urlscan.io logo urlscan.io
SecurityTrails logo

qragateway.95516.com Open in urlscan Pro
45.116.81.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u.391fk.cn/pay/wxjspay/2024041220193695251/
Effective URL: https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 7 HTTP transactions. The main IP is 45.116.81.58, located in Hong Kong and belongs to ML-1432-54994, CA. The main domain is qragateway.95516.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 19th 2024. Valid for: a year.
This is the only time qragateway.95516.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2408:8719:64:... 4837 (CHINA169-...)
1 1 138.113.219.42 54994 (ML-1432-5...)
1 7 45.116.81.58 54994 (ML-1432-5...)
7 2
Apex Domain
Subdomains		 Transfer
8 95516.com
qr.95516.com — Cisco Umbrella Rank: 408176
qra.95516.com
qragateway.95516.com
21 KB
1 391fk.cn
u.391fk.cn
494 B
7 2
Domain Requested by
6 qragateway.95516.com u.391fk.cn
qragateway.95516.com
1 qra.95516.com 1 redirects
1 qr.95516.com 1 redirects
1 u.391fk.cn
7 4

This site contains no links.

Subject Issuer Validity Valid
u.391fk.cn
Cloudflare Inc ECC CA-3		 2024-01-29 -
2024-12-31		 a year crt.sh
*.95516.com
GlobalSign RSA OV SSL CA 2018		 2024-02-19 -
2025-03-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Frame ID: 1FA1A1A3994BDF99B4A4B14FD1679AB9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

中国银联

Page URL History Show full URLs

  1. https://u.391fk.cn/pay/wxjspay/2024041220193695251/ Page URL
  2. https://qr.95516.com/00010048/unifiedNative?token=18e00c6c6e3d4c5ca36a331238a17373&target=qfs&uni... HTTP 302
    https://qra.95516.com/qrcode/unionpay?qrCode=https%3A%2F%2Fqr.95516.com%2F00010048%2FunifiedNative... HTTP 302
    https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zepto.*\.js

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

2
IPs

3
Countries

21 kB
Transfer

42 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u.391fk.cn/pay/wxjspay/2024041220193695251/ Page URL
  2. https://qr.95516.com/00010048/unifiedNative?token=18e00c6c6e3d4c5ca36a331238a17373&target=qfs&unit=shs1 HTTP 302
    https://qra.95516.com/qrcode/unionpay?qrCode=https%3A%2F%2Fqr.95516.com%2F00010048%2FunifiedNative%3Ftoken%3D18e00c6c6e3d4c5ca36a331238a17373%26target%3Dqfs%26unit%3Dshs1 HTTP 302
    https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
u.391fk.cn/pay/wxjspay/2024041220193695251/ 		148 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.391fk.cn/pay/wxjspay/2024041220193695251/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2408:8719:64:50:38d5:e25d:9e3a:fffe , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
JDCloudStarshield /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
8733fa29bbc638a7-TNA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 14:41:26 GMT
server
JDCloudStarshield
strict-transport-security
max-age=31536000
vary
Accept-Encoding
Primary Request payorder-18e00c6c6e3d4c5ca36a331238a17373
qragateway.95516.com/shs1/spay/
Redirect Chain
  • https://qr.95516.com/00010048/unifiedNative?token=18e00c6c6e3d4c5ca36a331238a17373&target=qfs&unit=shs1
  • https://qra.95516.com/qrcode/unionpay?qrCode=https%3A%2F%2Fqr.95516.com%2F00010048%2FunifiedNative%3Ftoken%3D18e00c6c6e3d4c5ca36a331238a17373%26target%3Dqfs%26unit%3Dshs1
  • https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Requested by
Host: u.391fk.cn
URL: https://u.391fk.cn/pay/wxjspay/2024041220193695251/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.116.81.58 , Hong Kong, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
2d83f25548914adaa002943a13f098a682286ad4314d1c573ba8767fbaec4945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://u.391fk.cn/pay/wxjspay/2024041220193695251/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Fri, 12 Apr 2024 14:41:30 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
X-Via
1.1 PS-000-01FR9171:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id
6619481a_dianxun172_9459-36436

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 12 Apr 2024 14:41:28 GMT
Location
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Server
nginx
X-Via
1.1 PS-000-01FR9171:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id
66194818_dianxun172_9850-2923
style.css
qragateway.95516.com/shs1/resources/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qragateway.95516.com/shs1/resources/css/style.css
Requested by
Host: qragateway.95516.com
URL: https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.116.81.58 , Hong Kong, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
ea5ebe1b956c3201b96a944887c8835d004e2fe3e6967cf9facd8f2272b93ec5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 14:41:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Dec 2023 17:11:26 GMT
Server
nginx
Age
1
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-Via
1.1 PS-FOC-01gnC122:5 (Cdn Cache Server V2.0), 1.1 dianxun172:12 (Cdn Cache Server V2.0)
Cache-Control
max-age=86400, must-revalidate
X-Ws-Request-Id
6619481a_dianxun172_9459-36492
Connection
keep-alive
Expires
Sat, 13 Apr 2024 13:35:58 GMT
error.png
qragateway.95516.com/shs1/resources/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qragateway.95516.com/shs1/resources/img/error.png
Requested by
Host: qragateway.95516.com
URL: https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.116.81.58 , Hong Kong, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
e04642138d475ca3547edc814f048becb2d6d2e1043b392081f192a31b8f7007
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 14:41:30 GMT
Last-Modified
Sun, 03 Dec 2023 17:10:52 GMT
Server
nginx
Age
1
X-Frame-Options
SAMEORIGIN
X-Ws-Request-Id
6619481a_dianxun172_9459-36519
Content-Type
image/png
X-Via
1.1 PS-FOC-01gnC122:2 (Cdn Cache Server V2.0), 1.1 PS-000-01FR9171:16 (Cdn Cache Server V2.0)
Cache-Control
max-age=86400, must-revalidate
Connection
keep-alive
Content-Length
4056
Expires
Sat, 13 Apr 2024 13:38:04 GMT
zepto.min.js
qragateway.95516.com/shs1/resources/js/lib/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qragateway.95516.com/shs1/resources/js/lib/zepto.min.js
Requested by
Host: qragateway.95516.com
URL: https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.116.81.58 , Hong Kong, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
9bf938e463559edfbe46734403b115cfb78926ba0f8d36220492adbb3e190f33
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 14:41:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Dec 2023 17:11:26 GMT
Server
nginx
Age
1
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Via
1.1 PS-FOC-01h3s120:2 (Cdn Cache Server V2.0), 1.1 dianxun172:17 (Cdn Cache Server V2.0)
Cache-Control
max-age=86400, must-revalidate
X-Ws-Request-Id
6619481b_dianxun172_9459-36539
Connection
keep-alive
Expires
Sat, 13 Apr 2024 13:35:59 GMT
common.js
qragateway.95516.com/shs1/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qragateway.95516.com/shs1/resources/js/common.js
Requested by
Host: qragateway.95516.com
URL: https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.116.81.58 , Hong Kong, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
f1e0573fdcc69ac59dc8c892cd51ab2a0beb8d2e33b6487e4cfdc0f1403c96d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 14:41:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Dec 2023 17:11:24 GMT
Server
nginx
Age
1
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Via
1.1 PS-FOC-01pKD121:11 (Cdn Cache Server V2.0), 1.1 dianxun172:2 (Cdn Cache Server V2.0)
Cache-Control
max-age=86400, must-revalidate
X-Ws-Request-Id
6619481b_dianxun172_9903-19951
Connection
keep-alive
Expires
Sat, 13 Apr 2024 13:36:00 GMT
favicon.ico
qragateway.95516.com/ 		0
407 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qragateway.95516.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.116.81.58 , Hong Kong, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://qragateway.95516.com/shs1/spay/payorder-18e00c6c6e3d4c5ca36a331238a17373
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 14:41:33 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-Ws-Request-Id
6619481b_dianxun172_9903-19980
Content-Type
text/html
X-Via
1.1 PS-FOC-01pKD121:0 (Cdn Cache Server V2.0), 1.1 dianxun172:5 (Cdn Cache Server V2.0)
Cache-Control
max-age=86400, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 12 Apr 2024 14:42:33 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Zepto function| $ object| ap function| ajax string| ua function| closeWin number| _zid

1 Cookies

Domain/Path Name / Value
.391fk.cn/ Name: __cf_bm
Value: xi17fW8N24I_GuqjjlerwT6MRo48ZhhDsb1EiS_HdhU-1712932886-1.0.1.1-XsuzmTFK5wPF_41b3D1w5wdvKhTZcPYkul.EKZ9SutDwxnM8vyqPFWKNYy2FaKV6jXfMdGr8wbzk6UFobDzg.A

1 Console Messages

Source Level URL
Text
network error URL: https://qragateway.95516.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000