URL: https://gov.qw5s.work/
Submission: On November 04 via manual from KR — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3036::6815:3456, located in United States and belongs to CLOUDFLARENET, US. The main domain is gov.qw5s.work.
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.
This is the only time gov.qw5s.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
8 1
Apex Domain
Subdomains
Transfer
8 qw5s.work
gov.qw5s.work
280 KB
8 1
Domain Requested by
8 gov.qw5s.work gov.qw5s.work
8 1

This site contains no links.

Subject Issuer Validity Valid
qw5s.work
WE1
2024-11-03 -
2025-02-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://gov.qw5s.work/
Frame ID: FE5EC661A83059A6C1E536A3829C38F6
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

필요한 정보를 한번에

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

280 kB
Transfer

353 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gov.qw5s.work/
2 KB
2 KB
Document
General
Full URL
https://gov.qw5s.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.2
Resource Hash
d9cac8f6d8112a87b2d00adb431640ec7111735aada829a2e24a2db2ddc26ec0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8dd2abbcdb6665d0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Nov 2024 06:50:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keM13gOSJJ2lsjEfKrkffE43bISHK5xqXxPJMuquIA3cmMMsMeQz36lG2juObpnEOlvY0%2FkAt3DTZs1tJ%2B5iVcz5uZvLf3q1Zl6G7zczSryrm8zydZzqevgm%2BTRX6AgjL8JrJRRq8A0jc4Ww"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=6057&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3900&recv_bytes=2287&delivery_rate=680792&cwnd=253&unsent_bytes=0&cid=1f983a6008638fd1&ts=447&x=0"
x-powered-by
PHP/8.0.2
index.css
gov.qw5s.work/css/
446 B
908 B
Stylesheet
General
Full URL
https://gov.qw5s.work/css/index.css
Requested by
Host: gov.qw5s.work
URL: https://gov.qw5s.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66410d5a3ca58da8c759db0ca4324ac6820b68ce84f8e6562ee53738d67f255b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"66af5654-1be"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FgJjhslMYCApgwlms47ceTs%2Brs5RGBvK8aAto6vniUo6uGgzXfkTcMXnMbkjzCTTJARNANjGx9%2FLEJPWXfXfInJ2EdYEcOktsd57%2F1jedfIfrzleHVbqcDOFEtijoAp1THJcj9StawFC%2Fa0"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd2abbfab14dc9e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13768&sent=13&recv=14&lost=0&retrans=0&sent_bytes=4211&recv_bytes=6499&delivery_rate=896&cwnd=12000&unsent_bytes=0&cid=bcf706fee79e4a98&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:37 GMT
content-type
text/css
last-modified
Sun, 04 Aug 2024 10:22:12 GMT
vary
Accept-Encoding
priority
u=0,i=?0
jquery.min.js
gov.qw5s.work/js/
84 KB
31 KB
Script
General
Full URL
https://gov.qw5s.work/js/jquery.min.js
Requested by
Host: gov.qw5s.work
URL: https://gov.qw5s.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"62c7bb10-14e55"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKdIEYIjnFceRCB9kxF%2BnB%2FZnxLvgf5upuzxzn%2B6gqXDzb2m3m1d%2Bc1bQ%2BtJtpXMo6jQKgR7%2FHQSZcFD%2B5IlvLNq9N29RwyiHYB3Rdhfz%2B133aZIzlrEXptkiiFg59WGytk5vRcZ%2BBQ9U6Kf"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd2abbfab15dc9e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12207&sent=21&recv=19&lost=0&retrans=0&sent_bytes=13466&recv_bytes=6716&delivery_rate=1279981&cwnd=12000&unsent_bytes=0&cid=bcf706fee79e4a98&ts=1175&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:38 GMT
content-type
application/javascript
last-modified
Fri, 08 Jul 2022 05:05:20 GMT
vary
Accept-Encoding
priority
u=1,i=?0
layer.js
gov.qw5s.work/js/layer/
21 KB
8 KB
Script
General
Full URL
https://gov.qw5s.work/js/layer/layer.js
Requested by
Host: gov.qw5s.work
URL: https://gov.qw5s.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab485ada444f4853908f5471a68051be1621a582da0e0f1decf5e2f8abe6b11a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"62c7bd98-5360"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGzud1sKOF2Usuvy15qKZu%2B%2Fkzo2NKED2yHsS0hNj1a3URST8nf9x%2Fz2u1C8VpBeKA4QGD8C6pHsGX2m57OCsCFyQPa2YEkVF7rT3eMHyHBeVGnCtBLwackB0z7nckfO8oASccR5fRsphRMd"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd2abbfab16dc9e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16005&sent=14&recv=15&lost=0&retrans=0&sent_bytes=5142&recv_bytes=6543&delivery_rate=2860&cwnd=12000&unsent_bytes=0&cid=bcf706fee79e4a98&ts=907&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:37 GMT
content-type
application/javascript
last-modified
Fri, 08 Jul 2022 05:16:08 GMT
vary
Accept-Encoding
priority
u=1,i=?0
de2.jpg
gov.qw5s.work/image/
228 KB
229 KB
Image
General
Full URL
https://gov.qw5s.work/image/de2.jpg
Requested by
Host: gov.qw5s.work
URL: https://gov.qw5s.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f192c5e37177960707d62e22d36a62e9b075061bbc1da3bcca0960c1611e5e57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

cf-cache-status
MISS
etag
"66af55bc-39157"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsmp53UbfHrnV1GBFoWGcvjMghGB5IxcsG6EDiremju7hFdf569EQPKzS9u98FMAV3erYwFxafQyW9CuP1Xr32sy9bSFJ%2FoZfxVj7mfG3O9j0GZ9CiwQjIPYpxde8N11FX1irUOscDlFa69C"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9399&sent=48&recv=24&lost=0&retrans=0&sent_bytes=45851&recv_bytes=6931&delivery_rate=1891053&cwnd=24000&unsent_bytes=0&cid=bcf706fee79e4a98&ts=1183&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:38 GMT
content-type
image/jpeg
last-modified
Sun, 04 Aug 2024 10:19:40 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dd2abbfab17dc9e-FRA
accept-ranges
bytes
content-length
233815
server
cloudflare
layer.css
gov.qw5s.work/js/layer/skin/default/
14 KB
3 KB
Stylesheet
General
Full URL
https://gov.qw5s.work/js/layer/skin/default/layer.css?v=3.0.11110
Requested by
Host: gov.qw5s.work
URL: https://gov.qw5s.work/js/layer/layer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ed5d24c92f99371c49023c1f7da9597cac7f23d3c9efe7c07025bc4a5d7386

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"62c7c05a-37d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XuZ00kA2HWh9pTEIUiEm%2Fl0Spi4bnyKrUojgitDsSkE%2FY7bF9PKFxLLXIb26lYtO%2FIyZIOJEQZoHICTRUdbLkEX4p5XikZGqgyFjkS03GTUDOYYbMgM%2BXz2NVotwO1pOQn%2FS87HbW3FuA8o"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd2abc44a54dc9e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6689&sent=195&recv=73&lost=0&retrans=0&sent_bytes=217724&recv_bytes=10251&delivery_rate=4079026&cwnd=76800&unsent_bytes=0&cid=bcf706fee79e4a98&ts=1633&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:38 GMT
content-type
text/css
last-modified
Fri, 08 Jul 2022 05:27:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
btn.png
gov.qw5s.work/image/
5 KB
5 KB
Image
General
Full URL
https://gov.qw5s.work/image/btn.png
Requested by
Host: gov.qw5s.work
URL: https://gov.qw5s.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0b245f8c5268daf25fef6f9bdfab832f720bd15dbf5117dc048f8ad0722b2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

cf-cache-status
MISS
etag
"66af5610-12ec"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PFGUk0fH1%2Fd%2BgXmZ30DrOpk6KXMcxiHNPCSXrXbycz%2Bjo8yuHBmVq9FS0H131eXECdj9%2FQAnkp4hlMKoCZvv4oQgJtP%2BzdLwl48%2F0%2BZN1WpL0N6aXx1d1gr8S4AepWsejOEvZmceDqsZwH8"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6944&sent=134&recv=65&lost=0&retrans=0&sent_bytes=145081&recv_bytes=9884&delivery_rate=4768980&cwnd=40800&unsent_bytes=0&cid=bcf706fee79e4a98&ts=1499&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:38 GMT
content-type
image/png
last-modified
Sun, 04 Aug 2024 10:21:04 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dd2abc44a5cdc9e-FRA
accept-ranges
bytes
content-length
4844
server
cloudflare
favicon.ico
gov.qw5s.work/
0
669 B
Other
General
Full URL
https://gov.qw5s.work/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gov.qw5s.work/

Response headers

cf-cache-status
MISS
etag
"6254adbc-0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P7A%2FSmBvKOlrHJ1%2BdwU%2F1uQ8NomuqPTWZpYSPZ8XJjk66yDmOPdekZBpM98OJwgiPDs1D%2FGTHzfh%2FbckrETXDkxFY2XpPI7VOIMVXjb%2BHiyhoiA6UOkk8IP5G3%2FqmghctYeNpMaW1b73DWgZ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6663&sent=262&recv=82&lost=0&retrans=0&sent_bytes=294954&recv_bytes=11247&delivery_rate=11688881&cwnd=76800&unsent_bytes=0&cid=bcf706fee79e4a98&ts=2047&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 04 Nov 2024 06:50:38 GMT
content-type
image/x-icon
last-modified
Mon, 11 Apr 2022 22:37:48 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dd2abc7bf6edc9e-FRA
accept-ranges
bytes
content-length
0
server
cloudflare

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| layer function| down

1 Cookies

Domain/Path Name / Value
gov.qw5s.work/ Name: laravel_session
Value: eyJpdiI6IlF5NUtKOXdBZjA1bWh5MEZTMHRiUkE9PSIsInZhbHVlIjoiaTFSOWN3T2tZWUxSL3lQYkoxaktaeHFtb1FpU1h6dUxtd2tJYjdkMjNBMjViT3hUcTJ3amNYZDZqS2lOY2lUYVkrNy9QbFVnSGVYNW1aeFRhV1NHRVY0ekxSSy8zNTh1bWwyWlpvb0NvazljSkRReTNWeDUyQXB6V1pMVkpKWTQiLCJtYWMiOiI4ZmQ5ZGQ5MWU1NGQ3YzJkZGQxNTY5MzRlOTBiNTQ0MWYwOTI4MDIyOWRiZmVlZDI3NGIwYzU4NmIzNTdmNWU5IiwidGFnIjoiIn0%3D

3 Console Messages

Source Level URL
Text
security warning URL: https://gov.qw5s.work/
Message:
Mixed Content: The page at 'https://gov.qw5s.work/' was loaded over HTTPS, but requested an insecure element 'http://gov.qw5s.work/image/de2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gov.qw5s.work/(Line 39)
Message:
Mixed Content: The page at 'https://gov.qw5s.work/' was loaded over HTTPS, but requested an insecure element 'http://gov.qw5s.work/image/de2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gov.qw5s.work/(Line 40)
Message:
Mixed Content: The page at 'https://gov.qw5s.work/' was loaded over HTTPS, but requested an insecure element 'http://gov.qw5s.work/image/btn.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html