k2bt.com
Open in
urlscan Pro
156.226.70.86
Public Scan
Submitted URL: https://qcs2m.com/
Effective URL: https://k2bt.com/?channelCode=5040046
Submission Tags: phishingrod
Submission: On July 23 via api from DE — Scanned from DE
Effective URL: https://k2bt.com/?channelCode=5040046
Submission Tags: phishingrod
Submission: On July 23 via api from DE — Scanned from DE
Summary
This website contacted 4 IPs
in 1 countries
across 3 domains to perform 13 HTTP transactions.
The main IP is 156.226.70.86, located in
and
belongs to .
The main domain is k2bt.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2023. Valid for: a year.
This is the only time k2bt.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2023. Valid for: a year.
This is the only time k2bt.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 38.59.63.58 38.59.63.58 | 139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.) | |
| 7 | 34.36.161.196 34.36.161.196 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 156.226.70.86 156.226.70.86 | () () | |
| 13 | 4 |
1
38.59.63.58
(United States)
ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)
ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)
| qcs2m.com |
7
34.36.161.196
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 196.161.36.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 196.161.36.34.bc.googleusercontent.com
| dbex.daidaidui.xyz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
daidaidui.xyz
dbex.daidaidui.xyz |
69 KB |
| 1 |
k2bt.com
k2bt.com |
|
| 1 |
qcs2m.com
qcs2m.com |
1 KB |
| 13 | 3 |
| Domain | Requested by | |
|---|---|---|
| 7 | dbex.daidaidui.xyz |
qcs2m.com
dbex.daidaidui.xyz k2bt.com |
| 1 | k2bt.com |
dbex.daidaidui.xyz
|
| 1 | qcs2m.com | |
| 13 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| 2fe2b.com Sectigo RSA Domain Validation Secure Server CA |
2023-04-28 - 2024-04-27 |
a year | crt.sh |
| dbex.daidaidui.xyz TrustAsia RSA DV TLS CA G2 |
2023-03-08 - 2024-03-07 |
a year | crt.sh |
| 3fjfs.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-19 - 2024-07-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://k2bt.com/?channelCode=5040046
Frame ID: 4368ACB6BEE6601FE5FF9E279716A0DD
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://qcs2m.com/ Page URL
- https://k2bt.com/?channelCode=5040046 Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://qcs2m.com/ Page URL
- https://k2bt.com/?channelCode=5040046 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
qcs2m.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aes.js
dbex.daidaidui.xyz/lib/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
device.js
dbex.daidaidui.xyz/lib/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
dbex.daidaidui.xyz/lib/ |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
dbex.daidaidui.xyz/ |
104 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d0f95334087e829dee82b8025eba823b.js
dbex.daidaidui.xyz/resource/d0/f9/ |
256 B 355 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v.js
dbex.daidaidui.xyz/resource/module1/393/ |
28 B 120 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm.js
dbex.daidaidui.xyz/resource/module1/ |
172 B 270 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
k2bt.com/ |
2 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
aes.js
dbex.daidaidui.xyz/lib/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
device.js
dbex.daidaidui.xyz/lib/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jquery.js
dbex.daidaidui.xyz/lib/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
main.js
dbex.daidaidui.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dbex.daidaidui.xyz
- URL
- https://dbex.daidaidui.xyz/lib/aes.js
- Domain
- dbex.daidaidui.xyz
- URL
- https://dbex.daidaidui.xyz/lib/device.js
- Domain
- dbex.daidaidui.xyz
- URL
- https://dbex.daidaidui.xyz/lib/jquery.js
- Domain
- dbex.daidaidui.xyz
- URL
- https://dbex.daidaidui.xyz/main.js?v=20230524
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dbex.daidaidui.xyz
k2bt.com
qcs2m.com
dbex.daidaidui.xyz
156.226.70.86
34.36.161.196
38.59.63.58
198cdfdb52d8ebc6ad2fe864bdfdc316c7f183c0bd5b8f220bdc0d7e106e7aa6
2a261bf742d8e39e1e4d24e14b84aba817f84704e1ed1f746359c2fb7f5404e4
53f1faab4583a481cab5e6190311be8e7f14ecc828b7c03efee690fda81aa437
95d987cd15c900f2b41bda1f221e0cd150c60221268734af5ec03a8c1c8aa3eb
97d065e81f867edf3f2fa9737cf8f1fe4b260d450190f2db06405d18ebc3831b
d58913f46bc34146c1c444c7903ecb54a41a69347d47a380cf6324908dcbc1f1
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59