urlscan.io logo urlscan.io
SecurityTrails logo

hylcwr.com Open in urlscan Pro
119.91.94.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lbkbk.ink/Canal-lBK
Effective URL: https://hylcwr.com/js/busn.php
Submission: On February 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 119.91.94.29, located in China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is hylcwr.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on April 23rd 2021. Valid for: a year.
This is the only time hylcwr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.12 396982 (GOOGLE-PR...)
5 119.91.94.29 45090 (CNNIC-TEN...)
1 1 58.221.59.3 4134 (CHINANET-...)
1 14.215.89.35 4134 (CHINANET-...)
6 2
Apex Domain
Subdomains		 Transfer
5 hylcwr.com
hylcwr.com
1 KB
1 bcebos.com
bkimg.cdn.bcebos.com — Cisco Umbrella Rank: 34379
1 MB
1 downk.cc
pic.downk.cc
101 B
1 lbkbk.ink
lbkbk.ink
246 B
6 4
Domain Requested by
5 hylcwr.com hylcwr.com
1 bkimg.cdn.bcebos.com hylcwr.com
1 pic.downk.cc 1 redirects
1 lbkbk.ink 1 redirects
6 4

This site contains links to these domains. Also see Links.

Domain
us.hylcwr.com
Subject Issuer Validity Valid
hylcwr.com
TrustAsia TLS RSA CA		 2021-04-23 -
2022-04-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hylcwr.com/js/busn.php
Frame ID: 96573A7732862DC9956BB8F6F6465563
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Page

Page URL History Show full URLs

  1. https://lbkbk.ink/Canal-lBK HTTP 302
    https://hylcwr.com/js/busn.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1441 kB
Transfer

1440 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lbkbk.ink/Canal-lBK HTTP 302
    https://hylcwr.com/js/busn.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://pic.downk.cc/item/5f846c971cd1bbb86b1d5fe1.png HTTP 302
  • https://bkimg.cdn.bcebos.com/pic/9358d109b3de9c82d1585e4690d1970a19d8bd3ee5e3

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request busn.php
hylcwr.com/js/
Redirect Chain
  • https://lbkbk.ink/Canal-lBK
  • https://hylcwr.com/js/busn.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hylcwr.com/js/busn.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.91.94.29 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
96f4e4193ebea82e9f81ac581f8e130f21902990fd17a8f9f8bf6ab0d271d2e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 17 Feb 2022 11:38:31 GMT
content-type
text/html
vary
Accept-Encoding
etag
W/"60701483-9fb"
content-encoding
gzip

Redirect headers

cache-control
private, max-age=90
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 17 Feb 2022 11:38:29 GMT
location
https://hylcwr.com/js/busn.php
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=1209600
content-length
117
style.css
hylcwr.com/js/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hylcwr.com/js/css/style.css
Requested by
Host: hylcwr.com
URL: https://hylcwr.com/js/busn.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.91.94.29 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hylcwr.com/js/busn.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:38:31 GMT
content-encoding
gzip
server
nginx
etag
W/"60701483-9fb"
vary
Accept-Encoding
content-type
text/html
9358d109b3de9c82d1585e4690d1970a19d8bd3ee5e3
bkimg.cdn.bcebos.com/pic/
Redirect Chain
  • https://pic.downk.cc/item/5f846c971cd1bbb86b1d5fe1.png
  • https://bkimg.cdn.bcebos.com/pic/9358d109b3de9c82d1585e4690d1970a19d8bd3ee5e3
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bkimg.cdn.bcebos.com/pic/9358d109b3de9c82d1585e4690d1970a19d8bd3ee5e3
Requested by
Host: hylcwr.com
URL: https://hylcwr.com/js/busn.php
Protocol
H2
Server
14.215.89.35 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
26139d0c6cdcf3db7b61d089195ea0bddd476a9b623b53800e4c707077cba8d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ohc-file-size
1472460
date
Thu, 17 Feb 2022 11:38:34 GMT
content-md5
2XgH3Q9Mf7SIAFG9awmpjg==
age
1001561
x-bce-storage-class
STANDARD
content-length
1472460
ohc-cache-hit
chaozct79 [2], xaix190 [3]
last-modified
Sun, 07 Nov 2021 15:23:19 GMT
server
JSP3/2.0.14
etag
"d97807dd0f4c7fb4880051bd6b09a98e"
x-bce-request-id
af473379-8afd-4794-a87b-c86d37df0809
content-type
image/png
access-control-allow-origin
*
x-bce-debug-id
dk9Lkd8abalCVB5yr7KR6lXC5FqOhZmVIrbAqRd7JkQt2XmJisG3er3HqbSxRnkGHG587RWyyjt8RQMJlUFDgg==
accept-ranges
bytes
timing-allow-origin
*
x-bce-content-crc32
3511772794
expires
Sun, 30 Jan 2022 15:45:04 GMT

Redirect headers

location
https://bkimg.cdn.bcebos.com/pic/9358d109b3de9c82d1585e4690d1970a19d8bd3ee5e3
referrer-policy
no-referrer
parallax.min.js
hylcwr.com/js/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hylcwr.com/js/js/parallax.min.js
Requested by
Host: hylcwr.com
URL: https://hylcwr.com/js/busn.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.91.94.29 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hylcwr.com/js/busn.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:38:32 GMT
content-encoding
gzip
server
nginx
etag
W/"60701483-9fb"
vary
Accept-Encoding
content-type
text/html
jquery.min.js
hylcwr.com/js/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hylcwr.com/js/js/jquery.min.js
Requested by
Host: hylcwr.com
URL: https://hylcwr.com/js/busn.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.91.94.29 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hylcwr.com/js/busn.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:38:32 GMT
content-encoding
gzip
server
nginx
etag
W/"60701483-9fb"
vary
Accept-Encoding
content-type
text/html
script.js
hylcwr.com/js/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hylcwr.com/js/js/script.js
Requested by
Host: hylcwr.com
URL: https://hylcwr.com/js/busn.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.91.94.29 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hylcwr.com/js/busn.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 11:38:32 GMT
content-encoding
gzip
server
nginx
etag
W/"60701483-9fb"
vary
Accept-Encoding
content-type
text/html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| go

1 Cookies

Domain/Path Name / Value
.lbkbk.ink/ Name: _bit
Value: m1hbCt-6b27ef6c81d9b58064-005

5 Console Messages

Source Level URL
Text
network error URL: https://hylcwr.com/js/busn.php
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hylcwr.com/js/css/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hylcwr.com/js/js/parallax.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hylcwr.com/js/js/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hylcwr.com/js/js/script.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bkimg.cdn.bcebos.com
hylcwr.com
lbkbk.ink
pic.downk.cc
119.91.94.29
14.215.89.35
58.221.59.3
67.199.248.12
26139d0c6cdcf3db7b61d089195ea0bddd476a9b623b53800e4c707077cba8d6
96f4e4193ebea82e9f81ac581f8e130f21902990fd17a8f9f8bf6ab0d271d2e8