www.1980boomchabrew.com
38.33.107.6 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://wap.thaifastfood.com/ 1yr old
Effective URL:
https://www.1980boomchabrew.com/ 6yr old
Submission: On January 23 via api (January 23rd 2025, 5:51:51 am UTC) from US — Scanned from FR

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 9 domains to perform 15 HTTP transactions. The main IP is 38.33.107.6, located in San Jose, United States and belongs to PEG-LA, US. The main domain is www.1980boomchabrew.com. 6yr old
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 21st 2025. Valid for: 3mo.

This is the only time www.1980boomchabrew.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gambling (Gambling)

Domain & IP information

	IP Address	AS Autonomous System
1 1	38.33.115.9 38.33.115.9	398823 (PEG-LA) (PEG-LA)
4	38.33.107.6 38.33.107.6	398823 (PEG-LA) (PEG-LA)
2	103.235.47.188 103.235.47.188	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	43.153.236.147 43.153.236.147	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2600:9000:214... 2600:9000:214f:d000:14:8ed:8000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	122.10.26.202 122.10.26.202	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	58.254.150.48 58.254.150.48	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
4	90.84.161.20 90.84.161.20	2285 (OCB_HONEY...) (OCB_HONEY_CDN_ASN Orange S.A.)
1	122.10.50.210 122.10.50.210	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
15	8

1 38.33.115.9 (San Jose, United States) 1 redirects

ASN398823 (PEG-LA, US)

wap.thaifastfood.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 38.33.107.6 (San Jose, United States)

ASN398823 (PEG-LA, US)

www.1980boomchabrew.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 103.235.47.188 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

www.baidu.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
sp0.baidu.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 43.153.236.147 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.sogou.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:214f:d000:14:8ed:8000:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.ssl.qhimg.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 122.10.26.202 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

vkg.hpdbfezgrqwn.vip 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 58.254.150.48 (Guangzhou, China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

zz.bdstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 90.84.161.20 (France)

ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR)

sdk.51.la 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
collect-v6.51.la 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 122.10.50.210 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

1k4ej4j1lxvjwz.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
4	51.la sdk.51.la — Cisco Umbrella Rank: 74896 5yr old collect-v6.51.la — Cisco Umbrella Rank: 66632 5yr old	37 KB
4	1980boomchabrew.com www.1980boomchabrew.com 6yr old	5 KB
2	baidu.com www.baidu.com — Cisco Umbrella Rank: 4592 11yr old sp0.baidu.com — Cisco Umbrella Rank: 36375 9yr old	1 KB
1	1k4ej4j1lxvjwz.com 1k4ej4j1lxvjwz.com 1yr old
1	bdstatic.com zz.bdstatic.com — Cisco Umbrella Rank: 56624 9yr old	562 B
1	hpdbfezgrqwn.vip vkg.hpdbfezgrqwn.vip 2yr old	656 B
1	qhimg.com p.ssl.qhimg.com — Cisco Umbrella Rank: 408193 10yr old	4 KB
1	sogou.com www.sogou.com — Cisco Umbrella Rank: 46274 9yr old	4 KB
1	thaifastfood.com 1 redirects wap.thaifastfood.com 1yr old	264 B
15	9

	Domain	Requested by
4	www.1980boomchabrew.com	www.1980boomchabrew.com
3	collect-v6.51.la	sdk.51.la
1	1k4ej4j1lxvjwz.com	www.1980boomchabrew.com
1	sp0.baidu.com	www.1980boomchabrew.com
1	sdk.51.la	www.1980boomchabrew.com
1	zz.bdstatic.com	www.1980boomchabrew.com
1	vkg.hpdbfezgrqwn.vip	www.1980boomchabrew.com
1	p.ssl.qhimg.com	www.1980boomchabrew.com
1	www.sogou.com	www.1980boomchabrew.com
1	www.baidu.com	www.1980boomchabrew.com
1	wap.thaifastfood.com	1 redirects
15	11

This site contains no links.

Subject Issuer	Validity	Valid
www.1980boomchabrew.com ZeroSSL ECC Domain Secure Site CA	`2025-01-21` - `2025-04-21`	3mo	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	1yr	crt.sh
*.sogou.com DigiCert Secure Site CN CA G3	`2024-06-18` - `2025-07-13`	1yr	crt.sh
*.ssl.qhimg.com WoTrus DV Server CA [Run by the Issuer]	`2024-03-05` - `2025-04-05`	1yr	crt.sh
vkg.hpdbfezgrqwn.vip R10	`2025-01-07` - `2025-04-07`	3mo	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	1yr	crt.sh
1k4ej4j1lxvjwz.com Sectigo RSA Domain Validation Secure Server CA	`2025-01-10` - `2026-01-10`	1yr	crt.sh

This page contains 2 frames:

Primary Page: https://www.1980boomchabrew.com/
Frame ID: 22D8A52DB56431AFC081924297FCAC27
Requests: 14 HTTP requests in this frame

Frame: https://1k4ej4j1lxvjwz.com/?id=2
Frame ID: 7DDD40707FEA06FB0D85A9B15CA61A71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

太阳成集团tyc33455cc|首页(歡迎您)

Page URL History Show full URLs

https://wap.thaifastfood.com/ HTTP 301
https://www.1980boomchabrew.com/ Page URL

Detected technologies

Vue.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

11 %
IPv6

9
Domains

11
Subdomains

8
IPs

5
Countries

52 kB
Transfer

51 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wap.thaifastfood.com/ HTTP 301
https://www.1980boomchabrew.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.1980boomchabrew.com/
Redirect Chain

https://wap.thaifastfood.com/
https://www.1980boomchabrew.com/

4 KB
2 KB

1279ms
226ms

Document
text/html

38.33.107.6
PEG-LA

General

Check archive.org

Download Go to

Full URL

https://www.1980boomchabrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

38.33.107.6 San Jose, United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

home / java

Resource Hash

754c70ae5a408be5984ff0f04fbeda16e5eb0e353086cef92b4dfd2220fa47a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=172800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Jan 2025 05:51:54 GMT
Expires: Sat, 25 Jan 2025 05:51:54 GMT
Last-Modified: Thu, 23 Jan 2025 05:51:54 GMT
Pragma: cache
Server: home
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
cfrom: rewrite
x-powered-by: java

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 23 Jan 2025 05:51:52 GMT
Location: https://www.1980boomchabrew.com/
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK vue.min.js Show response
www.1980boomchabrew.com/ 2 KB
2 KB 159ms
159ms Script
application/javascript 38.33.107.6
PEG-LA

General

Check archive.org

Download Go to

Full URL

https://www.1980boomchabrew.com/vue.min.js

Requested by

Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

38.33.107.6 San Jose, United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

611d34ed95f8a154088d4b70c5745782b343df16d08bede44bbbd6abcef59cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=2592000
Content-Encoding: gzip
ETag: W/"6791d587-94c"
Connection: keep-alive
Expires: Sat, 22 Feb 2025 05:51:54 GMT
Date: Thu, 23 Jan 2025 05:51:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Jan 2025 05:37:11 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK baidu_jgylogo3.gif
www.baidu.com/img/ 705 B
1 KB 1284ms
321ms Image
image/gif 103.235.47.188
BAIDU Beijing Bai...

General

Check archive.org

Download Go to Show image

Full URL: https://www.baidu.com/img/baidu_jgylogo3.gif
Requested by: Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.47.188 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: dc506b4253e2bb145e5b370f6088842382a8c2bd0632d9b265744f706727f7f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

Cache-Control: max-age=315360000
Etag: "2c1-4a6473f6030c0"
Expires: Sun, 21 Jan 2035 05:51:55 GMT
Accept-Ranges: bytes
Content-Length: 705
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Date: Thu, 23 Jan 2025 05:51:55 GMT
Content-Type: image/gif
Last-Modified: Wed, 22 Jun 2011 06:40:43 GMT
Server: Apache

GET
H/1.1 200
OK logo_440x140.v.4.png
www.sogou.com/web/index/images/ 3 KB
4 KB 1132ms
462ms Image
image/png 43.153.236.147
TENCENT-NET-AP-CN...

General

Check archive.org

Download Go to Show image

Full URL: https://www.sogou.com/web/index/images/logo_440x140.v.4.png
Requested by: Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.153.236.147 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: 29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

Cache-Control: max-age=15552000
ETag: "66c30cf7-b86"
Connection: keep-alive
UUID: 15ad93bb-3d99-4353-a536-f7e4f11992ff
Expires: Tue, 22 Jul 2025 05:51:55 GMT
Accept-Ranges: bytes
Content-Length: 2950
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Thu, 23 Jan 2025 05:51:55 GMT
Content-Type: image/png
Last-Modified: Mon, 19 Aug 2024 09:14:31 GMT
Server: nginx

GET
H2 200 t010e288a56a0b005e9.png
p.ssl.qhimg.com/ 3 KB
4 KB 82ms
25ms Image
image/png 2600:9000:214f:d000:14:8ed:8000:93a1
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://p.ssl.qhimg.com/t010e288a56a0b005e9.png
Requested by: Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d000:14:8ed:8000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a01d73b630804f843c99d70f8f64a30303a8bc1273fed46bdf9f3d190bea8a68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lyct
age: 3227945
expires: Sun, 16 Mar 2025 21:12:48 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: NWNrv3Je3ExfGoV7rAbfZI5t_knq8EZ2419wH74qjCMbFrw66s9ZeQ==
date: Mon, 16 Dec 2024 21:12:48 GMT
content-type: image/png
last-modified: Mon, 23 Sep 2024 11:06:46 GMT
xcs: HIT
cache-control: s-maxage=7776000, max-age=7776000
timing-allow-origin: *
xzp: orxleiwzhoemlml
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3294
x-amz-cf-pop: FRA53-C1

GET
H/1.1 200
OK jquery.cdn.js Show response
www.1980boomchabrew.com/@public/ 1 KB
895 B 320ms
159ms Script
application/javascript 38.33.107.6
PEG-LA

General

Check archive.org

Download Go to

Full URL

https://www.1980boomchabrew.com/@public/jquery.cdn.js

Requested by

Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

38.33.107.6 San Jose, United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

a79d3e49635f44dc49465dc1eeade36fd0fe3ba8cd7057e4a4ecf09b7bce91ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=2592000
Content-Encoding: gzip
ETag: W/"678778b4-5ea"
Connection: keep-alive
Expires: Sat, 22 Feb 2025 05:51:54 GMT
Date: Thu, 23 Jan 2025 05:51:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 15 Jan 2025 08:58:28 GMT
Server: nginx
Vary: Accept-Encoding

POST
H2 200 hylfff.php Show response
vkg.hpdbfezgrqwn.vip/ 644 B
656 B 687ms
224ms XHR
text/html 122.10.26.202
DXTL-HK DXTL Tseu...

General

Check archive.org

Download Go to

Full URL

https://vkg.hpdbfezgrqwn.vip/hylfff.php

Requested by

Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

122.10.26.202 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

87d1d5c4ec69189e04068c691441cda3594e67fdeead036e90b5782d6c73d365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8;
Referer: https://www.1980boomchabrew.com/

Response headers

strict-transport-security: max-age=31536000
x-request-id: 940b5ff1f957dfdc00052783ca69c4d6
content-encoding: gzip
access-control-allow-origin: *
date: Thu, 23 Jan 2025 05:51:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx
access-control-allow-headers: *

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
562 B 624ms
186ms Script
application/x-javascript 58.254.150.48
UNICOM-GUANGZHOU-...

General

Check archive.org

Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.254.150.48 Guangzhou, China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

tracecode: 22641766410593270282012214
cache-control: max-age=86400
content-encoding: br
etag: "678dc6a3-134"
age: 82322
ohc-cache-hit: gz3un55 [2], zhuzuncache54 [2]
accept-ranges: bytes
ohc-global-saved-time: Wed, 22 Jan 2025 06:37:44 GMT
date: Thu, 23 Jan 2025 05:51:54 GMT
content-type: application/x-javascript
last-modified: Mon, 20 Jan 2025 03:44:35 GMT
server: JSP3/2.0.14
ohc-response-time: 1 0 0 0 0 0

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 35 KB
35 KB 754ms
183ms Script
text/plain 90.84.161.20
OCB_HONEY_CDN_ASN...

General

Check archive.org

Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/@public/jquery.cdn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 90.84.161.20 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR),
Reverse DNS
Software: openresty /
Resource Hash: ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

cache-control: no-store
access-control-allow-credentials: true
via: EU-GER-frankfurt-EDGE5-CACHE5[156],EU-GER-frankfurt-EDGE5-CACHE5[ovl,154],CHN-HElangfang-GLOBAL6-CACHE113[ovl,18]
access-control-allow-origin: *
x-ccdn-req-id-46b1: 20f5c1cbcc68c5b39c38f982686a1b2b
date: Thu, 23 Jan 2025 05:51:55 GMT
content-type: text/plain; charset=utf-8
server: openresty

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 907ms
364ms Image
text/plain 103.235.47.188
BAIDU Beijing Bai...

General

Check archive.org

Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.1980boomchabrew.com/
Requested by: Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.47.188 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

Date: Thu, 23 Jan 2025 05:51:55 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H2 200 /
1k4ej4j1lxvjwz.com/ Frame 7DDD 0
0 825ms
270ms Document
text/html 122.10.50.210
DXTL-HK DXTL Tseu...

General

Check archive.org

Download Go to

Full URL

https://1k4ej4j1lxvjwz.com/?id=2

Requested by

Host: www.1980boomchabrew.com
URL: https://www.1980boomchabrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

122.10.50.210 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.1980boomchabrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 23 Jan 2025 05:51:55 GMT
etag: W/"6790cd1d-e825"
last-modified: Wed, 22 Jan 2025 10:49:01 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

POST
H2 200 collect Show response
collect-v6.51.la/v6/ 0
361 B 231ms
219ms XHR
text/plain 90.84.161.20
OCB_HONEY_CDN_ASN...

General

Check archive.org

Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 90.84.161.20 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

via: EU-GER-frankfurt-EDGE5-CACHE5[193],EU-GER-frankfurt-EDGE5-CACHE5[ovl,190],EA-HKG-EDGE1-CACHE1[ovl,33],EA-HKG-EDGE2-CACHE1[ovl,32],EA-HKG-GLOBAL1-CACHE22[ovl,30]
access-control-allow-origin: https://www.1980boomchabrew.com
x-ccdn-req-id-46b1: 505a1620a20180ebf8fda687e3a2de3c
content-length: 0
date: Thu, 23 Jan 2025 05:51:55 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

POST
H2 200 collect Show response
collect-v6.51.la/v6/ 0
362 B 226ms
217ms XHR
text/plain 90.84.161.20
OCB_HONEY_CDN_ASN...

General

Check archive.org

Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 90.84.161.20 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

via: EU-GER-frankfurt-EDGE5-CACHE5[191],EU-GER-frankfurt-EDGE5-CACHE5[ovl,188],EA-HKG-EDGE1-CACHE1[ovl,30],EA-HKG-EDGE2-CACHE1[ovl,30],EA-HKG-GLOBAL1-CACHE4[ovl,28]
access-control-allow-origin: https://www.1980boomchabrew.com
x-ccdn-req-id-46b1: 9a23111d8ba893a983b5e78e269e60f7
content-length: 0
date: Thu, 23 Jan 2025 05:51:55 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

POST
H2 200 collect Show response
collect-v6.51.la/v6/ 0
362 B 224ms
217ms XHR
text/plain 90.84.161.20
OCB_HONEY_CDN_ASN...

General

Check archive.org

Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 90.84.161.20 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

via: EU-GER-frankfurt-EDGE5-CACHE5[190],EU-GER-frankfurt-EDGE5-CACHE5[ovl,188],EA-HKG-EDGE1-CACHE1[ovl,31],EA-HKG-EDGE2-CACHE1[ovl,30],EA-HKG-GLOBAL1-CACHE22[ovl,27]
access-control-allow-origin: https://www.1980boomchabrew.com
x-ccdn-req-id-46b1: aa44942dd6525d91dce02b6e415fcd10
content-length: 0
date: Thu, 23 Jan 2025 05:51:55 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H/1.1 200
OK favicon.ico
www.1980boomchabrew.com/ 94 B
462 B 160ms
159ms Other
image/x-icon 38.33.107.6
PEG-LA

General

Check archive.org

Download Go to

Full URL

https://www.1980boomchabrew.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

38.33.107.6 San Jose, United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

3e996545a33ea2f137dc6128b3bdfe00db53fe4eca124867531bb2674eec5903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1980boomchabrew.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=2592000
ETag: "678f4eeb-5e"
Connection: keep-alive
Expires: Sat, 22 Feb 2025 05:51:57 GMT
Accept-Ranges: bytes
Content-Length: 94
Date: Thu, 23 Jan 2025 05:51:57 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 21 Jan 2025 07:38:19 GMT
Server: nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gambling (Gambling)

4 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 string| V_PATH object| LA number| laWaitTime

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.1980boomchabrew.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dp816u5h5qd95qqra2rlrn3tl3
www.1980boomchabrew.com/	1969-12-31 23:59:59	Name: __vtins__KBYUa6ibFuUdP5LO Value: %7B%22sid%22%3A%20%22fe77e3c5-b6a0-570d-8fd4-dc52acadbd2e%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201737613315268%2C%20%22ct%22%3A%201737611515268%7D
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51uvsct__KBYUa6ibFuUdP5LO Value: 1
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51vcke__KBYUa6ibFuUdP5LO Value: b1a0ca0d-fba6-5950-b2c5-895483c5698b
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51vuft__KBYUa6ibFuUdP5LO Value: 1737611515269
www.1980boomchabrew.com/	1969-12-31 23:59:59	Name: __vtins__KWVO4mchReU4dX3Z Value: %7B%22sid%22%3A%20%220843ae2a-a462-58c4-9190-84c4b7792ed1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201737613315272%2C%20%22ct%22%3A%201737611515272%7D
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51uvsct__KWVO4mchReU4dX3Z Value: 1
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51vcke__KWVO4mchReU4dX3Z Value: aef1a980-45b4-5884-979d-1546feafb57e
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51vuft__KWVO4mchReU4dX3Z Value: 1737611515273
www.1980boomchabrew.com/	1969-12-31 23:59:59	Name: __vtins__Kh5XhlzpalumsgUt Value: %7B%22sid%22%3A%20%22022bf906-bce0-5bb1-877b-7f8b610ad81b%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201737613315276%2C%20%22ct%22%3A%201737611515276%7D
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51uvsct__Kh5XhlzpalumsgUt Value: 1
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51vcke__Kh5XhlzpalumsgUt Value: 595f9562-7d5d-5ffd-8005-aa5ad4698797
www.1980boomchabrew.com/	1970-01-21 12:16:11	Name: __51vuft__Kh5XhlzpalumsgUt Value: 1737611515277
.baidu.com/	1970-01-21 11:25:47	Name: BAIDUID_BFESS Value: 93FB57B6A95B900B6D9B45E9E6CC7B06:FG=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1k4ej4j1lxvjwz.com
collect-v6.51.la
p.ssl.qhimg.com
sdk.51.la
sp0.baidu.com
vkg.hpdbfezgrqwn.vip
wap.thaifastfood.com
www.1980boomchabrew.com
www.baidu.com
www.sogou.com
zz.bdstatic.com
103.235.47.188
122.10.26.202
122.10.50.210
2600:9000:214f:d000:14:8ed:8000:93a1
38.33.107.6
38.33.115.9
43.153.236.147
58.254.150.48
90.84.161.20
29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85
3e996545a33ea2f137dc6128b3bdfe00db53fe4eca124867531bb2674eec5903
611d34ed95f8a154088d4b70c5745782b343df16d08bede44bbbd6abcef59cdf
754c70ae5a408be5984ff0f04fbeda16e5eb0e353086cef92b4dfd2220fa47a1
87d1d5c4ec69189e04068c691441cda3594e67fdeead036e90b5782d6c73d365
a01d73b630804f843c99d70f8f64a30303a8bc1273fed46bdf9f3d190bea8a68
a79d3e49635f44dc49465dc1eeade36fd0fe3ba8cd7057e4a4ecf09b7bce91ce
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
dc506b4253e2bb145e5b370f6088842382a8c2bd0632d9b265744f706727f7f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.1980boomchabrew.com 38.33.107.6 Malicious Activity! Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

11 %IPv6

9 Domains

11 Subdomains

8 IPs

5 Countries

52 kBTransfer

51 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Window variables

14 Cookies

Security Headers

Indicators

www.1980boomchabrew.com
38.33.107.6 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

11 %
IPv6

9
Domains

11
Subdomains

8
IPs

5
Countries

52 kB
Transfer

51 kB
Size

14
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!