www.ax9h.com Open in urlscan Pro
150.109.71.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a99a3.com/
Effective URL:
https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant
Submission: On May 26 via api (May 26th 2020, 10:26:16 pm UTC) from RO

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 150.109.71.50, located in Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.ax9h.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on May 12th 2020. Valid for: a year.

This is the only time www.ax9h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.99.61.38 103.99.61.38	136950 (HIITL-AS-...) (HIITL-AS-AP Hong Kong FireLine Network LTD)
9	150.109.71.50 150.109.71.50	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	47.246.43.209 47.246.43.209	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
10	2

2 103.99.61.38 (China) 2 redirects

ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK)

a99a3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 150.109.71.50 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.ax9h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.209 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.whdytzyyy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ax9h.com www.ax9h.com	167 KB
2	a99a3.com 2 redirects a99a3.com	519 B
1	whdytzyyy.com www.whdytzyyy.com	791 KB
10	3

	Domain	Requested by
9	www.ax9h.com	www.ax9h.com
2	a99a3.com	2 redirects
1	www.whdytzyyy.com
10	3

This site contains no links.

Subject Issuer	Validity	Valid
www.ax9h.com TrustAsia TLS RSA CA	`2020-05-12` - `2021-05-13`	a year	crt.sh
www.whdytzyyy.com Encryption Everywhere DV TLS CA - G1	`2019-09-06` - `2020-09-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant
Frame ID: 69D76B5A68BE8C7F24484FB83F78446B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://a99a3.com/ HTTP 301
https://a99a3.com/ HTTP 302
https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

958 kB
Transfer

954 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a99a3.com/ HTTP 301
https://a99a3.com/ HTTP 302
https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 800007.html Show response www.ax9h.com/download/landpage/ Redirect Chain http://a99a3.com/ https://a99a3.com/ https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant	2 KB 3 KB	729ms 242ms	Document text/html	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `b0994b8eaaf8c9094c0b80fdbc2365cd60a7d92a202bf4249dfd1a57d7207e79` Request headers Host www.ax9h.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.16.1 Date Tue, 26 May 2020 22:25:56 GMT Content-Type text/html Content-Length 2362 Last-Modified Tue, 26 May 2020 10:40:08 GMT Connection keep-alive ETag "5eccf208-93a" Accept-Ranges bytes Redirect headers status 302 date Tue, 26 May 2020 22:25:55 GMT content-type text/html content-length 181 location https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant set-cookie waf_cookie=86937b19-b4f6-44df89e5ab9d31b118ea6fbd24a8b87e5778; Expires=1590539155; Path=/; HttpOnly ASPSESSIONIDSAADQSQT=KEEJGLMCJABDPOIBDPLPBABL; path=/ cache-control private x-request-id 4cdb3fcef8ac5de6751732f3993ed80f server WAF
GET H/1.1	200 OK	pub_reset.css www.ax9h.com/download/landpage/css/	2 KB 2 KB	243ms 242ms	Stylesheet text/css	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/css/pub_reset.css Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `64bda638f7bfd72e571c22f873317af5aec9de75a40b25ee64425dbd0854d9a4` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:56 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-721" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1825
GET H/1.1	200 OK	base.css www.ax9h.com/download/landpage/css/	342 B 579 B	486ms 242ms	Stylesheet text/css	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/css/base.css Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `51fb654f4089600e6f43e512350f5dd11b3bd47d97b7c2cba6f66480c10bbe28` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-156" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 342
GET H/1.1	200 OK	fuceng.css www.ax9h.com/download/landpage/css/	2 KB 2 KB	714ms 237ms	Stylesheet text/css	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/css/fuceng.css Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `46a53828c9df1410ebb2ad7911082dddda77d572766ff8fd3a2bd43ae36f6fc7` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-755" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1877
GET H/1.1	200 OK	jquery.js Show response www.ax9h.com/download/landpage/js/	85 KB 85 KB	934ms 453ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/jquery.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `e458458aa3f950bc20febe2724348f4d942c38f6265b72b29c60221c322c5f71` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-1539b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 86939
GET H/1.1	200 OK	pub_rem.js Show response www.ax9h.com/download/landpage/js/	2 KB 2 KB	728ms 242ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/pub_rem.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `8c43bb30d7c4bc73238b143559fd4d3efd85d1999f0bd789fc58e53ed1e657a0` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Tue, 26 May 2020 03:57:30 GMT Server nginx/1.16.1 ETag "5ecc93aa-8e4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2276
GET H/1.1	200 OK	install.js Show response www.ax9h.com/download/landpage/js/	2 KB 2 KB	731ms 243ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/install.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `fa61328055eee8423cf5ac8982f096ddd8cbc5295b03af03fb95d487d6f0cb50` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Wed, 20 May 2020 07:02:32 GMT Server nginx/1.16.1 ETag "5ec4d608-84a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2122
GET H/1.1	200 OK	device.js Show response www.ax9h.com/download/landpage/js/	6 KB 6 KB	754ms 252ms	Script application/javascript	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.ax9h.com/download/landpage/js/device.js Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `fc09da6430b0eb592285f12a171f0deaf972bbcf3f1559ae34a912738fd39997` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-181c" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6172
GET H/1.1	200 OK	180.png www.ax9h.com/download/landpage/icon/	63 KB 63 KB	474ms 473ms	Image image/png	150.109.71.50 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ax9h.com/download/landpage/icon/180.png Requested by Host: www.ax9h.com URL: https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.71.50 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `d757991011fecbed7891df5cf21024c3c8282ff2c91f8821739281c3fce7fcac` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 22:25:57 GMT Last-Modified Tue, 12 May 2020 02:03:28 GMT Server nginx/1.16.1 ETag "5eba03f0-fbfc" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 64508
GET H2	200	05.jpg www.whdytzyyy.com/download/imgs/	790 KB 791 KB	172ms 72ms	Image image/jpeg	47.246.43.209 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.whdytzyyy.com/download/imgs/05.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.209 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `94b76e2ae67cc0ac62f4ccc756dd98976e6fc67d0be9e2152535f95f5927e034` Request headers Referer https://www.ax9h.com/download/landpage/800007.html?referee=800007&type=merchant User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 May 2020 08:39:12 GMT via cache2.l2de2[0,200-0,H], cache3.l2de2[14,0], cache5.de2[0,200-0,H], cache5.de2[1,0] x-oss-request-id 5ECCD5B03989B53734F1943D content-md5 OfabVUSEZhpQ1t8i72T7Pg== age 49606 x-cache HIT TCP_MEM_HIT dirn:10:197510208 status 200 x-oss-cdn-auth success x-swift-cachetime 43200 x-swift-savetime Tue, 26 May 2020 12:41:35 GMT content-length 808450 x-oss-object-type Normal last-modified Tue, 26 May 2020 03:54:10 GMT server Tengine etag "39F69B554484661A50D6DF22EF64FB3E" ali-swift-global-savetime 1590482352 content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 4265926051018001993 eagleid 2ff62b9915905319582634754e x-oss-server-time 1

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.ax9h.com/download/landpage/js/pub_rem.js(Line 46) Message: 1600
console-api	log	URL: https://www.ax9h.com/download/landpage/js/pub_rem.js(Line 46) Message: 1600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a99a3.com
www.ax9h.com
www.whdytzyyy.com
103.99.61.38
150.109.71.50
47.246.43.209
46a53828c9df1410ebb2ad7911082dddda77d572766ff8fd3a2bd43ae36f6fc7
51fb654f4089600e6f43e512350f5dd11b3bd47d97b7c2cba6f66480c10bbe28
64bda638f7bfd72e571c22f873317af5aec9de75a40b25ee64425dbd0854d9a4
8c43bb30d7c4bc73238b143559fd4d3efd85d1999f0bd789fc58e53ed1e657a0
94b76e2ae67cc0ac62f4ccc756dd98976e6fc67d0be9e2152535f95f5927e034
b0994b8eaaf8c9094c0b80fdbc2365cd60a7d92a202bf4249dfd1a57d7207e79
d757991011fecbed7891df5cf21024c3c8282ff2c91f8821739281c3fce7fcac
e458458aa3f950bc20febe2724348f4d942c38f6265b72b29c60221c322c5f71
fa61328055eee8423cf5ac8982f096ddd8cbc5295b03af03fb95d487d6f0cb50
fc09da6430b0eb592285f12a171f0deaf972bbcf3f1559ae34a912738fd39997

www.ax9h.com Open in urlscan Pro 150.109.71.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

958 kBTransfer

954 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.ax9h.com Open in urlscan Pro
150.109.71.50 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

958 kB
Transfer

954 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions