qdfpapi.91tbicloud.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 60.205.174.62, located in Beijing, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is qdfpapi.91tbicloud.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 6th 2023. Valid for: a year.

This is the only time qdfpapi.91tbicloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	60.205.174.62 60.205.174.62	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	203.119.144.7 203.119.144.7	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
3	2

1 60.205.174.62 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

qdfpapi.91tbicloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.119.144.7 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

errors.aliyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	aliyun.com errors.aliyun.com	10 KB
1	91tbicloud.com qdfpapi.91tbicloud.com	4 KB
3	2

	Domain	Requested by
2	errors.aliyun.com	qdfpapi.91tbicloud.com
1	qdfpapi.91tbicloud.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
*.91tbicloud.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-06` - `2024-01-06`	a year	crt.sh
*.aliyun.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-11-17` - `2023-12-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qdfpapi.91tbicloud.com/
Frame ID: C81E167481390CBEDEC695554A09DCE8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

405

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

14 kB
Transfer

13 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 405
Not Allowed Primary Request / Show response
qdfpapi.91tbicloud.com/ 3 KB
4 KB 1980ms
642ms Document
text/html 60.205.174.62
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://qdfpapi.91tbicloud.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 60.205.174.62 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 3c146b6abb6f6d6c5c9c0d91411c665642b7b8cced127553cf6fa74479e9d24c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Nov 2023 13:55:04 GMT
Pragma: no-cache
Server: Tengine
Transfer-Encoding: chunked
cache-control: no-cache, no-store

GET
H2 200 TB15QGaHpXXXXXOaXXXXia39XXX-660-117.png
errors.aliyun.com/images/ 6 KB
6 KB 1844ms
1034ms Image
image/png 203.119.144.7
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://errors.aliyun.com/images/TB15QGaHpXXXXXOaXXXXia39XXX-660-117.png

Requested by

Host: qdfpapi.91tbicloud.com
URL: https://qdfpapi.91tbicloud.com/

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

203.119.144.7 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

9605a383d170b3b4b85ebc1e0f608d1a1bd8e6a76e1c3eacb55086206c4d6137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qdfpapi.91tbicloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:55:06 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Jul 2022 11:38:05 GMT
server: Tengine/Aserver
etag: "62de809d-175d"
content-type: image/png
accept-ranges: bytes
timing-allow-origin: *
content-length: 5981
eagleeye-traceid: 213e1f8517009205068288870ef52a

GET
H2 200 TB1TpamHpXXXXaJXXXXeB7nYVXX-104-162.png
errors.aliyun.com/images/ 4 KB
4 KB 1780ms
990ms Image
image/png 203.119.144.7
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://errors.aliyun.com/images/TB1TpamHpXXXXaJXXXXeB7nYVXX-104-162.png

Requested by

Host: qdfpapi.91tbicloud.com
URL: https://qdfpapi.91tbicloud.com/

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

203.119.144.7 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

08df2f443c6de78a6e519b126255112eae1ad02e09d81445eaa2b9c4d7a1450d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qdfpapi.91tbicloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:55:06 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Jul 2022 11:38:05 GMT
server: Tengine/Aserver
etag: "62de809d-102c"
content-type: image/png
accept-ranges: bytes
timing-allow-origin: *
content-length: 4140
eagleeye-traceid: 213e1f8517009205068288871ef52a

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| show

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qdfpapi.91tbicloud.com/	1970-01-20 16:28:42	Name: acw_tc Value: 2760821617009205048932442e743f8a62d45a441902a95ea32cd79453ea53

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://qdfpapi.91tbicloud.com/ Message: Failed to load resource: the server responded with a status of 405 (Not Allowed)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

errors.aliyun.com
qdfpapi.91tbicloud.com
203.119.144.7
60.205.174.62
08df2f443c6de78a6e519b126255112eae1ad02e09d81445eaa2b9c4d7a1450d
3c146b6abb6f6d6c5c9c0d91411c665642b7b8cced127553cf6fa74479e9d24c
9605a383d170b3b4b85ebc1e0f608d1a1bd8e6a76e1c3eacb55086206c4d6137

qdfpapi.91tbicloud.com Open in urlscan Pro 60.205.174.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

14 kBTransfer

13 kBSize

1 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

qdfpapi.91tbicloud.com Open in urlscan Pro
60.205.174.62 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

14 kB
Transfer

13 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions