bjsayt.com Open in urlscan Pro
154.95.228.157 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bjsayt.com/list/84.html
Effective URL:
https://bjsayt.com/list/84.html
Submission: On August 30 via api (August 30th 2024, 9:17:22 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 33 HTTP transactions. The main IP is 154.95.228.157, located in Hong Kong and belongs to SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK. The main domain is bjsayt.com.
TLS certificate: Issued by R11 on July 27th 2024. Valid for: 3 months.

This is the only time bjsayt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: imToken (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
23	154.95.228.157 154.95.228.157	134175 (SH2206-AP...) (SH2206-AP UNIT A17)
1	217.198.191.72 217.198.191.72	21859 (ZEN-ECN) (ZEN-ECN)
1	111.45.3.198 111.45.3.198	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
1	156.237.140.196 156.237.140.196	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	8.212.139.121 8.212.139.121	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2606:4700:303... 2606:4700:3030::6815:b38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	7

23 154.95.228.157 (Hong Kong)

ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK)

bjsayt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.198.191.72 (Singapore)

ASN21859 (ZEN-ECN, US)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.237.140.196 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

flcpw999.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.212.139.121 (Manila, Philippines)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

imto1ken.oss-ap-southeast-6.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:b38 (United States)

ASN13335 (CLOUDFLARENET, US)

dl.im-dl.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	bjsayt.com bjsayt.com	890 KB
1	im-dl.shop dl.im-dl.shop
1	aliyuncs.com imto1ken.oss-ap-southeast-6.aliyuncs.com	1 KB
1	flcpw999.com flcpw999.com	311 B
1	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8226	175 B
1	51.la sdk.51.la — Cisco Umbrella Rank: 46121	13 KB
33	6

	Domain	Requested by
23	bjsayt.com	bjsayt.com
1	dl.im-dl.shop	imto1ken.oss-ap-southeast-6.aliyuncs.com
1	imto1ken.oss-ap-southeast-6.aliyuncs.com	flcpw999.com
1	flcpw999.com	bjsayt.com
1	hm.baidu.com	bjsayt.com
1	sdk.51.la	bjsayt.com
33	6

This site contains links to these domains. Also see Links.

Domain
www.shsmu.edu.cn
wsjkw.sh.gov.cn
beian.miit.gov.cn
www.thuni-h.com
shuniufx.com
zjrulei.com
tianyue-cn.com
www.zyindustry.com
m.szrichuang.com
www.aczna.com
www.wxshbzq.com
szxymdt.com
www.jieteedu.com
www.syrxw.com

Subject Issuer	Validity	Valid
bilburkhart.com R11	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
www.flcpw999.com R10	`2024-07-25` - `2024-10-23`	3 months	crt.sh
ap-southeast-6.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-11-27` - `2024-12-28`	a year	crt.sh
im-dl.shop WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bjsayt.com/list/84.html
Frame ID: 675CA27D39608F22B8CA57848CEB2521
Requests: 32 HTTP requests in this frame

Frame: https://dl.im-dl.shop/
Frame ID: 69EC5A456175720280376910300F01A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

党建风采-上海交通大学医学院附属松江医院

Page URL History Show full URLs

http://bjsayt.com/list/84.html HTTP 307
https://bjsayt.com/list/84.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

85 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

5
Countries

905 kB
Transfer

1516 kB
Size

2
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shsmu.edu.cn/sri/
Title: 松江研究院

Search URL Search Domain Scan URL

URL: https://wsjkw.sh.gov.cn/
Title: ●上海市卫生健康委员会

Search URL Search Domain Scan URL

URL: https://www.shsmu.edu.cn/
Title: ●上海交通大学医学院

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 沪ICP备16031303号-1

Search URL Search Domain Scan URL

URL: http://www.thuni-h.com/
Title: 华宇万户医疗

Search URL Search Domain Scan URL

URL: http://shuniufx.com/
Title: imtoken冷钱包下载

Search URL Search Domain Scan URL

URL: http://zjrulei.com/
Title: imtoken官网地址

Search URL Search Domain Scan URL

URL: http://tianyue-cn.com/
Title: imtoken钱包安卓下载

Search URL Search Domain Scan URL

URL: http://www.zyindustry.com/
Title: imToken安卓版下载网址

Search URL Search Domain Scan URL

URL: http://m.szrichuang.com/
Title: imtoken钱包手机安卓版下载

Search URL Search Domain Scan URL

URL: http://www.aczna.com/
Title: imtoken下载地址

Search URL Search Domain Scan URL

URL: http://www.wxshbzq.com/
Title: imtoken冷钱包下载

Search URL Search Domain Scan URL

URL: http://szxymdt.com/
Title: 如何下載imToken 官方錢包？

Search URL Search Domain Scan URL

URL: http://www.jieteedu.com/
Title: imToken安卓版下载官网

Search URL Search Domain Scan URL

URL: http://www.syrxw.com/
Title: imtoken安卓版官网下载

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bjsayt.com/list/84.html HTTP 307
https://bjsayt.com/list/84.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 84.html Show response
bjsayt.com/list/
Redirect Chain

http://bjsayt.com/list/84.html
https://bjsayt.com/list/84.html

28 KB
6 KB

868ms
322ms

Document
text/html

154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

16b84bc107bda976f91d1095d841ee415f24d2e52c3a86b4217c228ac91e4adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 30 Aug 2024 21:17:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Location: https://bjsayt.com/list/84.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
bjsayt.com/bs/css/ 205 KB
33 KB 581ms
578ms Stylesheet
text/css 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/bs/css/bootstrap.min.css

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

aa4e66e19a34ffef209eec6d3d17bc9de785ba771715e54bafc3dd490296bc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 swiper.min.css
bjsayt.com/css/ 13 KB
5 KB 303ms
300ms Stylesheet
text/css 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/css/swiper.min.css

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

67e54a2ad4686f2024e769df1f2f2d4ad53011cf2d83db0eec93729f995cc516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 animate.css
bjsayt.com/css/ 76 KB
6 KB 303ms
300ms Stylesheet
text/css 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/css/animate.css

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

0a7be73577960637b5069e500ebda68c23c2e24269fb810bf33f5228e2594e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cms.css
bjsayt.com/css/ 79 KB
14 KB 564ms
561ms Stylesheet
text/css 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/css/cms.css

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

30130ef93e9d9b3b6715281eeb61e0471eda776347c804404d4138cf050c2d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 RICHCMS.css
bjsayt.com/css/ 66 KB
13 KB 580ms
577ms Stylesheet
text/css 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/css/RICHCMS.css?v=3

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

7267ee53d9458e2b9e534f2dcba17f3c418f18005bf1fb686ba31277c089d4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.min.js Show response
bjsayt.com/js/ 87 KB
34 KB 580ms
578ms Script
application/javascript 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/js/jquery.min.js

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 swiper.min.js Show response
bjsayt.com/js/ 135 KB
40 KB 565ms
563ms Script
application/javascript 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/js/swiper.min.js

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

e800aed30a8828c4a05222cd836d21fdadf5c7ee908ae8931370224549d8f3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 dj.js Show response
bjsayt.com/ 430 B
591 B 264ms
262ms Script
application/javascript 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/dj.js

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

60566d2b0b994b3b54e73daa6dbaaa58fcce5b4cf55169bf8bc23f4af0ed3503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 21:17:15 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Feb 2024 12:45:02 GMT
server: nginx
etag: "65ddd94e-1ae"
content-type: application/javascript
accept-ranges: bytes
content-length: 430

GET
H2 404 yq.js
bjsayt.com/ 0
0 1103ms
1101ms Script
text/html 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL: https://bjsayt.com/yq.js
Requested by: Host: bjsayt.com
URL: https://bjsayt.com/list/84.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 21:17:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html;charset=utf-8

GET
H2 200 jquery-1.9.1.min.js Show response
bjsayt.com/sitefiles/assets/components/ 87 KB
34 KB 581ms
579ms Script
application/javascript 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/sitefiles/assets/components/jquery-1.9.1.min.js

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 21:17:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fa6a0526430de45d.png
bjsayt.com/upload/images/2024/1/ 19 KB
19 KB 581ms
579ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/upload/images/2024/1/fa6a0526430de45d.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

6d610217b5ab8c975b96b707bd759fc5e91a4d0a418ce7bdfc809cd34e8ac33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 271459c51429d879.png
bjsayt.com/upload/images/2021/12/ 59 KB
60 KB 580ms
578ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/upload/images/2021/12/271459c51429d879.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

b588a64029504e9a5fc0618cf6f041dcb347a3527b403f5f1a7cb870f60fa8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 7b50faabaee73d40.png
bjsayt.com/upload/images/2021/12/ 61 KB
61 KB 499ms
498ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/upload/images/2021/12/7b50faabaee73d40.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

ec47fd793fdd48091c3d0aaca10c1c668ee3f228d32545a5be2a10633de6f5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 3732755b3ad1d855.png
bjsayt.com/upload/images/2021/12/ 67 KB
67 KB 286ms
285ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/upload/images/2021/12/3732755b3ad1d855.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

16783cc31a3e969fde7b9e2a5a0ddd9c2823d67d85624cf5ab5d94d166340c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 290ms
274ms Script
text/plain 217.198.191.72
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: bjsayt.com
URL: https://bjsayt.com/list/84.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.198.191.72 , Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: volc-dcdn /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer: https://bjsayt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 21:15:54 GMT
Content-Encoding: gzip
via: n104-166-141-002.bdcdn-defra02.ToB
x-tt-trace-tag: id=5
Server: volc-dcdn
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
x-request-ip: 45.141.152.75
Cache-Control: no-store
Access-Control-Allow-Credentials: true
x-dsa-trace-id: 1725052636c80a9eb4f931762a621138fc81765203
Connection: keep-alive
server-timing: cdn-cache;desc=MISS, origin;dur=268, edge;dur=0
X-Dsa-Origin-Status: 200

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 0
175 B 789ms
302ms Script
text/plain 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?cao317c6449557fd68e3bd7441b9d76ab7c

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://bjsayt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 21:17:17 GMT
Strict-Transport-Security: max-age=172800
Server: apache
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2 200 win.js Show response
flcpw999.com/ 98 B
311 B 797ms
263ms Script
application/javascript 156.237.140.196
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://flcpw999.com/win.js

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/list/84.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

156.237.140.196 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 30 Aug 2024 21:17:17 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Aug 2024 12:05:05 GMT
server: nginx
etag: "66b605f1-62"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 98
expires: Sat, 31 Aug 2024 09:17:17 GMT

GET
H/1.1 200
OK win.js Show response
imto1ken.oss-ap-southeast-6.aliyuncs.com/ 3 KB
1 KB 698ms
217ms Script
application/javascript 8.212.139.121
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js
Requested by: Host: flcpw999.com
URL: https://flcpw999.com/win.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.212.139.121 Manila, Philippines, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 75db7796523ed5b0031b9bc28a6d84930249816fda8a52e6c0fcd068842d2b47

Request headers

Referer: https://bjsayt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 30 Aug 2024 21:17:17 GMT
Content-Encoding: gzip
x-oss-request-id: 66D236DD0DA1A13233FED079
Content-MD5: nkfOCqhYHQOT9TTs1xeHGA==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Fri, 09 Aug 2024 16:06:49 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2318945258715581409
x-oss-server-time: 1

GET
H3 200 /
dl.im-dl.shop/ Frame 69EC 0
0 1074ms
1063ms Document
text/html 2606:4700:3030::6815:b38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.im-dl.shop/

Requested by

Host: imto1ken.oss-ap-southeast-6.aliyuncs.com
URL: https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:b38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bb7ce8b9c8c9bfb-FRA
content-encoding: br
content-type: text/html
date: Fri, 30 Aug 2024 21:17:19 GMT
last-modified: Wed, 03 Apr 2024 05:45:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFMmzKuhVBpxgLSfdkEZ2ng333lRuCJqBWjYCaFGPHBdNvwReYsAUNxiGcqPtiDvpDethTou7HhXTOUvhyMGHiv5KwRmWP%2BSeaaDXcuMkxQ4B4qSEfpitGwL8KphpVobdwES133eaFBKvDaF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET yq.js
bjsayt.com/ 0
0

GET jquery-1.9.1.min.js
bjsayt.com/sitefiles/assets/components/ 0
0

GET dj.js
bjsayt.com/ 0
0

GET yq.js
bjsayt.com/ 0
0

GET js-sdk-pro.min.js
sdk.51.la/ 0
0

GET
H2 200 sousuo.png
bjsayt.com/images/ 916 B
1 KB 286ms
286ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/sousuo.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/RICHCMS.css?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

