888bfb61dac3a200c8df3045a46d8bca65ff3c8b2f

HTTP Headers

GET /main.js HTTP/1.1
Host: beatsthealternative.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:29:58 GMT
Content-Type: application/javascript
Last-Modified: Mon, 10 Feb 2025 07:01:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67a9a433-4cc"
Expires: Mon, 24 Feb 2025 14:29:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

beatsthealternative.me/

34.92.98.45

200 OK

60 kB

URL User Request GET
beatsthealternative.me/
IP
34.92.98.45:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document, Unicode text, UTF-8 text, with very long lines (25496)
Size
60 kB (59559 bytes)
Hash
5d0cd1f4544911e8237fc66b7f7ea644
da33ff57af3a4023082ca3503de3d119fb970e01
b22398329f283821f2dbbf60df6f462f5de63dc03c26100c76b135e723e0ff18

HTTP Headers

GET / HTTP/1.1
Host: beatsthealternative.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:29:58 GMT
Content-Type: text/html
Last-Modified: Mon, 10 Feb 2025 07:01:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67a9a433-3958e"
Content-Encoding: gzip

studyfinds.org/wp-content/uploads/2023/02/Europa-salty-ice-500x320.png

172.67.147.32

200 OK

59 kB

URL GET HTTP/2
studyfinds.org/wp-content/uploads/2023/02/Europa-salty-ice-500x320.png
IP
172.67.147.32:443
ASN
#13335 CLOUDFLARENET

Requested by
http://beatsthealternative.me/
Certificate
IssuerGoogle Trust Services
Subjectstudyfinds.org
Fingerprint0A:A4:D0:7F:93:9A:9F:3F:60:1E:43:60:FE:DD:6D:56:5E:54:4E:22
ValidityTue, 31 Dec 2024 23:34:31 GMT - Tue, 01 Apr 2025 00:34:24 GMT

File type
PNG image data, 500 x 320, 8-bit colormap, non-interlaced
Size
59 kB (59342 bytes)
Hash
b1a445210bfdd82a2a9190e863af12a7
50e006f30901c5d57a7c4caa201895b0df765889
cff50818287c4aefff9398e63399873aa62ea5636ad8e7a7a01b37926bb87242

HTTP Headers

GET /wp-content/uploads/2023/02/Europa-salty-ice-500x320.png HTTP/1.1
Host: studyfinds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Feb 2025 02:29:59 GMT
content-type: image/png
content-length: 59342
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "64c11301-e7ce"
last-modified: Wed, 26 Jul 2023 12:35:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 916c07f23dbfb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bd51static.com/11sp.js

35.215.190.193

200 OK

429 B

URL GET HTTP/1.1
bd51static.com/11sp.js
IP
35.215.190.193:80
ASN
#15169 GOOGLE

Requested by
http://beatsthealternative.me/

File type
HTML document, ASCII text, with very long lines (554)
Size
429 B (429 bytes)
Hash
61390b866f4e161a780c43949e2e562e
4e1cd54665bf3f70a4766ff6abcfd66eae975ce7
eb8b14f7ff1df74ad433b53bc5eb38c83c46bc6269b8be086060228a31f181d8

HTTP Headers

GET /11sp.js HTTP/1.1
Host: bd51static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:29:59 GMT
Content-Type: application/javascript
Last-Modified: Thu, 13 Feb 2025 09:33:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67adbc79-45d"
Expires: Mon, 24 Feb 2025 14:29:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

studyfinds.org/wp-content/uploads/2023/03/Woman-rubbing-sunscreen-on-her-shoulder-500x320.jpeg

172.67.147.32

200 OK

20 kB

URL GET HTTP/2
studyfinds.org/wp-content/uploads/2023/03/Woman-rubbing-sunscreen-on-her-shoulder-500x320.jpeg
IP
172.67.147.32:443
ASN
#13335 CLOUDFLARENET

Requested by
http://beatsthealternative.me/
Certificate
IssuerGoogle Trust Services
Subjectstudyfinds.org
Fingerprint0A:A4:D0:7F:93:9A:9F:3F:60:1E:43:60:FE:DD:6D:56:5E:54:4E:22
ValidityTue, 31 Dec 2024 23:34:31 GMT - Tue, 01 Apr 2025 00:34:24 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x320, components 3
Size
20 kB (20058 bytes)
Hash
24a789d014cdcc86ffb4a8f302462032
5a48d2286813ecf0ecedee9a9f7d240ad74e14c4
e01103c9c6b147991fb01b96724dc142b6e629acac33fc7fa6784e922266a61a

HTTP Headers

GET /wp-content/uploads/2023/03/Woman-rubbing-sunscreen-on-her-shoulder-500x320.jpeg HTTP/1.1
Host: studyfinds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Feb 2025 02:29:59 GMT
content-type: image/jpeg
content-length: 20058
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=20066
etag: "64231bc6-4e62"
last-modified: Tue, 28 Mar 2023 16:54:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 916c07f23dc0b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

beatsthealternative.me/js/lazyload.min5bf8.js

34.92.98.45

200 OK

3.5 kB

URL GET HTTP/1.1
beatsthealternative.me/js/lazyload.min5bf8.js
IP
34.92.98.45:80
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://beatsthealternative.me/

File type
JavaScript source, ASCII text, with very long lines (9355), with no line terminators
Size
3.5 kB (3534 bytes)
Hash
b4edcd1be13b85ed07b019a0158233f5
410d4f063b36cbd908c7733272cc3b9ef615e9e0
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef

HTTP Headers

GET /js/lazyload.min5bf8.js HTTP/1.1
Host: beatsthealternative.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:29:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 01 Mar 2024 10:26:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65e1ad5a-248b"
Expires: Mon, 24 Feb 2025 14:29:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

studyfinds.org/wp-content/themes/studyfinds-2021/assets/images/StudyFinds-Gold-Logo.png

172.67.147.32

200 OK

13 kB

URL GET HTTP/3
studyfinds.org/wp-content/themes/studyfinds-2021/assets/images/StudyFinds-Gold-Logo.png
IP
172.67.147.32:443
ASN
#13335 CLOUDFLARENET

Requested by
http://beatsthealternative.me/
Certificate
IssuerGoogle Trust Services
Subjectstudyfinds.org
Fingerprint0A:A4:D0:7F:93:9A:9F:3F:60:1E:43:60:FE:DD:6D:56:5E:54:4E:22
ValidityTue, 31 Dec 2024 23:34:31 GMT - Tue, 01 Apr 2025 00:34:24 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (13292 bytes)
Hash
d6b87ceb00c5c1febf8e618a343d66aa
86cedf2ff7501c4ae5661e26b22a4f4c1ae2fe83
42f46f48c9d9c5d7d6037ad973cdecc6359d34f3ce3fdf83363c00478904acb7

HTTP Headers

GET /wp-content/themes/studyfinds-2021/assets/images/StudyFinds-Gold-Logo.png HTTP/1.1
Host: studyfinds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 24 Feb 2025 02:29:59 GMT
content-type: image/webp
content-length: 13292
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=15990
content-disposition: inline; filename="StudyFinds-Gold-Logo.webp"
etag: "62fdd63e-3e76"
last-modified: Thu, 18 Aug 2022 06:03:42 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 916c07f5eb5c7127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

studyfinds.org/wp-content/themes/studyfinds-2021/assets/images/sflogo.png

172.67.147.32

200 OK

2.1 kB

URL GET HTTP/3
studyfinds.org/wp-content/themes/studyfinds-2021/assets/images/sflogo.png
IP
172.67.147.32:443
ASN
#13335 CLOUDFLARENET

Requested by
http://beatsthealternative.me/
Certificate
IssuerGoogle Trust Services
Subjectstudyfinds.org
Fingerprint0A:A4:D0:7F:93:9A:9F:3F:60:1E:43:60:FE:DD:6D:56:5E:54:4E:22
ValidityTue, 31 Dec 2024 23:34:31 GMT - Tue, 01 Apr 2025 00:34:24 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2146 bytes)
Hash
1185ee0f592d9e9a42e71788973e23dc
b61b9f4f26f8243479a20644358da8ed96636a58
289c6f36134b2310ce02c969baaaf6f8f50ed5df406300c961332b7cc2501e86

HTTP Headers

GET /wp-content/themes/studyfinds-2021/assets/images/sflogo.png HTTP/1.1
Host: studyfinds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 24 Feb 2025 02:29:59 GMT
content-type: image/webp
content-length: 2146
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2780
content-disposition: inline; filename="sflogo.webp"
etag: "62fdd6a6-adc"
last-modified: Thu, 18 Aug 2022 06:05:26 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 916c07f5eb5e7127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

beatsthealternative.me/png/cropped-site-icon-1-1-32x32.png

34.92.98.45

200 OK

2.6 kB

URL GET HTTP/1.1
beatsthealternative.me/png/cropped-site-icon-1-1-32x32.png
IP
34.92.98.45:80
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://beatsthealternative.me/

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2621 bytes)
Hash
30a3ee83158c76ac0ffbb16791754b40
26cbf40d0c38aabf8c606e6d681c7118601fcea4
b6a9b379b07897e8d90e8d80618158b6f66a4fdd558a2ed4c4d40d770f3c12c8

HTTP Headers

GET /png/cropped-site-icon-1-1-32x32.png HTTP/1.1
Host: beatsthealternative.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:29:59 GMT
Content-Type: image/png
Last-Modified: Thu, 18 Aug 2022 14:45:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62fe5080-a21"
Expires: Wed, 26 Mar 2025 02:29:59 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

beatsthealternative.me/png/cropped-site-icon-1-1-192x192.png

34.92.98.45

200 OK

41 kB

URL GET HTTP/1.1
beatsthealternative.me/png/cropped-site-icon-1-1-192x192.png
IP
34.92.98.45:80
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://beatsthealternative.me/

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
41 kB (41341 bytes)
Hash
aa32a7fb2c6a69e560c13d7e8fd7e33b
d3839cf15419eea2203d0336506df413f8a579d9
43991436d384103f781af56c650c9f94df8eff1ab97b3e782ff255d98d330601

HTTP Headers

GET /png/cropped-site-icon-1-1-192x192.png HTTP/1.1
Host: beatsthealternative.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:29:59 GMT
Content-Type: image/png
Last-Modified: Thu, 18 Aug 2022 15:15:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62fe579c-a15c"
Expires: Wed, 26 Mar 2025 02:29:59 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

kjw-1688.com/webapp/js/lib/Sortable.min.js

34.150.30.15

200 OK

0 B

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/Sortable.min.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/Sortable.min.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
content-length: 0
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
etag: "67b0534a-0"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/jquery.async.js

34.150.30.15

200 OK

902 B

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/jquery.async.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, ASCII text, with very long lines (902), with no line terminators
Size
902 B (902 bytes)
Hash
2e3cd10cd7579756c32b479d018996ce
f802c0231c81b061352b3c7bb4c64c143ce353f2
9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/jquery.async.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
content-length: 902
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
etag: "67b0534a-386"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

beatsthealternative.me/index-4.html

34.92.98.45

200 OK

89 kB

URL GET HTTP/1.1
beatsthealternative.me/index-4.html
IP
34.92.98.45:80
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://beatsthealternative.me/

File type
HTML document, ASCII text, with very long lines (21415), with CRLF, LF line terminators
Size
89 kB (89436 bytes)
Hash
3baf62c35f32ddcf6fe4ff236caba497
b11ff0d316cc19a2990d229b30bf0498273c8d58
bfb9c07baa01182e20e151e17aeb9c1f012e3ea80973ad79f187c9480e81b588

HTTP Headers

GET /index-4.html HTTP/1.1
Host: beatsthealternative.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Feb 2025 02:30:00 GMT
Content-Type: text/html
Last-Modified: Mon, 11 Mar 2024 19:34:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65ef5cd8-431fb"
Content-Encoding: gzip

kjw-1688.com/webapp/js/local/ssc/head_aozxy5.js

34.150.30.15

200 OK

338 B

URL GET HTTP/2
kjw-1688.com/webapp/js/local/ssc/head_aozxy5.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, ASCII text, with very long lines (338), with no line terminators
Size
338 B (338 bytes)
Hash
c3261b46b0ab83708346a608d8c628ce
39835e5d93ce2c5473c7375d9e4492878e598081
a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/local/ssc/head_aozxy5.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
content-length: 338
last-modified: Sat, 15 Feb 2025 08:41:54 GMT
etag: "67b05352-152"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

kjw-1688.com/webapp/html/public/footer.html

34.150.30.15

200 OK

192 B

URL GET HTTP/2
kjw-1688.com/webapp/html/public/footer.html
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
192 B (192 bytes)
Hash
66d3f1af3dfa64216635d7720e94ef02
0afa473809ba267b779a39113cd5d155b6675a61
c039506c439c3e932f744e35138d9899e5a71da8e10187f5ebb5a44b737d00ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/html/public/footer.html HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:01 GMT
content-type: text/html
content-length: 192
last-modified: Sat, 15 Feb 2025 08:41:44 GMT
etag: "67b05348-c0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

kjw-1688.com/webapp/img/bg_icon.png

34.150.30.15

200 OK

16 kB

URL GET HTTP/2
kjw-1688.com/webapp/img/bg_icon.png
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15798 bytes)
Hash
c6b2f0959336c157927baf6b15d79083
54661c1372b20709b9a49dc2df8fb007bbe6b959
09960a3f473f52668e873d335b6bb1c41c8579baf742fb4b8eced72dd1589ba2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/img/bg_icon.png HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/css/public.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:01 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 07:37:52 GMT
vary: Accept-Encoding
etag: W/"67b04450-3c2a"
expires: Wed, 26 Mar 2025 02:30:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/local/ssc/index.js

34.150.30.15

200 OK

18 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/local/ssc/index.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
gzip compressed data, from Unix
Size
18 kB (17563 bytes)
Hash
8723d2c91853deabf5ee68c4aca21a25
8d93437932a29222081a2c210176774804445b90
e6c1914b6f32e9ef7e9d9d28322021e2aa10429484b062d966a8fe55f8b30dd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/local/ssc/index.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:54 GMT
vary: Accept-Encoding
etag: W/"67b05352-13afa"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/iscroll.js

34.150.30.15

200 OK

20 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/iscroll.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, ASCII text, with very long lines (19891), with no line terminators
Size
20 kB (19891 bytes)
Hash
3249e269b6bf59a9596ff4dd4908bd74
16f804a74f66585bf01bb2217997a2a4ff0c4a23
3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/iscroll.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
vary: Accept-Encoding
etag: W/"67b0534a-4db3"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

studyfinds.org/wp-content/themes/studyfinds-2021/assets/icons/caret-right-white.svg

172.67.147.32

200 OK

493 B

URL GET HTTP/3
studyfinds.org/wp-content/themes/studyfinds-2021/assets/icons/caret-right-white.svg
IP
172.67.147.32:443
ASN
#13335 CLOUDFLARENET

Requested by
http://beatsthealternative.me/
Certificate
IssuerGoogle Trust Services
Subjectstudyfinds.org
Fingerprint0A:A4:D0:7F:93:9A:9F:3F:60:1E:43:60:FE:DD:6D:56:5E:54:4E:22
ValidityTue, 31 Dec 2024 23:34:31 GMT - Tue, 01 Apr 2025 00:34:24 GMT

File type
SVG Scalable Vector Graphics image
Size
493 B (493 bytes)
Hash
94c079e34226937b16a6a1dd02388a3c
9c90bc5938a1e30d46d26d7bfb256112e5226aad
dec7f0ce92f287dada54ce962d376dd8b0a6915d6217616abb7caaf6626df48d

HTTP Headers

GET /wp-content/themes/studyfinds-2021/assets/icons/caret-right-white.svg HTTP/1.1
Host: studyfinds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 24 Feb 2025 02:29:59 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 18 Aug 2022 06:11:37 GMT
etag: W/"62fdd819-1ed"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
priority: u=4,i=?0
server: cloudflare
cf-ray: 916c07f5eb5a7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

kjw-1688.com/webapp/js/local/tools/tools.js

34.150.30.15

200 OK

102 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/local/tools/tools.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type

Size
102 kB (102410 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/local/tools/tools.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:54 GMT
vary: Accept-Encoding
etag: W/"67b05352-1900a"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/html/public/head.html

34.150.30.15

200 OK

1.3 kB

URL GET HTTP/2
kjw-1688.com/webapp/html/public/head.html
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1483), with no line terminators
Size
1.3 kB (1330 bytes)
Hash
7c76a98f6b882b013109464ad87fdc36
5c4089c2e838d59ffa1c0f949ca0b736a290e068
8a5769163a9927f9a49015e94d23d381f10a876fab5f896299b34490a9afa8f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/html/public/head.html HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:01 GMT
content-type: text/html
last-modified: Sat, 15 Feb 2025 08:41:44 GMT
vary: Accept-Encoding
etag: W/"67b05348-532"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/drawLines.js

34.150.30.15

200 OK

25 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/drawLines.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, ASCII text, with very long lines (24891), with no line terminators
Size
25 kB (24891 bytes)
Hash
7db0502baf867aa0663475b899ffb19e
a69f4ef6ab52c62d9885dc55b733c8c37687383e
8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/drawLines.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
vary: Accept-Encoding
etag: W/"67b0534a-613b"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/date.js

34.150.30.15

200 OK

7.9 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/date.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8365), with no line terminators
Size
7.9 kB (7901 bytes)
Hash
758fe44215ddc77c63945dd90fb28085
78f4fc6cd6d4cb8991433b036603ba8fcb024fdd
e7935b6279fcfc8627ffaa1de29f1ea0d52a5f0e02bf805466100db5d05dfc19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/date.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
vary: Accept-Encoding
etag: W/"67b0534a-1edd"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

api.api168168.com/parameters/getNoAdvertisingDomain.do

35.241.106.141

200 OK

1.8 kB

URL GET HTTP/2
api.api168168.com/parameters/getNoAdvertisingDomain.do
IP
35.241.106.141:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectapi.api168168.com
Fingerprint62:1E:85:D3:FB:14:29:F9:1D:02:CE:EF:6D:CB:DC:36:A2:56:2A:D7
ValidityWed, 05 Feb 2025 21:35:42 GMT - Tue, 06 May 2025 21:35:41 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (2087), with no line terminators
Size
1.8 kB (1841 bytes)
Hash
1662b969dfd247fa91b27b37bf38b5fb
ff63e7c13738aabbfd5bcd31b40c9ed0d3d76fca
b7e96f4de008bb4e24508dfb07abc416115fcd3c4ccbd6337d4be54758c476ed

HTTP Headers

GET /parameters/getNoAdvertisingDomain.do HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw-1688.com
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:02 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw-1688.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

api.api168168.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010

35.241.106.141

200 OK

643 B

URL GET HTTP/2
api.api168168.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
IP
35.241.106.141:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectapi.api168168.com
Fingerprint62:1E:85:D3:FB:14:29:F9:1D:02:CE:EF:6D:CB:DC:36:A2:56:2A:D7
ValidityWed, 05 Feb 2025 21:35:42 GMT - Tue, 06 May 2025 21:35:41 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (715), with no line terminators
Size
643 B (643 bytes)
Hash
616b2e3ec9211187f88bfd0a47f2952e
713f4dba9b36b25883ead20c22793df50d3ea2ea
c32b63170530215842d3601a4c9ad1ae258f0fc4e6fc4ed9f01c80502f30577a

HTTP Headers

GET /CQShiCai/queryDoubleNumber.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw-1688.com
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:02 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw-1688.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kjw-1688.com/webapp/img/cltj_img/px10obj.png

34.150.30.15

200 OK

2.9 kB

URL GET HTTP/2
kjw-1688.com/webapp/img/cltj_img/px10obj.png
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
PNG image data, 111 x 101, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2874 bytes)
Hash
5025c85c1772aadbb3e53f953913d3bc
fb7fb9939693929455b21cabd3f99b7b4761d39a
124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/img/cltj_img/px10obj.png HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/css/pk10.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:01 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 07:37:54 GMT
vary: Accept-Encoding
etag: W/"67b04452-b3a"
expires: Wed, 26 Mar 2025 02:30:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/css/common.css

34.150.30.15

200 OK

4.0 kB

URL GET HTTP/2
kjw-1688.com/webapp/css/common.css
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
ASCII text, with very long lines (4420), with no line terminators
Size
4.0 kB (3953 bytes)
Hash
0605f9bdbab19a236d3dc70d20f53c0e
15b2f3950cb213239caa8c4f908e3411e9fa926e
3b96a62ebf3b7e6017dbd136b408786dde6c22667093a0fbb55d637ee082de56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/css/common.css HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 07:37:40 GMT
vary: Accept-Encoding
etag: W/"67b04444-f71"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/config.js

34.150.30.15

200 OK

9.3 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/config.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10124), with no line terminators
Size
9.3 kB (9252 bytes)
Hash
8307403eddb10c18cf9c2c84041c73af
6afb44dd530976d0d60526bfe6bcc6015003e604
78308f5246143f855e71022a84b40014bd765a40e02a3b1a448f3dc5199d0760

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/config.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
vary: Accept-Encoding
etag: W/"67b0534a-2424"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

api.api168168.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010

35.241.106.141

200 OK

195 B

URL GET HTTP/2
api.api168168.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
IP
35.241.106.141:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectapi.api168168.com
Fingerprint62:1E:85:D3:FB:14:29:F9:1D:02:CE:EF:6D:CB:DC:36:A2:56:2A:D7
ValidityWed, 05 Feb 2025 21:35:42 GMT - Tue, 06 May 2025 21:35:41 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Size
195 B (195 bytes)
Hash
4b42b145dcc1ea7b627bf9458d9ec6bf
1b49cbd95f30ebf915925b3b9579d6fc21e88ed3
58b18751785537958ac33d076bf371998819226859a272e379fc4e51f989a938

HTTP Headers

GET /CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw-1688.com
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:03 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw-1688.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kjw-1688.com/webapp/html/aozxy5/index.html

34.150.30.15

200 OK

36 kB

URL GET HTTP/2
kjw-1688.com/webapp/html/aozxy5/index.html
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://beatsthealternative.me/
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type

Size
36 kB (35500 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/html/aozxy5/index.html HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://beatsthealternative.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: text/html
last-modified: Sat, 15 Feb 2025 08:41:44 GMT
vary: Accept-Encoding
etag: W/"67b05348-8aac"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/css/pk10.css

34.150.30.15

200 OK

22 kB

URL GET HTTP/2
kjw-1688.com/webapp/css/pk10.css
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
ASCII text, with CRLF line terminators
Size
22 kB (21500 bytes)
Hash
4ad2a39088656d3fbc9a8695463fb540
c736fced00b9a629bb98d61e8e662394ff2afe53
ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/css/pk10.css HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 07:37:40 GMT
vary: Accept-Encoding
etag: W/"67b04444-53fc"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/jquery-1.9.1.js

34.150.30.15

200 OK

93 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/jquery-1.9.1.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type

Size
93 kB (93015 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/jquery-1.9.1.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
vary: Accept-Encoding
etag: W/"67b0534a-16b57"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/js/lib/pk10BaseTrend.js

34.150.30.15

200 OK

6.7 kB

URL GET HTTP/2
kjw-1688.com/webapp/js/lib/pk10BaseTrend.js
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
JavaScript source, ASCII text, with very long lines (6987), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
6644b827e8687b73babbe50fb85d64f4
9b3732a81cc511bacd3940dedd2f78efc4f1fb15
5ce42749f0c7c814678e639d66856df43447576763d34791be68d300946f4489

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/js/lib/pk10BaseTrend.js HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2025 08:41:46 GMT
vary: Accept-Encoding
etag: W/"67b0534a-1a2d"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/css/public.css

34.150.30.15

200 OK

23 kB

URL GET HTTP/2
kjw-1688.com/webapp/css/public.css
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
ASCII text
Size
23 kB (22956 bytes)
Hash
7c54605cb3f71748fb879ee8e6b705ee
f8c8be00cc570ee35564f543357034e6addd2500
5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/css/public.css HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 07:37:40 GMT
vary: Accept-Encoding
etag: W/"67b04444-59ac"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

api.api168168.com/CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010

35.241.106.141

200 OK

955 B

URL GET HTTP/2
api.api168168.com/CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010
IP
35.241.106.141:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectapi.api168168.com
Fingerprint62:1E:85:D3:FB:14:29:F9:1D:02:CE:EF:6D:CB:DC:36:A2:56:2A:D7
ValidityWed, 05 Feb 2025 21:35:42 GMT - Tue, 06 May 2025 21:35:41 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1055), with no line terminators
Size
955 B (955 bytes)
Hash
cdfab378010657adcaefc9e79143ab7e
0355d9a68b8406f2b08147a3bcf903be39e58962
6e3fbc5be5768e228700eb475a6e367c2fda46b49f1b9328776db050a2103b18

HTTP Headers

GET /CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw-1688.com
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:03 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw-1688.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kjw-1688.com/webapp/css/ssc_newVersion.css

34.150.30.15

200 OK

22 kB

URL GET HTTP/2
kjw-1688.com/webapp/css/ssc_newVersion.css
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type

Size
22 kB (22385 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/css/ssc_newVersion.css HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 07:37:42 GMT
vary: Accept-Encoding
etag: W/"67b04446-5771"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/img/haomaimg.png

34.150.30.15

200 OK

182 kB

URL GET HTTP/2
kjw-1688.com/webapp/img/haomaimg.png
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
PNG image data, 1204 x 600, 8-bit/color RGBA, non-interlaced
Size
182 kB (182417 bytes)
Hash
e2e251464ed0269900791e37a8557086
f26741ef593f9fa19c145d34a1d90b70ee90fe26
2cd69edba71483d88d9663a598f00d975a52b3a8a8422e7c9d50fd1ac3f0464b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/img/haomaimg.png HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/css/public.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:01 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 07:37:52 GMT
vary: Accept-Encoding
etag: W/"67b04450-2c891"
expires: Wed, 26 Mar 2025 02:30:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/css/ssc_index_add.css

34.150.30.15

200 OK

22 kB

URL GET HTTP/2
kjw-1688.com/webapp/css/ssc_index_add.css
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type

Size
22 kB (21928 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/css/ssc_index_add.css HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:00 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 07:37:42 GMT
vary: Accept-Encoding
etag: W/"67b04446-55a8"
expires: Mon, 24 Feb 2025 14:30:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kjw-1688.com/webapp/img/cltj_img/icon-168index.png

34.150.30.15

200 OK

29 kB

URL GET HTTP/2
kjw-1688.com/webapp/img/cltj_img/icon-168index.png
IP
34.150.30.15:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectwww.kjw-1688.com
Fingerprint68:47:00:68:0B:13:79:08:18:54:75:0F:DC:2F:85:53:B6:E9:60:D6
ValiditySat, 15 Feb 2025 07:45:13 GMT - Fri, 16 May 2025 07:45:12 GMT

File type
PNG image data, 1000 x 213, 8-bit/color RGBA, non-interlaced
Size
29 kB (28721 bytes)
Hash
9cadfe91f4676d8abaefd706fd002c70
3c1f5c663282388d8fa739baf8dd77edcb5a82d0
cba1227e78513169698e2b0cf72cd24505429292ecdcb849a8f8f33b9ae5e1d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webapp/img/cltj_img/icon-168index.png HTTP/1.1
Host: kjw-1688.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/webapp/css/ssc_newVersion.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:01 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 07:37:54 GMT
vary: Accept-Encoding
etag: W/"67b04452-7031"
expires: Wed, 26 Mar 2025 02:30:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

api.api168168.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010

35.241.106.141

200 OK

53 kB

URL GET HTTP/2
api.api168168.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
IP
35.241.106.141:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://kjw-1688.com/webapp/html/aozxy5/index.html
Certificate
IssuerLet's Encrypt
Subjectapi.api168168.com
Fingerprint62:1E:85:D3:FB:14:29:F9:1D:02:CE:EF:6D:CB:DC:36:A2:56:2A:D7
ValidityWed, 05 Feb 2025 21:35:42 GMT - Tue, 06 May 2025 21:35:41 GMT

File type

Size
53 kB (52642 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw-1688.com
DNT: 1
Connection: keep-alive
Referer: https://kjw-1688.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 24 Feb 2025 02:30:02 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw-1688.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML