64ny.biz
Open in
urlscan Pro
23.224.191.162
Public Scan
Submitted URL: http://64ny.biz/
Effective URL: http://64ny.biz/1.html?channelCode=xc299
Submission: On July 25 via api from DE — Scanned from DE
Effective URL: http://64ny.biz/1.html?channelCode=xc299
Submission: On July 25 via api from DE — Scanned from DE
Summary
This website contacted 8 IPs
in 4 countries
across 8 domains to perform 16 HTTP transactions.
The main IP is 23.224.191.162, located in
United States and
belongs to CNSERVERS, US.
The main domain is 64ny.biz.
This is the only time 64ny.biz was scanned on urlscan.io!
This is the only time 64ny.biz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Size: 49 MB (51569099 bytes, 29% done)
Downloaded from: https://vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com/20220725/99628.apk?OSSAccessKeyId=LTAI5t8gN9LWmFHFN8n9uVDZ&Expires=1658714721&Signature=3rohB%2BowXtYDSldrwjm%2FSgeW7xc%3D
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 9 | 23.224.191.162 23.224.191.162 | 40065 (CNSERVERS) (CNSERVERS) | |
| 1 | 154.82.120.253 154.82.120.253 | 399077 (TERAEXCH) (TERAEXCH) | |
| 1 | 110.173.54.250 110.173.54.250 | 45753 (NETSEC-HK...) (NETSEC-HK Netsec Limited) | |
| 1 | 52.58.78.16 52.58.78.16 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 163.171.128.148 163.171.128.148 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
| 1 2 | 156.248.74.214 156.248.74.214 | 399077 (TERAEXCH) (TERAEXCH) | |
| 1 1 | 47.57.15.237 47.57.15.237 | () () | |
| 1 | 120.77.166.26 120.77.166.26 | () () | |
| 16 | 8 |
1
52.58.78.16
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-78-16.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-78-16.eu-central-1.compute.amazonaws.com
| my.docer.org |
2
156.248.74.214
(Singapore, Singapore)
ASN399077 (TERAEXCH, US)
ASN399077 (TERAEXCH, US)
| newjs.xctianyuan.com | |
| app-h4ts8i.xctianyuan.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
64ny.biz
64ny.biz |
2 MB |
| 2 |
xctianyuan.com
1 redirects
newjs.xctianyuan.com — Cisco Umbrella Rank: 955970 app-h4ts8i.xctianyuan.com |
425 B |
| 1 |
aliyuncs.com
vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com |
|
| 1 |
app77h66.cn
1 redirects
c718.app77h66.cn |
414 B |
| 1 |
20under20ivy.com
newjs.20under20ivy.com — Cisco Umbrella Rank: 642134 |
1 KB |
| 1 |
htdkb99.com
htdkb99.com |
336 B |
| 1 |
hbszygd.com
newjs.hbszygd.com |
20 KB |
| 1 |
docer.org
my.docer.org Failed |
|
| 16 | 8 |
| Domain | Requested by | |
|---|---|---|
| 9 | 64ny.biz |
64ny.biz
|
| 1 | vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com |
newjs.hbszygd.com
|
| 1 | c718.app77h66.cn | 1 redirects |
| 1 | app-h4ts8i.xctianyuan.com | 1 redirects |
| 1 | newjs.xctianyuan.com |
newjs.hbszygd.com
|
| 1 | newjs.20under20ivy.com |
newjs.hbszygd.com
|
| 1 | htdkb99.com |
64ny.biz
|
| 1 | newjs.hbszygd.com |
64ny.biz
|
| 1 | my.docer.org |
64ny.biz
|
| 16 | 9 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| newjs.hbszygd.com TrustAsia TLS RSA CA |
2021-11-03 - 2022-11-02 |
a year | crt.sh |
| htdkb99.com Root CA - G3 |
2022-03-02 - 2023-03-02 |
a year | crt.sh |
| dan.com R3 |
2022-06-17 - 2022-09-15 |
3 months | crt.sh |
| *.20under20ivy.com Sectigo RSA Domain Validation Secure Server CA |
2021-12-31 - 2022-12-31 |
a year | crt.sh |
| *.xctianyuan.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-14 - 2023-06-14 |
a year | crt.sh |
| *.oss-cn-shenzhen.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-01-20 - 2023-02-21 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com/20220725/99628.apk?OSSAccessKeyId=LTAI5t8gN9LWmFHFN8n9uVDZ&Expires=1658714721&Signature=3rohB%2BowXtYDSldrwjm%2FSgeW7xc%3D
Frame ID: 02A50059B260E31AF9F62F29E0093C76
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
欢迎下载Page URL History Show full URLs
- http://64ny.biz/ Page URL
- http://64ny.biz/1.html?channelCode=xc299 Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://64ny.biz/ Page URL
- http://64ny.biz/1.html?channelCode=xc299 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://app-h4ts8i.xctianyuan.com/page/h4ts8i/install/c/eyJjIjoieGMyOTkiLCJtIjoiRGN4T2pLX2dFQllBQUFHQ014Vms5LWFOUWVwaFQ5SHdLTHgyQ3oyY3otX3IwVEJqZFBsLTF3UnJTeU0ifQ== HTTP 302
- https://c718.app77h66.cn/ApkDLD/dld/appcode/8dgBks9dh51RLCS2 HTTP 302
- https://vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com/20220725/99628.apk?OSSAccessKeyId=LTAI5t8gN9LWmFHFN8n9uVDZ&Expires=1658714721&Signature=3rohB%2BowXtYDSldrwjm%2FSgeW7xc%3D
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
64ny.biz/ |
503 B 600 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jquery.min.js
my.docer.org/static/utils/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
1.html
64ny.biz/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
64ny.biz/css/ |
1 KB 882 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.css
64ny.biz/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ainfiniteactivity.js
newjs.hbszygd.com/web/ |
43 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chatboxcode.aspx
htdkb99.com/js/ |
41 B 336 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
64ny.biz/picture/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dt1.js
64ny.biz/picture/ |
2 MB 2 MB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
play.png
64ny.biz/picture/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img2.png
64ny.biz/picture/ |
254 KB 254 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
64ny.biz/js/ |
94 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
my.docer.org/static/utils/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
init
newjs.20under20ivy.com/web/h4ts8i/xc299/ |
461 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
clicked
newjs.xctianyuan.com/web/h4ts8i/xc299/ |
0 309 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
99628.apk
vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com/20220725/ Redirect Chain
|
0 0 |
Document
application/vnd.android.package-archive |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- my.docer.org
- URL
- https://my.docer.org/static/utils/jquery.min.js
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| Ainfiniteactivity string| ERRORCODE function| $ function| jQuery object| data0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
64ny.biz
app-h4ts8i.xctianyuan.com
c718.app77h66.cn
htdkb99.com
my.docer.org
newjs.20under20ivy.com
newjs.hbszygd.com
newjs.xctianyuan.com
vramrqyd20220725.oss-cn-shenzhen.aliyuncs.com
my.docer.org
110.173.54.250
120.77.166.26
154.82.120.253
156.248.74.214
163.171.128.148
23.224.191.162
47.57.15.237
52.58.78.16
2dc6abc2f9f2f1764eb81a2ce318b8685fc869c70a7a4028833ab734d5d06b84
3cb2ce88a1a0629505280ce1eebb6010d2221283e0337232c3b40e2eb8717f16
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
8e8564dbc82fc273dd11b080b99148ec2b486a7cec40d7c36eee95765ede6341
959e3824decb9302addce14cdb4ad17d8c1a46047b63a23a2508db7f94f4bf5e
969d33fbf5c55bb79c4de377cf3c187bb9294358a5a7cebc05d56c92252f8366
bead7c7c2fd03a8c31556e878bd489e1f704df7987ebf67dc9cb8c1bb549ca3d
c3cb095a2d2bf0087d6dc16d9cee072b6e16adba9ea5ca308f538931e3e1afd8
ccc2318ebb8c10d1eab45b33398362cc4e363b8629a96289b93e0cb360071433
de161fdfee5e953ce77ac6fa5fe675bb291ebe3412e8d70dca347f57dc15d51e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f37ef7794e2ad8325d93fd4582fa752831fa0f8dfd6cfeca35eb82cafd2a0aa1