6dcd56526a8c209c4b526832d7414b1da416a3b0bd78435ccbe87ec92c072906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/RICHCMS.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 ban_bj.jpg
bjsayt.com/images/ 482 KB
483 KB 290ms
290ms Image
image/jpg 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/ban_bj.jpg

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/cms.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

7c5b64889c225178dc7bc6a2a27fa50f0ce351409385ed5e8fa1b2097a64a21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/cms.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/jpg

GET
H2 200 ft1.png
bjsayt.com/images/ 2 KB
3 KB 287ms
286ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/ft1.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/RICHCMS.css?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

5fbe0b33abd8e4eb3f66cbe8181dabcf566acbdd21c415ef87235af5ec1d51c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/RICHCMS.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 ft2.png
bjsayt.com/images/ 2 KB
2 KB 818ms
817ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/ft2.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/RICHCMS.css?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

f075a76a34c9594d77c39dd78ca2e3838326c0a3e7f3b822e9e7c784e6df8d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/RICHCMS.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 ft3.png
bjsayt.com/images/ 2 KB
2 KB 821ms
820ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/ft3.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/RICHCMS.css?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

268289bbe6b8edbe46bd642942d3905faedc48c6d32ad4d08025afd3b0050de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/RICHCMS.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 ft4.png
bjsayt.com/images/ 1 KB
1 KB 820ms
819ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/ft4.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/RICHCMS.css?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

5d5ab8b9e4449420debcd0f23cabe3d35e16d0d44712744b051a51e34ac6dc4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/RICHCMS.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 oa.png
bjsayt.com/images/ 924 B
1 KB 818ms
818ms Image
image/png 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjsayt.com/images/oa.png

Requested by

Host: bjsayt.com
URL: https://bjsayt.com/css/RICHCMS.css?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

2ce2c25b044273f599e88a5e23053554f2f18aa3b0a44445de81df18b29993a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/css/RICHCMS.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Fri, 30 Aug 2024 21:17:18 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 favicon.ico
bjsayt.com/ 4 KB
4 KB 264ms
263ms Other
image/x-icon 154.95.228.157
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL

https://bjsayt.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.95.228.157 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),

Reverse DNS

Software

nginx /

Resource Hash

5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bjsayt.com/list/84.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 21:17:21 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 31 Oct 2023 09:58:50 GMT
server: nginx
etag: "6540cfda-10be"
content-type: image/x-icon
accept-ranges: bytes
content-length: 4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bjsayt.com
URL: https://bjsayt.com/yq.js

Domain: bjsayt.com
URL: https://bjsayt.com/sitefiles/assets/components/jquery-1.9.1.min.js

Domain: bjsayt.com
URL: https://bjsayt.com/dj.js

Domain: bjsayt.com
URL: https://bjsayt.com/yq.js

Domain: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: imToken (Crypto)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bjsayt.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8c6bjdmhllg6aj9grcs0mdeo72
			.im-dl.shop/	1970-01-21 07:56:28	Name: cf_clearance Value: SaT7JpbwZKStXGberdRPvyhSnfHN7nTZo.UbSoMQLpg-1725052640-1.2.1.1-r3YfEWxQ0BPtTJnhDTnRQg9OHe93k5WeWLr35zACc7RIgqWXhejWPAVXjnqRs_6pwQ3Fygk1tc.YmRBh_I.P9rsok9vuoVAVGdxcM4OZhM0R4lPs7_dyW8vO7uHILo8Jz6Au2bn37QevFQzOY8IPiOWBBOIlq8qs6rzPCk1lNvsUMeqTWZ5aXI93_nmRg._Gq9j7uWaL1APTpKAXeGzqZ1SX8tmD8504_m4bchs9N3zQk6xsQiMUIICtXY6iUk2JSq50wycUg9.l7J81.tKPzPgBhOsRSyQAXPaW3aQE9W98vGdQMS7aP0upke1telwmQTNvXcOxE8dzLbUyDMrLi82lGEwAII_Rsy6sGs944Va03QdRK_Vg7leDIuja0CzRbCLvyw1bR3gyg_.Ay2y_Wg

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://flcpw999.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://flcpw999.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://bjsayt.com/yq.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://flcpw999.com/win.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://flcpw999.com/win.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://bjsayt.com/list/84.html Message: Refused to load the script 'https://bjsayt.com/yq.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://bjsayt.com/list/84.html Message: Refused to load the script 'https://bjsayt.com/sitefiles/assets/components/jquery-1.9.1.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://bjsayt.com/list/84.html(Line 290) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-xvpjw+ZoR4kUoTO7/sBToPUnNz023FSWS9OVxm8pCQs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://bjsayt.com/list/84.html(Line 350) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-D8RZXB1bxZeXt0fGmGb8P1TzhyBSnOkOJDkyAbKmdJY='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://bjsayt.com/list/84.html(Line 388) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-D8RZXB1bxZeXt0fGmGb8P1TzhyBSnOkOJDkyAbKmdJY='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://bjsayt.com/list/84.html(Line 569) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-8HaAJ/hi8bp9kL/JHIx3du53OFsNdFvVXY6WJrIifPg='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://bjsayt.com/list/84.html Message: Refused to load the script 'https://bjsayt.com/dj.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://bjsayt.com/list/84.html Message: Refused to load the script 'https://bjsayt.com/yq.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://bjsayt.com/list/84.html Message: Refused to load the script 'https://sdk.51.la/js-sdk-pro.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://bjsayt.com/list/84.html(Line 584) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-QMcm1/1Bgujo2tL+7qFW1bo6BKXlD/6oOHojAcs4Ih4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://bjsayt.com/list/84.html(Line 586) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-5FBLq0M3CKxVRYNYfiJbCUkPlVwrs5C2JhFnt4UPWrs='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bjsayt.com
dl.im-dl.shop
flcpw999.com
hm.baidu.com
imto1ken.oss-ap-southeast-6.aliyuncs.com
sdk.51.la
bjsayt.com
sdk.51.la
111.45.3.198
154.95.228.157
156.237.140.196
217.198.191.72
2606:4700:3030::6815:b38
8.212.139.121
0a7be73577960637b5069e500ebda68c23c2e24269fb810bf33f5228e2594e41
16783cc31a3e969fde7b9e2a5a0ddd9c2823d67d85624cf5ab5d94d166340c91
16b84bc107bda976f91d1095d841ee415f24d2e52c3a86b4217c228ac91e4adb
268289bbe6b8edbe46bd642942d3905faedc48c6d32ad4d08025afd3b0050de4
2ce2c25b044273f599e88a5e23053554f2f18aa3b0a44445de81df18b29993a4
30130ef93e9d9b3b6715281eeb61e0471eda776347c804404d4138cf050c2d3d
373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4
5d5ab8b9e4449420debcd0f23cabe3d35e16d0d44712744b051a51e34ac6dc4a
5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512
5fbe0b33abd8e4eb3f66cbe8181dabcf566acbdd21c415ef87235af5ec1d51c2
60566d2b0b994b3b54e73daa6dbaaa58fcce5b4cf55169bf8bc23f4af0ed3503
67e54a2ad4686f2024e769df1f2f2d4ad53011cf2d83db0eec93729f995cc516
6d610217b5ab8c975b96b707bd759fc5e91a4d0a418ce7bdfc809cd34e8ac33e
6dcd56526a8c209c4b526832d7414b1da416a3b0bd78435ccbe87ec92c072906
7267ee53d9458e2b9e534f2dcba17f3c418f18005bf1fb686ba31277c089d4dd
75db7796523ed5b0031b9bc28a6d84930249816fda8a52e6c0fcd068842d2b47
7c5b64889c225178dc7bc6a2a27fa50f0ce351409385ed5e8fa1b2097a64a21d
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
aa4e66e19a34ffef209eec6d3d17bc9de785ba771715e54bafc3dd490296bc6f
b588a64029504e9a5fc0618cf6f041dcb347a3527b403f5f1a7cb870f60fa8d4
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e800aed30a8828c4a05222cd836d21fdadf5c7ee908ae8931370224549d8f3d6
ec47fd793fdd48091c3d0aaca10c1c668ee3f228d32545a5be2a10633de6f5b2
f075a76a34c9594d77c39dd78ca2e3838326c0a3e7f3b822e9e7c784e6df8d6e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

bjsayt.com Open in urlscan Pro 154.95.228.157 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

85 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

7 IPs

5 Countries

905 kBTransfer

1516 kBSize

2 Cookies

15 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bjsayt.com Open in urlscan Pro
154.95.228.157 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

85 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

5
Countries

905 kB
Transfer

1516 kB
Size

2
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!