qi5axjvzqh.com Open in urlscan Pro
20.239.68.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qi5axjvzqh.com/
Effective URL:
https://qi5axjvzqh.com/forbiddenPage.jsp
Submission: On November 27 via api (November 27th 2024, 5:20:34 pm UTC) from US — Scanned from CA

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 20.239.68.43, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is qi5axjvzqh.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on October 1st 2024. Valid for: 6 months.

This is the only time qi5axjvzqh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	20.239.68.43 20.239.68.43		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2

11 20.239.68.43 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

qi5axjvzqh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	qi5axjvzqh.com 1 redirects qi5axjvzqh.com	326 KB
11	1

	Domain	Requested by
11	qi5axjvzqh.com	1 redirects qi5axjvzqh.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
www.q2chyxt0dh.com SSL.com RSA SSL subCA	`2024-10-01` - `2025-03-30`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://qi5axjvzqh.com/forbiddenPage.jsp
Frame ID: 031747C949C2FCECEE9F5D597D454972
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

您访问的页面不存在!

Page URL History Show full URLs

https://qi5axjvzqh.com/ HTTP 302
http://qi5axjvzqh.com:443/forbiddenPage.jsp HTTP 307
https://qi5axjvzqh.com/forbiddenPage.jsp Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

326 kB
Transfer

410 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qi5axjvzqh.com/ HTTP 302
http://qi5axjvzqh.com:443/forbiddenPage.jsp HTTP 307
https://qi5axjvzqh.com/forbiddenPage.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://qi5axjvzqh.com/asp/getIpAddress.php HTTP 0
http://qi5axjvzqh.com:443/forbiddenPage.jsp

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request forbiddenPage.jsp Show response
qi5axjvzqh.com/
Redirect Chain

https://qi5axjvzqh.com/
http://qi5axjvzqh.com:443/forbiddenPage.jsp
https://qi5axjvzqh.com/forbiddenPage.jsp

7 KB
3 KB

273ms
267ms

Document
text/html

20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

48437c92aa1333f19abc8bd3654ed15d84e82f7cf0289532e249dfa3da1fe227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en-CA
content-length: 2792
content-type: text/html;charset=UTF-8
date: Wed, 27 Nov 2024 17:20:25 GMT
server: nginx
strict-transport-security: max-age=31536000; max-age=31536000;

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://qi5axjvzqh.com/forbiddenPage.jsp
Non-Authoritative-Reason: HSTS

GET
H2 200 debug.js Show response
qi5axjvzqh.com/js/ 602 B
612 B 307ms
304ms Script
application/javascript 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/js/debug.js?v=005

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2597ee6db331d8da21c71244b87caa789050576af2f348effbbaeed4e197251a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"602-1715309426000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 317
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:26 GMT
server: nginx
content-language: en-CA

GET
H2 200 reset.css
qi5axjvzqh.com/css/ 6 KB
2 KB 304ms
302ms Stylesheet
text/css 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/css/reset.css?v=20240419

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2d0fbb81cdbaa3f575fac611faf08426977353f5eb615332b266943c2c8e77a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6068-1715309425000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 1900
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: text/css;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:25 GMT
server: nginx
content-language: en-CA

GET
H2 200 error.css
qi5axjvzqh.com/css/ 3 KB
984 B 305ms
303ms Stylesheet
text/css 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/css/error.css?v=2

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4bfa1859adacf81776df061f624f8d39bbf07de347802f1f1888f83203464297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"2637-1715309425000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 698
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: text/css;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:25 GMT
server: nginx
content-language: en-CA

GET
H2 200 ai800.js Show response
qi5axjvzqh.com/js/ 1 KB
920 B 597ms
596ms Script
application/javascript 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/js/ai800.js

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

9bb7aa6092afd1e1058ddfc3c810d7bf1f670405fad334a2c658ab4fe3ce6e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"1427-1715309426000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 624
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:26 GMT
server: nginx
content-language: en-CA

GET
H2 200 logo-404.png
qi5axjvzqh.com/images/error/ 5 KB
6 KB 495ms
494ms Image
image/png 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qi5axjvzqh.com/images/error/logo-404.png

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

255913350dfe263bb59793c2239491c82812a697c4a453a209009b41e0883624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
etag: W/"5625-1715309426000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 5625
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: image/png;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:26 GMT
server: nginx
content-language: en-CA

GET
H2 200 403.png
qi5axjvzqh.com/images/error/ 66 KB
66 KB 496ms
495ms Image
image/png 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qi5axjvzqh.com/images/error/403.png

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

a26ab7b038ad6ce45b8a439a38c22e4bec0a260a7508867dfdcab8b1d0b2b689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
etag: W/"67495-1715309425000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 67495
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: image/png;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:25 GMT
server: nginx
content-language: en-CA

GET
H2 200 jquery-1.12.4.min.js Show response
qi5axjvzqh.com/js/ 95 KB
33 KB 419ms
419ms Script
application/javascript 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/js/jquery-1.12.4.min.js

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/forbiddenPage.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ad4761663a8f66e1becceae89e403f3f168bc41c58e6442cd4ee39d5ce0d6bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"97170-1715309426000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:26 GMT
server: nginx
content-language: en-CA

GET
H2 200 wap-404-pcbg.jpg
qi5axjvzqh.com/images/error/ 209 KB
210 KB 489ms
485ms Image
image/jpeg 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qi5axjvzqh.com/images/error/wap-404-pcbg.jpg

Requested by

Host: qi5axjvzqh.com
URL: https://qi5axjvzqh.com/css/error.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8de3d686fd03a2b585c0ef2ba2a73cc411d65c34125a468315bf565e7a186909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/css/error.css?v=2

Response headers

strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
etag: W/"214517-1715309426000"
expires: Fri, 27 Dec 2024 17:20:25 GMT
accept-ranges: bytes
content-length: 214517
date: Wed, 27 Nov 2024 17:20:25 GMT
content-type: image/jpeg;charset=UTF-8
last-modified: Fri, 10 May 2024 02:50:26 GMT
server: nginx
content-language: en-CA

GET

forbiddenPage.jsp
qi5axjvzqh.com/
Redirect Chain

https://qi5axjvzqh.com/asp/getIpAddress.php
http://qi5axjvzqh.com:443/forbiddenPage.jsp

0
0

GET
H2 200 faviconbo1.ico
qi5axjvzqh.com/images/ 17 KB
3 KB 356ms
349ms Other
image/x-icon 20.239.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://qi5axjvzqh.com/images/faviconbo1.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.239.68.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

7b9d72d89b3c820e71a8c7c1b9e7ead565394944bb294fc1fc829bf6370c87c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qi5axjvzqh.com/forbiddenPage.jsp

Response headers

last-modified: Fri, 10 May 2024 02:50:26 GMT
strict-transport-security: max-age=31536000;
cache: MISS
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"16958-1715309426000"
expires: Fri, 27 Dec 2024 17:20:26 GMT
date: Wed, 27 Nov 2024 17:20:26 GMT
content-language: en-CA
content-type: image/x-icon;charset=UTF-8
vary: Accept-Encoding
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: qi5axjvzqh.com
URL: http://qi5axjvzqh.com:443/forbiddenPage.jsp

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qi5axjvzqh.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: CC5EB8FC70739CB7C593D91E447E4166

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qi5axjvzqh.com/forbiddenPage.jsp Message: Mixed Content: The page at 'https://qi5axjvzqh.com/forbiddenPage.jsp' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://qi5axjvzqh.com:443/forbiddenPage.jsp'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qi5axjvzqh.com
qi5axjvzqh.com
20.239.68.43
255913350dfe263bb59793c2239491c82812a697c4a453a209009b41e0883624
2597ee6db331d8da21c71244b87caa789050576af2f348effbbaeed4e197251a
2d0fbb81cdbaa3f575fac611faf08426977353f5eb615332b266943c2c8e77a5
48437c92aa1333f19abc8bd3654ed15d84e82f7cf0289532e249dfa3da1fe227
4bfa1859adacf81776df061f624f8d39bbf07de347802f1f1888f83203464297
7b9d72d89b3c820e71a8c7c1b9e7ead565394944bb294fc1fc829bf6370c87c6
8de3d686fd03a2b585c0ef2ba2a73cc411d65c34125a468315bf565e7a186909
9bb7aa6092afd1e1058ddfc3c810d7bf1f670405fad334a2c658ab4fe3ce6e7d
a26ab7b038ad6ce45b8a439a38c22e4bec0a260a7508867dfdcab8b1d0b2b689
ad4761663a8f66e1becceae89e403f3f168bc41c58e6442cd4ee39d5ce0d6bbd

qi5axjvzqh.com Open in urlscan Pro 20.239.68.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

326 kBTransfer

410 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

qi5axjvzqh.com Open in urlscan Pro
20.239.68.43 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

326 kB
Transfer

410 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions