urlscan.io logo urlscan.io
SecurityTrails logo

a.wlturl.cn Open in urlscan Pro
45.248.8.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://0a5.icu/
Effective URL: https://a.wlturl.cn/nMXaw9
Submission: On October 10 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 45.248.8.132, located in China and belongs to CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN. The main domain is a.wlturl.cn.
TLS certificate: Issued by R11 on August 27th 2024. Valid for: 3 months.
This is the only time a.wlturl.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 188.114.96.3 13335 (CLOUDFLAR...)
1 45.248.8.132 137697 (CHINATELE...)
1 240e:f7:c000:... 134771 (CHINATELE...)
2 180.163.146.103 4812 (CHINANET-...)
8 5
Apex Domain
Subdomains		 Transfer
3 0a5.icu
0a5.icu
2 KB
2 wailiantu.com
img.wailiantu.com
api.wailiantu.com Failed
55 KB
1 bytecdntp.com
lf9-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 216533
85 KB
1 wlturl.cn
a.wlturl.cn
15 KB
8 4
Domain Requested by
3 0a5.icu 1 redirects
2 img.wailiantu.com a.wlturl.cn
1 lf9-cdn-tos.bytecdntp.com a.wlturl.cn
1 a.wlturl.cn 0a5.icu
0 api.wailiantu.com Failed a.wlturl.cn
8 5

This site contains no links.

Subject Issuer Validity Valid
0a5.icu
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
a.wlturl.cn
R11		 2024-08-27 -
2024-11-25		 3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1		 2024-05-22 -
2025-05-22		 a year crt.sh
img.wailiantu.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-24 -
2025-07-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://a.wlturl.cn/nMXaw9
Frame ID: 2584001B9215503A1F45F90794201711
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

联系我们

Page URL History Show full URLs

  1. https://0a5.icu/ Page URL
  2. http://0a5.icu/url.php?id=3235449 HTTP 307
    https://0a5.icu/url.php?id=3235449 HTTP 302
    https://a.wlturl.cn/nMXaw9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

75 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

157 kB
Transfer

402 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://0a5.icu/ Page URL
  2. http://0a5.icu/url.php?id=3235449 HTTP 307
    https://0a5.icu/url.php?id=3235449 HTTP 302
    https://a.wlturl.cn/nMXaw9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
0a5.icu/ 		748 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://0a5.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d03e8fb6bc76616-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 10 Oct 2024 04:36:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aacx3maabA%2FuJZmFrtQ%2B8YwpXaGftk8LsbQ0%2F4jL8es%2BfEx1vRTLo0TxbNu04G5ArGL%2FV3%2FDTe45GxZtcy0FuHE%2F%2BofLDOBtYWV5Lif1QvyXgoWlhd9N3Faz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
speculation
0a5.icu/cdn-cgi/ 		128 B
545 B 		Other
General
Check archive.org
Download Go to
Full URL
https://0a5.icu/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://0a5.icu
Referer
https://0a5.icu/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C99AAiVhIG0rk9ITnMukoWT%2FCI%2FU8Q5WpYw%2BPY1FWcm8XRG2dnyD%2BwTlFxUYb%2BHCaz61xv0YXvEW2xjBZTi3sYBEqwalNNZxnY1L8yGtf4OkQPY2QwyXauMd"}],"group":"cf-nel","max_age":604800}
cf-ray
8d03e8fd6d646616-AMS
access-control-allow-origin
https://0a5.icu
alt-svc
h3=":443"; ma=86400
content-length
128
date
Thu, 10 Oct 2024 04:36:33 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
Primary Request nMXaw9
a.wlturl.cn/
Redirect Chain
  • http://0a5.icu/url.php?id=3235449
  • https://0a5.icu/url.php?id=3235449
  • https://a.wlturl.cn/nMXaw9
64 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.wlturl.cn/nMXaw9
Requested by
Host: 0a5.icu
URL: https://0a5.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.248.8.132 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
196681156f9454dee0642e0e300ab79a85ae443289ef18309995b9ea906a2281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://0a5.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 10 Oct 2024 04:36:34 GMT
etag
W/"66eade2c-feba"
last-modified
Wed, 18 Sep 2024 14:05:32 GMT
server
openresty
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d03e8fd8d736616-AMS
content-type
text/html; charset=UTF-8
date
Thu, 10 Oct 2024 04:36:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://a.wlturl.cn/nMXaw9
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1y%2FbMM1rWdjVUU688Qgp3H1KamHDLEoaxp84Y3Tyvih7bC4a5Lwm76OhN%2FhDcoXR%2BwaLgzO0l78VtqvV%2FnlJwZ0vqDUMCZJNy6dHmV0z1IpdODTrTiujMHC2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-cache
MISS from kangle server us1
jquery.min.js
lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.1.1/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.1.1/jquery.min.js
Requested by
Host: a.wlturl.cn
URL: https://a.wlturl.cn/nMXaw9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:f7:c000:1400::1:1e , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://a.wlturl.cn/

Response headers

x-ser
BC162_dx-lt-yd-jiangsu-zhenjiang-6-cache-5, BC204_dx-lt-yd-jiangsu-huaian-8-cache-12, BC18_dx-zhejiang-wenzhou-26-cache-1
etag
"61f0cbc3-152b5"
expires
Tue, 15 Oct 2024 23:13:41 GMT
server-timing
cdn-cache;desc=HIT,edge;dur=17
x-cache
HIT from BC18_dx-zhejiang-wenzhou-26-cache-1(cloudsvr)
date
Thu, 10 Oct 2024 04:36:36 GMT
content-type
application/javascript
last-modified
Wed, 26 Jan 2022 04:19:15 GMT
vary
Accept-Encoding, Accept-Encoding
cache-control
max-age=2592000
timing-allow-origin
*
x-tt-trace-tag
id=09;cdn-cache=hit;type=static
accept-ranges
bytes
access-control-allow-origin
*
content-length
86709
x-tt-logid
202303210839528F6DCD3ACD0BFEAC6C38
server
nginx
x-response-cinfo
2a00:1630:2:1c03::7
x-response-cache
edge_hit
index.css
img.wailiantu.com/assets/template/plugins/diy/ 		235 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.wailiantu.com/assets/template/plugins/diy/index.css?v=2.0.8
Requested by
Host: a.wlturl.cn
URL: https://a.wlturl.cn/nMXaw9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.163.146.103 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2fe6972afc4a49eb4d4afcae7355c113a27fa56af823c4550be19f6a136097f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://a.wlturl.cn/

Response headers

x-oss-cdn-auth
success
content-md5
/w6FLZd/eD0isW5DxKiMBw==
x-oss-storage-class
Standard
content-encoding
gzip
age
1866708
x-oss-object-type
Normal
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Wed, 18 Sep 2024 14:04:51 GMT
x-oss-server-time
3
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Wed, 18 Sep 2024 13:56:47 GMT
x-swift-cachetime
938767
timing-allow-origin
*
x-oss-hash-crc64ecma
576344743256306410
via
cache54.l2cn3137[0,0,200-0,H], cache31.l2cn3137[1,0], kunlun10.cn7174[0,0,200-0,H], kunlun6.cn7174[1,0]
ali-swift-global-savetime
1726668291
x-swift-savetime
Mon, 07 Oct 2024 17:18:44 GMT
eagleid
b4a3921a17285349992774253e
content-length
36958
x-oss-request-id
66EADE03283636303954EAB3
server
Tengine
get_scheme
api.wailiantu.com/api/link/ 		0
0
get_scheme
api.wailiantu.com/api/link/ 		0
0
5f71b151c60b697e91381666a868df47.jpg
img.wailiantu.com/uploads/20230811/ 		18 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.wailiantu.com/uploads/20230811/5f71b151c60b697e91381666a868df47.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.163.146.103 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0d1152100bc6130d740782109da7f22400c8eb6d55a21967a2ebcd82abdc15af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://a.wlturl.cn/

Response headers

x-oss-cdn-auth
success
content-md5
P5TNgpBNGWtYdO5TBHxtGg==
x-ali-tproxy-consistent-hash-hot
1
x-oss-storage-class
Standard
etag
"3F94CD82904D196B5874EE53047C6D1A"
age
1862374
x-oss-object-type
Normal
expires
Sat, 30 Mar 2024 16:04:24 GMT
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Wed, 18 Sep 2024 15:17:05 GMT
x-oss-server-time
0
content-type
image/jpeg
vary
Origin
last-modified
Sat, 16 Mar 2024 09:42:11 GMT
cache-control
max-age=2592000
x-swift-cachetime
910263
timing-allow-origin
*
x-oss-hash-crc64ecma
7857776518221911767
via
cache78.l2cn3147[0,0,304-0,H], cache78.l2cn3147[0,0], cache78.l2cn3147[1,0], cache78.l2cn3147[0,0,200-0,H], cache39.l2cn3147[0,0], kunlun8.cn7174[0,0,200-0,H], kunlun6.cn7174[1,0]
ali-swift-global-savetime
1726672625
x-swift-savetime
Tue, 08 Oct 2024 02:26:02 GMT
accept-ranges
bytes
eagleid
b4a3921a17285349995145417e
content-length
18150
x-oss-request-id
66EAEEF12836363139897BC5
server
Tengine

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.wailiantu.com
URL
https://api.wailiantu.com/api/link/get_scheme?code=nMXaw9
Domain
api.wailiantu.com
URL
https://api.wailiantu.com/api/link/get_scheme?code=nMXaw9

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _0x304278 string| wx_icon string| qq_icon string| mini_icon string| link_icon string| qrhtml string| gohtml string| erhtml function| setCookie function| getCookie function| remCookie function| httpRequest function| getisweixing function| _0x53ae function| getisphone function| getisbaidu function| getQueryStringArgs function| get_query_param function| get_code string| pageview number| exdays_h string| phone_info_name number| timer function| copylink function| isIOS function| isDY function| gtouchstart function| gtouchend function| gtouchmove function| _0x43dd function| longPress function| jump_link function| dialogReady function| loadScript function| strDecode string| code

2 Cookies

Domain/Path Name / Value
0a5.icu/ Name: PHPSESSID
Value: j4rt7ji4h2lpk2g79ba3o3pt9i
0a5.icu/ Name: visited_3235449
Value: yes