www.7572bak.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700:10::6816:3996, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.7572bak.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2023. Valid for: a year.

This is the only time www.7572bak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

huione-app-release.apk 24 MB application/zip

SHA256: edb9de21429cc056f4ff867698a0b71360bf8091d8a126c4b08224f4696be3f2

MIME: Zip archive data

Size: 24 MB (24738274 bytes, 100% done)

Downloaded from: https://d3gl9uugtapo2y.cloudfront.net/huione-app-release.apk?0.7432608703647026

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:10:... 2606:4700:10::6816:3996	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:c600:10:3169:a80:21	() ()
5	3

3 2606:4700:10::6816:3996 (United States)

ASN13335 (CLOUDFLARENET, US)

www.7572bak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:c600:10:3169:a80:21 (United States)

ASN- ()

d3gl9uugtapo2y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	7572bak.com www.7572bak.com	153 KB
1	cloudfront.net d3gl9uugtapo2y.cloudfront.net
0	huione.com Failed www.huione.com Failed
5	3

	Domain	Requested by
3	www.7572bak.com	www.7572bak.com
1	d3gl9uugtapo2y.cloudfront.net	www.7572bak.com
0	www.huione.com Failed	www.7572bak.com
5	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Frame: https://d3gl9uugtapo2y.cloudfront.net/huione-app-release.apk?0.7432608703647026
Frame ID: 35B19A60F3F4705EFB006279FBA8E5C1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HuionePay终端识别自动下载

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

80 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

153 kB
Transfer

206 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request app.html Show response www.7572bak.com/app/	5 KB 2 KB	459ms 366ms	Document text/html	2606:4700:10::6816:3996 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.7572bak.com/app/app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3996 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e5992dfd5e0c24a27adb076617aa565e914df7459fbb62011aa3721ab607c54` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7ddc5f0cfbd81942-FRA content-encoding gzip content-type text/html date Tue, 27 Jun 2023 08:38:00 GMT last-modified Thu, 20 Jan 2022 13:41:22 GMT server cloudflare vary Accept-Encoding
GET H2	200	jquery-3.2.1.min.js Show response www.7572bak.com/app/	85 KB 33 KB	501ms 500ms	Script application/javascript	2606:4700:10::6816:3996 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.7572bak.com/app/jquery-3.2.1.min.js Requested by Host: www.7572bak.com URL: https://www.7572bak.com/app/app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3996 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language de-DE,de;q=0.9 Referer https://www.7572bak.com/app/app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 08:38:01 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 25 Sep 2020 15:55:06 GMT server cloudflare etag W/"5f6e12da-15283" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 cf-ray 7ddc5f0f4ed11942-FRA expires Tue, 27 Jun 2023 20:38:01 GMT
GET H2	200	wx.png www.7572bak.com/app/images/	117 KB 117 KB	668ms 668ms	Image image/png	2606:4700:10::6816:3996 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.7572bak.com/app/images/wx.png Requested by Host: www.7572bak.com URL: https://www.7572bak.com/app/app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3996 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04360c8d2af37da87eb02712ff82a58c72cc23469ebbf6d39b69f973d23e4d6f` Request headers accept-language de-DE,de;q=0.9 Referer https://www.7572bak.com/app/app.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 08:38:01 GMT cf-cache-status MISS last-modified Fri, 25 Sep 2020 15:55:06 GMT server cloudflare etag "5f6e12da-1d44d" vary Accept-Encoding content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7ddc5f0f4ed31942-FRA content-length 119885 expires Thu, 27 Jul 2023 08:38:01 GMT
POST		appDownController.do www.huione.com/	0 0

GET H2	200	huione-app-release.apk d3gl9uugtapo2y.cloudfront.net/	0 0	750ms 671ms	Document binary/octet-stream	2600:9000:2250:c600:10:3169:a80:21
General Check archive.org Show headers Download Go to Full URL https://d3gl9uugtapo2y.cloudfront.net/huione-app-release.apk?0.7432608703647026 Requested by Host: www.7572bak.com URL: https://www.7572bak.com/app/app.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:c600:10:3169:a80:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://www.7572bak.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 24738274 content-type binary/octet-stream date Tue, 27 Jun 2023 08:38:03 GMT etag "ec8c59d21e78dbe7e3b061fd38ec783d-3" last-modified Mon, 21 Nov 2022 14:26:22 GMT server AmazonS3 via 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront) x-amz-cf-id _0bmknLLCDvpstue68vMQUrmKcuXtp32A7M5bAyL8q5nI4TNzY9uWA== x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.huione.com
URL: https://www.huione.com/appDownController.do?sendTo&t=1687855081381

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.7572bak.com/app/app.html Message: Access to XMLHttpRequest at 'https://www.huione.com/appDownController.do?sendTo&t=1687855081381' from origin 'https://www.7572bak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huione.com/appDownController.do?sendTo&t=1687855081381 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3gl9uugtapo2y.cloudfront.net
www.7572bak.com
www.huione.com
www.huione.com
2600:9000:2250:c600:10:3169:a80:21
2606:4700:10::6816:3996
04360c8d2af37da87eb02712ff82a58c72cc23469ebbf6d39b69f973d23e4d6f
4e5992dfd5e0c24a27adb076617aa565e914df7459fbb62011aa3721ab607c54
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

www.7572bak.com Open in urlscan Pro 2606:4700:10::6816:3996 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

80 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

153 kBTransfer

206 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.7572bak.com Open in urlscan Pro
2606:4700:10::6816:3996 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

153 kB
Transfer

206 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions