www.ax9h.com Open in urlscan Pro
150.109.71.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a99ss.com/
Effective URL:
https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant
Submission: On May 26 via api (May 26th 2020, 10:27:07 pm UTC) from RO

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 150.109.71.50, located in Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.ax9h.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on May 12th 2020. Valid for: a year.

This is the only time www.ax9h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.99.61.38 103.99.61.38	136950 (HIITL-AS-...) (HIITL-AS-AP Hong Kong FireLine Network LTD)
9	150.109.71.50 150.109.71.50	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	47.246.43.209 47.246.43.209	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
10	2

2 103.99.61.38 (China) 2 redirects

ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK)

a99ss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 150.109.71.50 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.ax9h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.209 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.whdytzyyy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ax9h.com www.ax9h.com	167 KB
2	a99ss.com 2 redirects a99ss.com	518 B
1	whdytzyyy.com www.whdytzyyy.com	732 KB
10	3

	Domain	Requested by
9	www.ax9h.com	www.ax9h.com
2	a99ss.com	2 redirects
1	www.whdytzyyy.com
10	3

This site contains no links.

Subject Issuer	Validity	Valid
www.ax9h.com TrustAsia TLS RSA CA	`2020-05-12` - `2021-05-13`	a year	crt.sh
www.whdytzyyy.com Encryption Everywhere DV TLS CA - G1	`2019-09-06` - `2020-09-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant
Frame ID: 5A6730FA5B4C44D4128FC1956B847533
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://a99ss.com/ HTTP 301
https://a99ss.com/ HTTP 302
https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

899 kB
Transfer

896 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a99ss.com/ HTTP 301
https://a99ss.com/ HTTP 302
https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 800021.html Show response www.ax9h.com/download/landpage/ Redirect Chain http://a99ss.com/ https://a99ss.com/ https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant	2 KB 3 KB	895ms 298ms	Document text/html	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `639b9f46593e2f7cdcda0a1fe72eacad3dfc4a822ece58e6677028d48099c1be` Request headers Host www.ax9h.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.16.1 Date Tue, 26 May 2020 22:26:46 GMT Content-Type text/html Content-Length 2362 Last-Modified Tue, 26 May 2020 10:40:08 GMT Connection keep-alive ETag "5eccf208-93a" Accept-Ranges bytes Redirect headers status 302 date Tue, 26 May 2020 22:26:45 GMT content-type text/html content-length 181 location https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant set-cookie waf_cookie=8fb3807b-ebe7-4860c392aa6c0d2e56b7dd30ded9e5679c94; Expires=1590539205; Path=/; HttpOnly ASPSESSIONIDSCCBTSQS=DKDPNDGCOAONHMNHJGEDHIAG; path=/ cache-control private x-request-id 6811fb2c7e72dc37e1db35df2ee6dc60 server WAF
GET H/1.1	200 OK	pub_reset.css www.ax9h.com/download/landpage/css/	2 KB 2 KB	299ms 297ms	Stylesheet text/css	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/css/pub_reset.css Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `64bda638f7bfd72e571c22f873317af5aec9de75a40b25ee64425dbd0854d9a4` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-721" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1825
GET H/1.1	200 OK	base.css www.ax9h.com/download/landpage/css/	342 B 579 B	596ms 297ms	Stylesheet text/css	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/css/base.css Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `51fb654f4089600e6f43e512350f5dd11b3bd47d97b7c2cba6f66480c10bbe28` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-156" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 342
GET H/1.1	200 OK	fuceng.css www.ax9h.com/download/landpage/css/	2 KB 2 KB	892ms 297ms	Stylesheet text/css	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/css/fuceng.css Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `46a53828c9df1410ebb2ad7911082dddda77d572766ff8fd3a2bd43ae36f6fc7` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-755" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1877
GET H/1.1	200 OK	jquery.js Show response www.ax9h.com/download/landpage/js/	85 KB 85 KB	1160ms 565ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/jquery.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `e458458aa3f950bc20febe2724348f4d942c38f6265b72b29c60221c322c5f71` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-1539b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 86939
GET H/1.1	200 OK	pub_rem.js Show response www.ax9h.com/download/landpage/js/	2 KB 2 KB	893ms 298ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/pub_rem.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `8c43bb30d7c4bc73238b143559fd4d3efd85d1999f0bd789fc58e53ed1e657a0` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Tue, 26 May 2020 03:57:30 GMT Server nginx/1.16.1 ETag "5ecc93aa-8e4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2276
GET H/1.1	200 OK	install.js Show response www.ax9h.com/download/landpage/js/	2 KB 2 KB	892ms 298ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/install.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `fa61328055eee8423cf5ac8982f096ddd8cbc5295b03af03fb95d487d6f0cb50` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Wed, 20 May 2020 07:02:32 GMT Server nginx/1.16.1 ETag "5ec4d608-84a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2122
GET H/1.1	200 OK	device.js Show response www.ax9h.com/download/landpage/js/	6 KB 6 KB	895ms 299ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/device.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `fc09da6430b0eb592285f12a171f0deaf972bbcf3f1559ae34a912738fd39997` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:46 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-181c" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6172
GET H/1.1	200 OK	180.png www.ax9h.com/download/landpage/icon/	63 KB 63 KB	565ms 565ms	Image image/png	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ax9h.com/download/landpage/icon/180.png Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `d757991011fecbed7891df5cf21024c3c8282ff2c91f8821739281c3fce7fcac` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:26:47 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-fbfc" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 64508
GET H2	200	06.jpg www.whdytzyyy.com/download/imgs/	731 KB 732 KB	169ms 55ms	Image image/jpeg	47.246.43.209 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.whdytzyyy.com/download/imgs/06.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.209 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `2de577e1d37092faec57ffb7a397bfa55966b6590afe926e63b95f71c045d638` Request headers Referer https://www.ax9h.com/download/landpage/800021.html?referee=800021&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 May 2020 08:39:22 GMT via cache8.l2de2[0,200-0,H], cache8.l2de2[1,0], cache8.de2[0,200-0,H], cache14.de2[2,0] x-oss-request-id 5ECCD5BA40CDC13238A15B96 content-md5 EPp6+2+E0iY7hVe8gLowaQ== age 49646 x-cache HIT TCP_MEM_HIT dirn:11:286642759 status 200 x-oss-cdn-auth success x-swift-cachetime 43200 x-swift-savetime Tue, 26 May 2020 13:36:22 GMT content-length 748705 x-oss-object-type Normal last-modified Tue, 26 May 2020 03:54:11 GMT server Tengine etag "10FA7AFB6F84D2263B8557BC80BA3069" ali-swift-global-savetime 1590482362 content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 10902468630741626898 eagleid 2ff62ba215905320080096392e x-oss-server-time 2

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.ax9h.com/download/landpage/js/pub_rem.js(Line 46) Message: 1600
console-api	log	URL: https://www.ax9h.com/download/landpage/js/pub_rem.js(Line 46) Message: 1600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a99ss.com
www.ax9h.com
www.whdytzyyy.com
103.99.61.38
150.109.71.50
47.246.43.209
2de577e1d37092faec57ffb7a397bfa55966b6590afe926e63b95f71c045d638
46a53828c9df1410ebb2ad7911082dddda77d572766ff8fd3a2bd43ae36f6fc7
51fb654f4089600e6f43e512350f5dd11b3bd47d97b7c2cba6f66480c10bbe28
639b9f46593e2f7cdcda0a1fe72eacad3dfc4a822ece58e6677028d48099c1be
64bda638f7bfd72e571c22f873317af5aec9de75a40b25ee64425dbd0854d9a4
8c43bb30d7c4bc73238b143559fd4d3efd85d1999f0bd789fc58e53ed1e657a0
d757991011fecbed7891df5cf21024c3c8282ff2c91f8821739281c3fce7fcac
e458458aa3f950bc20febe2724348f4d942c38f6265b72b29c60221c322c5f71
fa61328055eee8423cf5ac8982f096ddd8cbc5295b03af03fb95d487d6f0cb50
fc09da6430b0eb592285f12a171f0deaf972bbcf3f1559ae34a912738fd39997

www.ax9h.com Open in urlscan Pro 150.109.71.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

899 kBTransfer

896 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.ax9h.com Open in urlscan Pro
150.109.71.50 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

899 kB
Transfer

896 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions