ytcs2.com Open in urlscan Pro
202.181.25.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ytcs2.com/
Submission Tags: phishingrod
Submission: On September 19 via api (September 19th 2023, 7:57:35 pm UTC) from DE — Scanned from DE

Summary HTTP 12 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 6 domains to perform 12 HTTP transactions. The main IP is 202.181.25.6, located in Hong Kong and belongs to CLOUDIE-AS-AP Cloudie Limited, HK. The main domain is ytcs2.com.
TLS certificate: Issued by R3 on September 19th 2023. Valid for: 3 months.

This is the only time ytcs2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	202.181.25.6 202.181.25.6	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
1	45.125.14.208 45.125.14.208	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
3	122.10.116.200 122.10.116.200	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
2	122.10.116.215 122.10.116.215	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
12	4

6 202.181.25.6 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)
PTR: spk.cloudie.hk

ytcs2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.125.14.208 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)
PTR: spk.cloudie.hk

www.yt70a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 122.10.116.200 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)

www.yt70b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yt70c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yt70d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 122.10.116.215 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)

api.afjyqh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ytcs2.com ytcs2.com	142 KB
2	afjyqh.com api.afjyqh.com	1 KB
1	yt70d.com www.yt70d.com	4 KB
1	yt70c.com www.yt70c.com	4 KB
1	yt70b.com www.yt70b.com	4 KB
1	yt70a.com www.yt70a.com	4 KB
12	6

	Domain	Requested by
6	ytcs2.com	ytcs2.com
2	api.afjyqh.com	ytcs2.com
1	www.yt70d.com	ytcs2.com
1	www.yt70c.com	ytcs2.com
1	www.yt70b.com	ytcs2.com
1	www.yt70a.com	ytcs2.com
12	6

This site contains links to these domains. Also see Links.

Domain
www.yt70b.com
www.yt70c.com
www.yt70a.com
www.yt70d.com

Subject Issuer	Validity	Valid
ytcs2.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
yt70a.com R3	`2023-07-28` - `2023-10-26`	3 months	crt.sh
yt70b.com R3	`2023-07-28` - `2023-10-26`	3 months	crt.sh
yt70c.com R3	`2023-07-28` - `2023-10-26`	3 months	crt.sh
yt70d.com R3	`2023-07-28` - `2023-10-26`	3 months	crt.sh
api.afjyqh.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ytcs2.com/
Frame ID: F099C2E6C6A866292685A9A6AC5985BB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

油条视频

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

161 kB
Transfer

235 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yt70b.com/download
Title: 下载油条APP

Search URL Search Domain Scan URL

URL: https://www.yt70b.com/
Title: 进入

Search URL Search Domain Scan URL

URL: https://www.yt70c.com/
Title: 进入

Search URL Search Domain Scan URL

URL: https://www.yt70a.com/
Title: 进入

Search URL Search Domain Scan URL

URL: https://www.yt70d.com/
Title: 进入

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ytcs2.com/	581 B 891 B	3278ms 255ms	Document text/html	202.181.25.6 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.181.25.6 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `caae6a00896d8442e88cba0fec94bc190ab7f0c621a4156161a94b11cd8556ea` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control private, no-store, no-cache, must-revalidate, proxy-revalidate Content-Length 581 Content-Type text/html Date Tue, 19 Sep 2023 19:57:22 GMT Etag "644d10fd-245" Last-Modified Sat, 29 Apr 2023 12:43:41 GMT Server nginx/1.20.0 X-Cache BYPASS
GET H/1.1	200 OK	app.75ba4dbb.css ytcs2.com/css/	11 KB 4 KB	258ms 258ms	Stylesheet text/css	202.181.25.6 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL https://ytcs2.com/css/app.75ba4dbb.css Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.181.25.6 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `2cb0e8badfc154e6762d537180aedbf2a6512e7972fd04208efb97363cc2b929` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:22 GMT Content-Encoding gzip Last-Modified Sat, 29 Apr 2023 12:43:41 GMT Server nginx/1.20.0 Etag W/"644d10fd-2b45" Vary Accept-Encoding X-Cache UPDATING Content-Type text/css Transfer-Encoding chunked
GET H/1.1	200 OK	chunk-vendors.49fc91da.js Show response ytcs2.com/js/	109 KB 43 KB	259ms 258ms	Script application/javascript	202.181.25.6 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL https://ytcs2.com/js/chunk-vendors.49fc91da.js Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.181.25.6 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `9079fabb1fcf781647c057a4b02e33b5c17bf09c44ff3c9dcc91aaeb7c7cdd22` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:22 GMT Content-Encoding gzip Last-Modified Sat, 29 Apr 2023 12:43:41 GMT Server nginx/1.20.0 Etag W/"644d10fd-1b307" Vary Accept-Encoding X-Cache UPDATING Content-Type application/javascript Transfer-Encoding chunked
GET H/1.1	200 OK	app.d3b89dd1.js Show response ytcs2.com/js/	7 KB 4 KB	515ms 256ms	Script application/javascript	202.181.25.6 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL https://ytcs2.com/js/app.d3b89dd1.js Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.181.25.6 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `e6fa6f0d78720b8df16ec39e38deaadac7b8b34dab7dc0d31378bb6fb15fc2ca` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:22 GMT Content-Encoding gzip Last-Modified Sat, 29 Apr 2023 12:43:41 GMT Server nginx/1.20.0 Etag W/"644d10fd-1bf9" Vary Accept-Encoding X-Cache UPDATING Content-Type application/javascript Transfer-Encoding chunked
GET H/1.1	200 OK	logo.61912ee2.png ytcs2.com/img/	14 KB 14 KB	257ms 257ms	Image image/png	202.181.25.6 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Show image Full URL https://ytcs2.com/img/logo.61912ee2.png Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.181.25.6 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `58c39453bf05cfabb29f819f96bdd1e6f8602019888eb1ff57b248ffd6283302` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:22 GMT Last-Modified Sat, 29 Apr 2023 12:43:41 GMT Server nginx/1.20.0 Etag "644d10fd-38bd" X-Cache UPDATING Content-Type image/png Accept-Ranges bytes Content-Length 14525
GET H/1.1	200 OK	favicon.ico www.yt70a.com/	4 KB 4 KB	5596ms 254ms	Image image/x-icon	45.125.14.208 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Show image Full URL https://www.yt70a.com/favicon.ico?0.8967059562870765 Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.125.14.208 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `e3fcdfc1b61156746d8515d496952188153965030831db632aad779940aff155` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:28 GMT Last-Modified Sat, 29 Apr 2023 12:44:12 GMT Server nginx/1.20.0 Etag "644d111c-10be" X-Cache UPDATING Content-Type image/x-icon Accept-Ranges bytes Content-Length 4286
GET H/1.1	200 OK	favicon.ico www.yt70b.com/	4 KB 4 KB	5588ms 252ms	Image image/x-icon	122.10.116.200 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Show image Full URL https://www.yt70b.com/favicon.ico?0.9564300566481188 Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 122.10.116.200 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS Software nginx/1.20.0 / Resource Hash `e3fcdfc1b61156746d8515d496952188153965030831db632aad779940aff155` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:28 GMT Last-Modified Sat, 29 Apr 2023 12:44:12 GMT Server nginx/1.20.0 Etag "644d111c-10be" X-Cache UPDATING Content-Type image/x-icon Accept-Ranges bytes Content-Length 4286
GET H/1.1	200 OK	favicon.ico www.yt70c.com/	4 KB 4 KB	5592ms 253ms	Image image/x-icon	122.10.116.200 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Show image Full URL https://www.yt70c.com/favicon.ico?0.6748840499552087 Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 122.10.116.200 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS Software nginx/1.20.0 / Resource Hash `e3fcdfc1b61156746d8515d496952188153965030831db632aad779940aff155` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:28 GMT Last-Modified Sat, 29 Apr 2023 12:44:12 GMT Server nginx/1.20.0 Etag "644d111c-10be" X-Cache UPDATING Content-Type image/x-icon Accept-Ranges bytes Content-Length 4286
GET H/1.1	200 OK	favicon.ico www.yt70d.com/	4 KB 4 KB	5606ms 253ms	Image image/x-icon	122.10.116.200 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Show image Full URL https://www.yt70d.com/favicon.ico?0.7618056065843446 Requested by Host: ytcs2.com URL: https://ytcs2.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 122.10.116.200 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS Software nginx/1.20.0 / Resource Hash `e3fcdfc1b61156746d8515d496952188153965030831db632aad779940aff155` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:28 GMT Last-Modified Sat, 29 Apr 2023 12:44:12 GMT Server nginx/1.20.0 Etag "644d111c-10be" X-Cache UPDATING Content-Type image/x-icon Accept-Ranges bytes Content-Length 4286
GET H/1.1	200 OK	update Show response api.afjyqh.com/v3/	1 KB 1 KB	262ms 261ms	XHR application/json	122.10.116.215 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL https://api.afjyqh.com/v3/update?t=1695153442656 Requested by Host: ytcs2.com URL: https://ytcs2.com/js/chunk-vendors.49fc91da.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 122.10.116.215 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS Software nginx/1.20.0 / PHP/7.2.34 Resource Hash `b944b57b638988e671a2fb4eb88dbd66360bfc5adfa7dca7694b8e02fff1d8ff` Request headers Accept application/json, text/plain, / Referer https://ytcs2.com/ x-client-id 9aab910670705aad2ab8808efe757ba8 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:28 GMT Content-Encoding gzip Server nginx/1.20.0 X-Powered-By PHP/7.2.34 Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * X-Cache BYPASS Access-Control-Allow-Headers , X-Client-Id, X-Client-Platform, X-Client-Version, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, x-requested-with Content-Length* 567
OPTIONS H/1.1	204 No Content	update api.afjyqh.com/v3/	0 0	5586ms 252ms	Preflight	122.10.116.215 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL https://api.afjyqh.com/v3/update?t=1695153442656 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 122.10.116.215 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS Software nginx/1.20.0 / Resource Hash Request headers Accept / Access-Control-Request-Headers x-client-id Access-Control-Request-Method GET Origin https://ytcs2.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Access-Control-Allow-Headers , X-Client-Id, X-Client-Platform, X-Client-Version, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, x-requested-with Access-Control-Allow-Methods* * Access-Control-Allow-Origin * Date Tue, 19 Sep 2023 19:57:28 GMT Server nginx/1.20.0 X-Cache BYPASS
GET H/1.1	200 OK	bg.e1cfbf4c.jpg ytcs2.com/img/	76 KB 76 KB	257ms 257ms	Image image/jpeg	202.181.25.6 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Show image Full URL https://ytcs2.com/img/bg.e1cfbf4c.jpg Requested by Host: ytcs2.com URL: https://ytcs2.com/css/app.75ba4dbb.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.181.25.6 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS spk.cloudie.hk Software nginx/1.20.0 / Resource Hash `cfda9c2c34072ade3b8ae8548911e56630ce01963c55198da16507fa6fffe6ed` Request headers accept-language de-DE,de;q=0.9 Referer https://ytcs2.com/css/app.75ba4dbb.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 19:57:22 GMT Last-Modified Sat, 29 Apr 2023 12:43:41 GMT Server nginx/1.20.0 Etag "644d10fd-12e5f" X-Cache BYPASS Content-Type image/jpeg Accept-Ranges bytes Content-Length 77407

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonp object| __core-js_shared__ object| core

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.afjyqh.com
www.yt70a.com
www.yt70b.com
www.yt70c.com
www.yt70d.com
ytcs2.com
122.10.116.200
122.10.116.215
202.181.25.6
45.125.14.208
2cb0e8badfc154e6762d537180aedbf2a6512e7972fd04208efb97363cc2b929
58c39453bf05cfabb29f819f96bdd1e6f8602019888eb1ff57b248ffd6283302
9079fabb1fcf781647c057a4b02e33b5c17bf09c44ff3c9dcc91aaeb7c7cdd22
b944b57b638988e671a2fb4eb88dbd66360bfc5adfa7dca7694b8e02fff1d8ff
caae6a00896d8442e88cba0fec94bc190ab7f0c621a4156161a94b11cd8556ea
cfda9c2c34072ade3b8ae8548911e56630ce01963c55198da16507fa6fffe6ed
e3fcdfc1b61156746d8515d496952188153965030831db632aad779940aff155
e6fa6f0d78720b8df16ec39e38deaadac7b8b34dab7dc0d31378bb6fb15fc2ca

ytcs2.com Open in urlscan Pro 202.181.25.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

4 IPs

1 Countries

161 kBTransfer

235 kBSize

0 Cookies

5 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

ytcs2.com Open in urlscan Pro
202.181.25.6 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

161 kB
Transfer

235 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions