urlscan.io logo urlscan.io
SecurityTrails logo

image.cls.cn Open in urlscan Pro
163.181.82.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.cn/A6paHIcS
Effective URL: https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA
Submission: On June 16 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 163.181.82.214, located in Singapore and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is image.cls.cn.
TLS certificate: Issued by GeoTrust CN RSA CA G1 on October 8th 2022. Valid for: a year.
This is the only time image.cls.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 39.105.18.168 37963 (ALIBABA-C...)
1 163.181.82.214 24429 (TAOBAO Zh...)
2 2
Apex Domain
Subdomains		 Transfer
1 cls.cn
image.cls.cn
3 KB
1 t.cn
t.cn — Cisco Umbrella Rank: 490121
259 B
0 5865865.xyz Failed
a.5865865.xyz Failed
2 3
Domain Requested by
1 image.cls.cn
1 t.cn 1 redirects
0 a.5865865.xyz Failed image.cls.cn
2 3

This site contains no links.

Subject Issuer Validity Valid
*.cls.cn
GeoTrust CN RSA CA G1		 2022-10-08 -
2023-11-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA
Frame ID: 6FEB49B4C846257ACEB3D02D790A4BDB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.cn/A6paHIcS HTTP 302
    https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

3 kB
Transfer

2 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.cn/A6paHIcS HTTP 302
    https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cailianpress1145187126.svg
image.cls.cn/cailianpress/avatar/20230513/
Redirect Chain
  • http://t.cn/A6paHIcS
  • https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.82.214 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5bd86810f583198c3d065bc33cd7a654c8e8e5afc2d3130e0d26fea14147930a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
766
ali-swift-global-savetime
1686891619
content-length
2546
content-md5
W7+3e8hggbRKlXV7XlnCcw==
content-type
image/svg+xml
date
Fri, 16 Jun 2023 05:00:19 GMT
eagleid
a3b5529816868923855735086e
etag
"5BBFB77BC86081B44A95757B5E59C273"
last-modified
Sat, 13 May 2023 15:45:18 GMT
server
Tengine
timing-allow-origin
*
via
cache16.l2hk3[2276,2276,304-0,M], cache14.l2hk3[2277,0], ens-cache2.sg13[0,0,200-0,H], ens-cache4.sg13[3,0]
x-cache
HIT TCP_MEM_HIT dirn:13:245292303
x-oss-cdn-auth
success
x-oss-hash-crc64ecma
6369564776184157703
x-oss-object-type
Normal
x-oss-request-id
648BEC636EA3F73536CA0746
x-oss-server-time
5
x-oss-storage-class
Standard
x-swift-cachetime
3600
x-swift-savetime
Fri, 16 Jun 2023 05:00:19 GMT

Redirect headers

Connection
keep-alive
Content-Length
276
Content-Type
text/html;charset=UTF-8
Date
Fri, 16 Jun 2023 05:13:05 GMT
Location
https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA#ynhemt1t
Server
nginx
api.php
a.5865865.xyz/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.5865865.xyz
URL
https://a.5865865.xyz/api.php?act=geturl9&s=oynbtp&id=oZAfA

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onscrollend boolean| credentialless object| onbeforetoggle string| _0xodM object| _0xodM_ object| _0x4dd4 function| _0x53e1 function| getParameterByName string| id string| s string| apiUrl function| processData

0 Cookies

2 Console Messages

Source Level URL
Text
javascript error URL: https://image.cls.cn/cailianpress/avatar/20230513/cailianpress1145187126.svg?id=oZAfA#ynhemt1t
Message:
Access to fetch at 'https://a.5865865.xyz/api.php?act=geturl9&s=oynbtp&id=oZAfA' from origin 'https://image.cls.cn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://a.5865865.xyz/api.php?act=geturl9&s=oynbtp&id=oZAfA
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.5865865.xyz
image.cls.cn
t.cn
a.5865865.xyz
163.181.82.214
39.105.18.168
5bd86810f583198c3d065bc33cd7a654c8e8e5afc2d3130e0d26fea14147930a