urlscan.io logo urlscan.io
SecurityTrails logo

www.bj949.com Open in urlscan Pro
154.64.206.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://win55123.com/
Effective URL: https://www.bj949.com:9300/index
Submission: On September 16 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 24 HTTP transactions. The main IP is 154.64.206.35, located in Tokyo, Japan and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is www.bj949.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 8th 2024. Valid for: 3 months.
This is the only time www.bj949.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.168.209 13335 (CLOUDFLAR...)
2 199.91.74.209 21859 (ZEN-ECN)
8 154.64.206.35 140224 (SGPL-AS-A...)
1 142.251.40.200 15169 (GOOGLE)
7 104.21.17.97 13335 (CLOUDFLAR...)
1 142.250.80.110 15169 (GOOGLE)
24 7
2    172.67.168.209 (United States)

ASN13335 (CLOUDFLARENET, US)
win55123.com
2    199.91.74.209 (Mexico)

ASN21859 (ZEN-ECN, US)
sdk.51.la
collect-v6.51.la
8    154.64.206.35 (Tokyo, Japan)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
www.bj949.com
1    142.251.40.200 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f8.1e100.net
www.googletagmanager.com
7    104.21.17.97 (None, )

ASN13335 (CLOUDFLARENET, US)
tus5r4front-cf.cf-holiday32.com
1    142.250.80.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 bj949.com
www.bj949.com
48 KB
7 cf-holiday32.com
tus5r4front-cf.cf-holiday32.com
387 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 43764
collect-v6.51.la — Cisco Umbrella Rank: 51304
34 KB
2 win55123.com
win55123.com
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
96 KB
0 doefa88uid.com Failed
tus5r4front-cf.doefa88uid.com Failed
0 xianzhaoquan.com Failed
tus5r4front.xianzhaoquan.com Failed
0 owproofing.com Failed
tus5r4front.owproofing.com Failed
24 9
Domain Requested by
8 www.bj949.com win55123.com
www.bj949.com
7 tus5r4front-cf.cf-holiday32.com www.bj949.com
2 win55123.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.bj949.com
1 collect-v6.51.la sdk.51.la
1 sdk.51.la win55123.com
0 tus5r4front-cf.doefa88uid.com Failed www.bj949.com
0 tus5r4front.xianzhaoquan.com Failed www.bj949.com
0 tus5r4front.owproofing.com Failed www.bj949.com
24 10

This site contains no links.

Subject Issuer Validity Valid
win55123.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.51.la
Sectigo RSA Domain Validation Secure Server CA		 2024-05-14 -
2025-05-14		 a year crt.sh
bj949.com
ZeroSSL RSA Domain Secure Site CA		 2024-08-08 -
2024-11-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
cf-holiday32.com
WE1		 2024-07-22 -
2024-10-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bj949.com:9300/index
Frame ID: 07646905AC526FA981E842FCD0164A66
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://win55123.com/ Page URL
  2. https://www.bj949.com:9300/index Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

88 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

567 kB
Transfer

4055 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://win55123.com/ Page URL
  2. https://www.bj949.com:9300/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
win55123.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win55123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.168.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nginx
Resource Hash
cbbb5d9503801a2a46dd2c4c1bf0e08e2a63c5b838f02965eea03d283b02a267

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c3dd9766937abd3-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 03:42:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtnB73v4D%2Fx1%2F%2BU1l07a6AOWisjeN%2FQeVjM3Yka8oo9vyONXa9UEq3AZKYd9Ng8Y%2BIxOAxaLWtwDiIcahGeNYi3t%2BX4uW%2FlQ4DZB2jZ7vwngiQ8r65dF42PuGcFGqGg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Nginx
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: win55123.com
URL: https://win55123.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.209 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer
https://win55123.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:42:59 GMT
via
LA-MEX-queretaro-EDGE2-CACHE4[225],LA-MEX-queretaro-EDGE2-CACHE4[ovl,224],CHN-HElangfang-GLOBAL6-CACHE51[ovl,17]
server
openresty
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
x-ccdn-req-id-46b1
20cee3cde426338c6d4170d8c511a046
collect
collect-v6.51.la/v6/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.209 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://win55123.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:01 GMT
via
LA-MEX-queretaro-EDGE2-CACHE4[239],LA-MEX-queretaro-EDGE2-CACHE4[ovl,236]
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
https://win55123.com
access-control-allow-credentials
true
x-ccdn-req-id-46b1
23dc2f18e7b7b87f337521797c58a7b6
content-length
0
favicon.ico
win55123.com/ 		0
310 B 		Other
General
Check archive.org
Download Go to
Full URL
https://win55123.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.168.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nginx
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win55123.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:00 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnmx3R3RP%2Fw%2Fe7z1gOJvpBXT%2BjDzSv0T7ZnNZHKl59pFgY6%2B0kS9RKcLlGvIAw8CbLmire8uxwEmfvjBUCd4YHZk8LmTRCxMF%2FqT8RaotJQwEVGBMKjaL9Ia3FnKGgM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8c3dd988deedabd3-YYZ
alt-svc
h3=":443"; ma=86400
Primary Request index
www.bj949.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/index
Requested by
Host: win55123.com
URL: https://win55123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
6ed534158db8163af0e719292bce2929318d90633b67bda4d75b2e196fb64ad3

Request headers

Referer
https://win55123.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 16 Sep 2024 03:43:02 GMT
etag
W/"66e3a4f9-24bd"
last-modified
Fri, 13 Sep 2024 02:35:37 GMT
magic_string
178aa526b36126fd25b8d3446d0c1d25
servers
Tengine/1.15.1
timing-allow-origin
*
vary
Accept-Encoding
element.css
www.bj949.com/plugins/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/plugins/element.css
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
6ed534158db8163af0e719292bce2929318d90633b67bda4d75b2e196fb64ad3

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:02 GMT
content-encoding
gzip
last-modified
Fri, 13 Sep 2024 02:35:48 GMT
etag
W/"66e3a504-24bd"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cdn-cache
HIT
servers
Tengine/1.15.1
timing-allow-origin
*
pinyin_dict_notone.js
www.bj949.com/js/ 		26 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/js/pinyin_dict_notone.js
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
50a6831640844fdab8fba89d4d0426d4bb9855a8cc84eea1913f37742c1d6f54

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 06:45:26 GMT
etag
W/"64ddc206-6671"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
servers
Tengine/1.15.1
timing-allow-origin
*
pinyinUtil.js
www.bj949.com/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/js/pinyinUtil.js
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
71918f59f8e9e1fd76764e58050830e54aa615d621e4496482c105ec4a073b6d

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 06:46:36 GMT
etag
W/"64ddc24c-2bf5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
servers
Tengine/1.15.1
timing-allow-origin
*
index.js
www.bj949.com/config/ 		207 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/config/index.js
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
1aa2cf66cdd7783fb4bbe45faf46ed83fc707d427174413365a0fd6a64867d72

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:02 GMT
last-modified
Thu, 17 Aug 2023 06:46:36 GMT
etag
"64ddc24c-cf"
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
servers
Tengine/1.15.1
accept-ranges
bytes
timing-allow-origin
*
content-length
207
J9EN.svg
www.bj949.com/loading/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bj949.com:9300/loading/J9EN.svg
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
2c47c9ccc85c8c0794921c576c883e3212fbfc9fc1a3d73969adc4ba1775e728

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:02 GMT
last-modified
Thu, 17 Aug 2023 06:46:12 GMT
etag
"64ddc234-442c"
content-type
image/svg+xml
access-control-allow-origin
*
servers
Tengine/1.15.1
accept-ranges
bytes
timing-allow-origin
*
content-length
17452
js
www.googletagmanager.com/gtag/ 		276 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6L9ZP3QXXM
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
59fbf301b4abadf491524503c472358894815655059212ba2a2b3e64875e3569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97821
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 03:43:02 GMT
yunwei.js
www.bj949.com/saconfig/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/saconfig/yunwei.js?0.20436509994444418
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash
2e6685b4b95d0e7793147dee02bcfe37a4f80dda9df7f1dce8007f115a1db020

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 20:01:05 GMT
etag
W/"66d0d381-50c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
MISS
servers
Tengine/1.15.1
timing-allow-origin
*
cdn_test.txt
tus5r4front.owproofing.com/cdn/tus5r4F/ 		0
0
cdn_test.txt
tus5r4front.xianzhaoquan.com/cdn/tus5r4F/ 		0
0
cdn_test.txt
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/ 		1 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/cdn_test.txt?1726458183285
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1
last-modified
Fri, 13 Sep 2024 02:32:35 GMT
server
cloudflare
etag
"66e3a443-1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2G7GyDPFSvqukMKQebxA6IbdJADGbJ7tEI%2BkasDz%2BjY54BMpIpplU0rwDn9FSgF%2FshxTFE1Mwjfdp6WIC1uN5BqRQ95W6qiJh55Zl57TnpkTQQGmvu9Rd8vjzmL6v7ORlM97Wh%2F4PyKbz33pMwXle5Wz"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c3dd99dda0fa20b-YYZ
expires
Tue, 16 Sep 2025 03:43:03 GMT
cdn_test.txt
tus5r4front-cf.doefa88uid.com/cdn/tus5r4F/ 		0
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6L9ZP3QXXM&gtm=45je4990v869943407za200&_p=1726458183285&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1370635182.1726458183&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726458183&sct=1&seg=0&dl=https%3A%2F%2Fwww.bj949.com%2Findex&dr=https%3A%2F%2Fwin55123.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2283
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6L9ZP3QXXM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 03:43:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bj949.com:9300
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
www.bj949.com/ 		16 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bj949.com:9300/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.64.206.35 Tokyo, Japan, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bj949.com:9300/index
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
date
Mon, 16 Sep 2024 03:43:03 GMT
last-modified
Thu, 17 Aug 2023 06:46:12 GMT
etag
"64ddc234-1083e"
content-type
image/x-icon
access-control-allow-origin
*
servers
Tengine/1.15.1
accept-ranges
bytes
timing-allow-origin
*
content-length
67646
chunk-vendors.315678e7.css
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/css/ 		231 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/css/chunk-vendors.315678e7.css
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b447478bf0203bfd7d0483c9281b801313c2919d1731a19342be1092b652f668

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1072012
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Sep 2024 02:47:23 GMT
server
cloudflare
etag
W/"66d5273b-39b28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH7pJO6gmQPKMfdSpW8BUCdiHLzTEGdRpx8TBoc%2FY9cpajtvzivzfHz9bqs8yVEdyMDjinKqVdN%2FDLdLtweaNEW4Kpfv2%2BOgZc90d7OQWj8T5AJd1q10rlOPLF8gr9k2g8HWR3jWRkvyKSe%2F6vLu%2FI6u"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
8c3dd9a0e8d0ac94-YYZ
expires
Wed, 03 Sep 2025 17:56:10 GMT
app.8b9aaadc.css
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/css/ 		736 KB
132 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/css/app.8b9aaadc.css
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa363bd3e804989f2a2c9a19e41fd927a34ed8434ff3fff70ce5a5dc3679975

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248314
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Sep 2024 02:32:34 GMT
server
cloudflare
etag
W/"66e3a442-b7eef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UK%2F%2BjkGhdX3AjivPswgkZcP0zwgF%2FZqyBy5p2BKEUY1vo4b%2BFTIDVIuCCVFrN0WWO1g9udoYrJpciWW1XK%2FpNW1bX9NVUrH14AJTGlMqbH8SqyPLacnR78g5cQmi1H4YsWxnibAhLP0%2BHxpAhHHthsN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
8c3dd9a0e8ceac94-YYZ
expires
Sat, 13 Sep 2025 06:44:29 GMT
chunk-vendors.090ca412.js
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/js/ 		2 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/js/chunk-vendors.090ca412.js
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1072012
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Sep 2024 02:47:23 GMT
server
cloudflare
etag
W/"66d5273b-1f5399"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IrpQ1LAxRYV6d1c3M8xxZk2XQxcYgAh72UOkr%2BAkb%2F0aKqKz39jk81MeYMt9bPO%2FVGkIchIjZsGa2mMZBAhwXvTSpT%2BkgPT8DOmKCarjrCmkczYIElvPzH6pEPpMRU6MQo63pew2W5ykOSSGtwwp03ny"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
8c3dd9a0e8d6ac94-YYZ
expires
Wed, 03 Sep 2025 17:56:10 GMT
app.b0ba51ec.js
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/js/ 		637 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/js/app.b0ba51ec.js
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074a2cde62ff9aa80daca0258ac8f699ec5d1b0f63d0c7f61c714f4bc2658a3a

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248314
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Sep 2024 02:32:34 GMT
server
cloudflare
etag
W/"66e3a442-9f368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSKa5xF8WKQD9Jxu3tmOqynT5rNeirNavuvnKQwIS%2BvjsZ8kfpcB2SzaR6esK8iUsjPBEwJYryMqn6O6WfQ7bOllaNeKpH2t1ynot4WKiZ5Vk3mZocYMRQIam5SSEl5Y5DjivnpbYMW8WQCy5v%2F2AxS4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
8c3dd9a0e8d4ac94-YYZ
expires
Sat, 13 Sep 2025 06:44:29 GMT
3s_web_detect.js
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/3s_web_detect.js?product=tus5r4&module=frontend_web&v=0507
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751837eea805a5cc9c146571a7aa6f8ac3af59f2f03f2ce52b50c1b80b72d9bf

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1072012
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Sep 2024 02:47:23 GMT
server
cloudflare
etag
W/"66d5273b-b2ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4QFMTs1e3bi%2FCRdnmRzdb1FaU1WW3ZCf6xJF78KZC3MNO1JFerBA8s8X%2BO%2FB%2Fpk89rwco5ureTf%2F2eLgIh%2FxRv0LURohEklSU5j6DlIB55AtvTUGWQn4GSKa%2B%2Bnn2T7Qoz9dwicMXmblUq4cjtPml20"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
8c3dd9a0e8d8ac94-YYZ
expires
Wed, 03 Sep 2025 17:56:10 GMT
remove.js
tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/ 		229 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tus5r4front-cf.cf-holiday32.com/cdn/tus5r4F/remove.js
Requested by
Host: www.bj949.com
URL: https://www.bj949.com:9300/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d27bab1fc3fd39017be7fc21a7aa0f7850f7805182988e190985c5e2eecdbb

Request headers

Referer
https://www.bj949.com:9300/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:43:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1072012
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Sep 2024 02:47:23 GMT
server
cloudflare
etag
W/"66d5273b-e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7nGiikBt2%2BusMgSzMzxzAvyW9KHRsfiKyycHZ%2FHxPCpJOYgg1Xyhov4V8%2FVaKkrEQmFFy8zeM%2FryYJadkS53mWT%2FmDLh6sV4YWYoSWco90fteOYmxgW0BAvd9izwz83LjksYzQsy%2BfMBZ91RGm4H1cJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
8c3dd9a0e8daac94-YYZ
expires
Wed, 03 Sep 2025 17:56:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tus5r4front.owproofing.com
URL
https://tus5r4front.owproofing.com/cdn/tus5r4F/cdn_test.txt?1726458183284
Domain
tus5r4front.xianzhaoquan.com
URL
https://tus5r4front.xianzhaoquan.com/cdn/tus5r4F/cdn_test.txt?1726458183284
Domain
tus5r4front-cf.doefa88uid.com
URL
https://tus5r4front-cf.doefa88uid.com/cdn/tus5r4F/cdn_test.txt?1726458183285

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pinyin_dict_notone object| pinyinUtil object| __config object| config object| yunweiConfig boolean| isPro object| files function| init function| cdnPing function| createTags function| createdCss function| createdJs function| ieVersion function| gogleAnalytic function| addCdnMsg boolean| check_support_webp object| THREEUPLOAD function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonp object| THREEDATA object| ThreeSeconds

6 Cookies

Domain/Path Name / Value
win55123.com/ Name: __vtins__3J08avpkwBAGqNji
Value: %7B%22sid%22%3A%20%22075de8a1-8ddc-5b8f-8043-e8991b12a07d%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201726459979940%2C%20%22ct%22%3A%201726458179940%7D
win55123.com/ Name: __51uvsct__3J08avpkwBAGqNji
Value: 1
win55123.com/ Name: __51vcke__3J08avpkwBAGqNji
Value: 9164e206-27a6-5d17-99a6-431fdc8130b7
win55123.com/ Name: __51vuft__3J08avpkwBAGqNji
Value: 1726458179945
.bj949.com/ Name: _ga
Value: GA1.1.1370635182.1726458183
.bj949.com/ Name: _ga_6L9ZP3QXXM
Value: GS1.1.1726458183.1.0.1726458183.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://win55123.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
sdk.51.la
tus5r4front-cf.cf-holiday32.com
tus5r4front-cf.doefa88uid.com
tus5r4front.owproofing.com
tus5r4front.xianzhaoquan.com
win55123.com
www.bj949.com
www.google-analytics.com
www.googletagmanager.com
tus5r4front-cf.doefa88uid.com
tus5r4front.owproofing.com
tus5r4front.xianzhaoquan.com
104.21.17.97
142.250.80.110
142.251.40.200
154.64.206.35
172.67.168.209
199.91.74.209
074a2cde62ff9aa80daca0258ac8f699ec5d1b0f63d0c7f61c714f4bc2658a3a
1aa2cf66cdd7783fb4bbe45faf46ed83fc707d427174413365a0fd6a64867d72
2c47c9ccc85c8c0794921c576c883e3212fbfc9fc1a3d73969adc4ba1775e728
2e6685b4b95d0e7793147dee02bcfe37a4f80dda9df7f1dce8007f115a1db020
50a6831640844fdab8fba89d4d0426d4bb9855a8cc84eea1913f37742c1d6f54
59fbf301b4abadf491524503c472358894815655059212ba2a2b3e64875e3569
6ed534158db8163af0e719292bce2929318d90633b67bda4d75b2e196fb64ad3
71918f59f8e9e1fd76764e58050830e54aa615d621e4496482c105ec4a073b6d
751837eea805a5cc9c146571a7aa6f8ac3af59f2f03f2ce52b50c1b80b72d9bf
7fa363bd3e804989f2a2c9a19e41fd927a34ed8434ff3fff70ce5a5dc3679975
a0d27bab1fc3fd39017be7fc21a7aa0f7850f7805182988e190985c5e2eecdbb
b447478bf0203bfd7d0483c9281b801313c2919d1731a19342be1092b652f668
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb
cbbb5d9503801a2a46dd2c4c1bf0e08e2a63c5b838f02965eea03d283b02a267
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855