www.kitconcafe.com Open in urlscan Pro
20.81.68.24 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://elitecosmetics.net/livesite/elitenew/wp-includes/pomo/www-videos_play_video_2.php
Effective URL:
https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh
Submission: On January 14 via manual (January 14th 2022, 11:25:11 pm UTC) from GR — Scanned from DE

Summary HTTP 21 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 20.81.68.24, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.kitconcafe.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 13th 2021. Valid for: a year.

This is the only time www.kitconcafe.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	66.96.147.109 66.96.147.109	29873 (BIZLAND-SD) (BIZLAND-SD)
1	2607:f1c0:100... 2607:f1c0:100f:f000::2e7	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
6	20.81.68.24 20.81.68.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	158.69.139.229 158.69.139.229	16276 (OVH) (OVH)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
21	10

1 66.96.147.109 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 109.147.96.66.static.eigbox.net

elitecosmetics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f1c0:100f:f000::2e7 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

best2care.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.81.68.24 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.kitconcafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.229 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip229.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 6692 ic.tynt.com — Cisco Umbrella Rank: 3828 de.tynt.com — Cisco Umbrella Rank: 1127	8 KB
6	kitconcafe.com www.kitconcafe.com	71 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13169	3 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 14480	145 B
1	waust.at waust.at — Cisco Umbrella Rank: 40332	7 KB
1	best2care.com best2care.com	284 B
1	elitecosmetics.net elitecosmetics.net	1 KB
21	7

	Domain	Requested by
7	ic.tynt.com	www.kitconcafe.com
6	www.kitconcafe.com	best2care.com www.kitconcafe.com
2	t.dtscout.com	waust.at t.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	waust.at	www.kitconcafe.com
1	best2care.com	elitecosmetics.net
1	elitecosmetics.net
21	9

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
www.seychellesnewsagency.com
www.facebook.com
el-gr.messenger.com
el-gr.facebook.com
pay.facebook.com
www.oculus.com
portal.facebook.com
l.facebook.com
www.bulletin.com
about.facebook.com
developers.facebook.com

Subject Issuer	Validity	Valid
www.elitecosmetics.net Sectigo RSA Domain Validation Secure Server CA	`2021-07-04` - `2022-07-04`	a year	crt.sh
*.best2care.com Encryption Everywhere DV TLS CA - G1	`2021-06-01` - `2022-05-31`	a year	crt.sh
www.mirusdev.com Go Daddy Secure Certificate Authority - G2	`2021-10-13` - `2022-10-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-04` - `2022-08-03`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh
Frame ID: 1C1B908DB4ECF6945DC65878D042CC7A
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook - Συνδεθείτε ή δημιουργήστε λογαριασμό

Page URL History Show full URLs

https://elitecosmetics.net/livesite/elitenew/wp-includes/pomo/www-videos_play_video_2.php Page URL
https://best2care.com/xfb-5/h1.php?ml=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&l=gr&t=pc Page URL
https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

21
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

91 kB
Transfer

144 kB
Size

7
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/xjjd6l89fr/
Title: 11

Search URL Search Domain Scan URL

URL: http://www.seychellesnewsagency.com/
Title: News

Search URL Search Domain Scan URL

URL: http://www.seychellesnewsagency.com/articles/category/7/Editorial
Title: Editorial

Search URL Search Domain Scan URL

URL: http://www.seychellesnewsagency.com/best_in_sc
Title: General info

Search URL Search Domain Scan URL

URL: https://www.facebook.com/seychellsnewsagency
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: http://www.seychellesnewsagency.com/about/contact_us
Title: Contact us

Search URL Search Domain Scan URL

URL: https://el-gr.messenger.com/
Title: Messenger

Search URL Search Domain Scan URL

URL: https://el-gr.facebook.com/watch/
Title: Watch

Search URL Search Domain Scan URL

URL: https://pay.facebook.com/
Title: Facebook Pay

Search URL Search Domain Scan URL

URL: https://www.oculus.com/
Title: Oculus

Search URL Search Domain Scan URL

URL: https://portal.facebook.com/
Title: Portal

Search URL Search Domain Scan URL

URL: https://l.facebook.com/l.php?u=https%3A%2F%2Fwww.instagram.com%2F&h=AT2-_9i8rtC4VxQKzqs5OgKrDEI1C9idG7OuLpsUY30lktOkHBTe3LUfP7AcWKno4wjmuz_dFd-HyMDpEDxY-abOE9stEJoKjsyqNXgDDzHFuoeXv5GXY5KZ5to-0a765Uzi0sKwO164DL51CVxp
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.bulletin.com/
Title: Bulletin

Search URL Search Domain Scan URL

URL: https://about.facebook.com/
Title: Πληροφορίες

Search URL Search Domain Scan URL

URL: https://developers.facebook.com/?ref=pf
Title: Προγραμματιστές

Search URL Search Domain Scan URL

URL: https://el-gr.facebook.com/help/568137493302217
Title: Οι διαφημίσεις μου

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://elitecosmetics.net/livesite/elitenew/wp-includes/pomo/www-videos_play_video_2.php Page URL
https://best2care.com/xfb-5/h1.php?ml=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&l=gr&t=pc Page URL
https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	www-videos_play_video_2.php Show response elitecosmetics.net/livesite/elitenew/wp-includes/pomo/	1 KB 1 KB	438ms 157ms	Document text/html	66.96.147.109 BIZLAND-SD
General Check archive.org Show headers Download Go to Full URL https://elitecosmetics.net/livesite/elitenew/wp-includes/pomo/www-videos_play_video_2.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.96.147.109 , United States, ASN29873 (BIZLAND-SD, US), Reverse DNS 109.147.96.66.static.eigbox.net Software Apache/2 / PHP/7.3.2 Resource Hash `f033f3863ceadf5bc09a05994fec7cb0ac4d1b68f35a3a30e3c567e31fcfb4ac` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Fri, 14 Jan 2022 23:25:05 GMT Content-Type text/html; charset=UTF-8 Content-Length 1049 Connection keep-alive Server Apache/2 X-Powered-By PHP/7.3.2 Age 0
GET H2	200	h1.php best2care.com/xfb-5/	226 B 284 B	440ms 176ms	Document text/html	2607:f1c0:100f:f000::2e7 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://best2care.com/xfb-5/h1.php?ml=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&l=gr&t=pc Requested by Host: elitecosmetics.net URL: https://elitecosmetics.net/livesite/elitenew/wp-includes/pomo/www-videos_play_video_2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:f1c0:100f:f000::2e7 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://elitecosmetics.net/ Response headers content-type text/html; charset=UTF-8 date Fri, 14 Jan 2022 23:25:05 GMT server Apache content-encoding gzip
GET H2	200	Primary Request enterg_d.html Show response www.kitconcafe.com/cacheold/	30 KB 12 KB	331ms 125ms	Document text/html	20.81.68.24 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Requested by Host: best2care.com URL: https://best2care.com/xfb-5/h1.php?ml=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&l=gr&t=pc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.81.68.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5268ec0ccb83eec56382f4c256e37263a5b6e6d822bb6075b110855a94d27469` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://best2care.com/ Response headers content-type text/html content-encoding gzip last-modified Fri, 14 Jan 2022 19:18:02 GMT accept-ranges bytes etag "61a514737b9d81:0" vary Accept-Encoding server Microsoft-IIS/10.0 x-powered-by ASP.NET date Fri, 14 Jan 2022 23:25:06 GMT content-length 12458
GET H2	200	styles2.css www.kitconcafe.com/cacheold/img/	28 KB 10 KB	140ms 139ms	Stylesheet text/css	20.81.68.24 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.kitconcafe.com/cacheold/img/styles2.css Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.81.68.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `4a070d5b96539f0ebad9df7d1865b37bd518cbfcef7ef3f77a9115ff004d0ecc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT content-encoding gzip last-modified Fri, 14 Jan 2022 19:21:08 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "636dc7e17b9d81:0" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 9673
GET H2	200	d.js Show response waust.at/	13 KB 7 KB	60ms 30ms	Script application/x-javascript	2606:4700:20::681a:407 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/d.js Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 492 last-modified Mon, 03 May 2021 17:48:53 GMT server cloudflare etag W/"60903785-3444" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83v7URrNbBzp8gjxme%2BjbTAREg%2BQeO6Oer5ONBpdqeVX4jUBlckFK0vFDgQWdbHBz2bZNbI3EDYVsYcC%2BwmgNgNt7GVX6djmyUcQ2Hms8mNYPyNq53uqC4jviW5wgAU2018m%2BFNr"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 6cda9f215a738b96-FRA expires Sat, 15 Jan 2022 23:16:54 GMT
GET H2	200	logo.png www.kitconcafe.com/cacheold/img/	10 KB 10 KB	133ms 133ms	Image image/png	20.81.68.24 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.kitconcafe.com/cacheold/img/logo.png Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.81.68.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `da0a17ced8d27536fb4658f793e777b87a0a7078f6971b10337b9205511d9703` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT last-modified Fri, 14 Jan 2022 19:20:51 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "8fbdb5d77b9d81:0" content-type image/png accept-ranges bytes content-length 10166
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	2 KB 3 KB	295ms 95ms	Script application/javascript	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.kitconcafe.com%2Fcacheold%2Fenterg_d.html%3Fgstr%3DvPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&j=https%3A%2F%2Fbest2care.com%2F Requested by Host: waust.at URL: https://waust.at/d.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash `867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 14 Jan 2022 23:25:06 GMT X-T 0.565 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl3 Expires Fri, 14 Jan 2022 23:25:05 GMT
GET H2	200	FBWordmark_Hex-RGB-1024.svg www.kitconcafe.com/cacheold/img/	2 KB 2 KB	111ms 111ms	Image image/svg+xml	20.81.68.24 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.kitconcafe.com/cacheold/img/FBWordmark_Hex-RGB-1024.svg Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.81.68.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `74f570e29539b975f49b3b716ba1fd496ea46821233a6fda79a7a78396dee950` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT last-modified Fri, 14 Jan 2022 19:20:36 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1cb8ccf7b9d81:0" content-type image/svg+xml accept-ranges bytes content-length 2384
GET H2	200	/ Show response whos.amung.us/pingjs/	29 B 145 B	335ms 112ms	Script text/javascript	67.202.114.214 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=xjjd6l89fr&t=Facebook%20-%20%CE%A3%CF%85%CE%BD%CE%B4%CE%B5%CE%B8%CE%B5%CE%AF%CF%84%CE%B5%20%CE%AE%20%CE%B4%CE%B7%CE%BC%CE%B9%CE%BF%CF%85%CF%81%CE%B3%CE%AE%CF%83%CF%84%CE%B5%20%CE%BB%CE%BF%CE%B3%CE%B1%CF%81%CE%B9%CE%B1%CF%83%CE%BC%CF%8C&c=d&x=https%3A%2F%2Fwww.kitconcafe.com%2Fcacheold%2Fenterg_d.html%3Fgstr%3DvPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&y=https%3A%2F%2Fbest2care.com%2F&a=0&v=27&r=3015 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.214 , United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash `ddaeedc09470a4ca2b18c19d37137b041293ca793671fab35541cd7b1eaf9215` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	404	HToPuqfx_wC.png www.kitconcafe.com/rsrc.php/v3/ya/r/	18 KB 18 KB	447ms 447ms	Image text/html	20.81.68.24 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.kitconcafe.com/rsrc.php/v3/ya/r/HToPuqfx_wC.png Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/img/styles2.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.81.68.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / PHP/7.4.13, ASP.NET Resource Hash `3db54c26b2f7c10914ea89d3fee476197102b13118019d599f055c91c68f2982` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/img/styles2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 23:25:06 GMT server Microsoft-IIS/10.0 x-powered-by PHP/7.4.13, ASP.NET content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://www.kitconcafe.com/wp-json/>; rel="https://api.w.org/" content-length 18785 x-mobilized-by WordPress Mobile Pack 1.2.5 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	YQNfPR9MJfx.png www.kitconcafe.com/rsrc.php/v3/yO/r/	18 KB 18 KB	482ms 482ms	Image text/html	20.81.68.24 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.kitconcafe.com/rsrc.php/v3/yO/r/YQNfPR9MJfx.png Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/img/styles2.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.81.68.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / PHP/7.4.13, ASP.NET Resource Hash `abea0a3df2615e9fce60e37676176f6ad0a0a190d850c8aff909900ab5bbb32f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/img/styles2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 23:25:06 GMT server Microsoft-IIS/10.0 x-powered-by PHP/7.4.13, ASP.NET content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://www.kitconcafe.com/wp-json/>; rel="https://api.w.org/" content-length 18785 x-mobilized-by WordPress Mobile Pack 1.2.5 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 318 B	275ms 92ms	Script application/javascript	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=kitconcafe.com&_ss=6ymqia9i95&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=c2xm&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.kitconcafe.com%2Fcacheold%2Fenterg_d.html%3Fgstr%3DvPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh&j=https%3A%2F%2Fbest2care.com%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash `babd70c55029432d8fb3dd9ae2c4df2567100f58cada2723883dd084d53c6a93` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 14 Jan 2022 23:25:06 GMT X-T 0.148 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Fri, 14 Jan 2022 23:25:05 GMT
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	87ms 27ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:45 GMT server cloudflare age 181441 etag W/"61295205-431d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6cda9f24bcc13a29-CDG expires Mon, 17 Jan 2022 23:25:06 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	204	p ic.tynt.com/b/	0 227 B	321ms 104ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0&r=https%3A%2F%2Fbest2care.com%2F&t=Facebook%20-%20%CE%A3%CF%85%CE%BD%CE%B4%CE%B5%CE%B8%CE%B5%CE%AF%CF%84%CE%B5%20%CE%AE%20%CE%B4%CE%B7%CE%BC%CE%B9%CE%BF%CF%85%CF%81%CE%B3%CE%AE%CF%83%CF%84%CE%B5%20%CE%BB%CE%BF%CE%B3%CE%B1%CF%81%CE%B9%CE%B1%CF%83%CE%BC%CF%8C Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 202 B	338ms 110ms	Script application/javascript	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!xjjd6l89fr&dn=TC&cc=1&r=https%3A%2F%2Fbest2care.com%2F Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software / Resource Hash `d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:06 GMT cache-control max-age=86400 content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Sat, 15 Jan 2022 23:25:07 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	105ms 105ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0&r=https%3A%2F%2Fbest2care.com%2F&t=Facebook%20-%20%CE%A3%CF%85%CE%BD%CE%B4%CE%B5%CE%B8%CE%B5%CE%AF%CF%84%CE%B5%20%CE%AE%20%CE%B4%CE%B7%CE%BC%CE%B9%CE%BF%CF%85%CF%81%CE%B3%CE%AE%CF%83%CF%84%CE%B5%20%CE%BB%CE%BF%CE%B3%CE%B1%CF%81%CE%B9%CE%B1%CF%83%CE%BC%CF%8C Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	104ms 104ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0&r=https%3A%2F%2Fbest2care.com%2F&t=Facebook%20-%20%CE%A3%CF%85%CE%BD%CE%B4%CE%B5%CE%B8%CE%B5%CE%AF%CF%84%CE%B5%20%CE%AE%20%CE%B4%CE%B7%CE%BC%CE%B9%CE%BF%CF%85%CF%81%CE%B3%CE%AE%CF%83%CF%84%CE%B5%20%CE%BB%CE%BF%CE%B3%CE%B1%CF%81%CE%B9%CE%B1%CF%83%CE%BC%CF%8C Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	106ms 106ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0&r=https%3A%2F%2Fbest2care.com%2F Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	105ms 104ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0 Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	104ms 104ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0 Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	105ms 104ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xjjd6l89fr&lm=0&ts=1642202706693&dn=TC&iso=0 Requested by Host: www.kitconcafe.com URL: https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kitconcafe.com/cacheold/enterg_d.html?gstr=vPESK4vDXA2dLqgF3mhiairzzXYHAdjK7Y2ui7jgwdVCWyvzDh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 23:25:07 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-20 00:10:07	Name: m Value: 1
.dtscout.com/	1970-01-20 00:10:20	Name: b Value: 1
.dtscout.com/	1970-01-20 00:10:17	Name: oa Value: 1
.dtscout.com/	1970-01-20 02:34:02	Name: df Value: 1642202706
www.kitconcafe.com/	1970-01-20 08:55:38	Name: wpmp_switcher Value: desktop
www.kitconcafe.com/	1970-01-20 00:10:04	Name: wfvt_22575677 Value: 61e20652e329b
www.kitconcafe.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8286shp7j4i738p6f5coa2v2k7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.kitconcafe.com/rsrc.php/v3/ya/r/HToPuqfx_wC.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.kitconcafe.com/rsrc.php/v3/yO/r/YQNfPR9MJfx.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

best2care.com
cdn.tynt.com
de.tynt.com
elitecosmetics.net
ic.tynt.com
t.dtscout.com
waust.at
whos.amung.us
www.kitconcafe.com
104.18.28.199
158.69.139.229
20.81.68.24
2606:4700:20::681a:407
2607:f1c0:100f:f000::2e7
66.96.147.109
67.202.105.31
67.202.105.33
67.202.114.214
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
3db54c26b2f7c10914ea89d3fee476197102b13118019d599f055c91c68f2982
4a070d5b96539f0ebad9df7d1865b37bd518cbfcef7ef3f77a9115ff004d0ecc
5268ec0ccb83eec56382f4c256e37263a5b6e6d822bb6075b110855a94d27469
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
74f570e29539b975f49b3b716ba1fd496ea46821233a6fda79a7a78396dee950
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
abea0a3df2615e9fce60e37676176f6ad0a0a190d850c8aff909900ab5bbb32f
babd70c55029432d8fb3dd9ae2c4df2567100f58cada2723883dd084d53c6a93
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
da0a17ced8d27536fb4658f793e777b87a0a7078f6971b10337b9205511d9703
ddaeedc09470a4ca2b18c19d37137b041293ca793671fab35541cd7b1eaf9215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f033f3863ceadf5bc09a05994fec7cb0ac4d1b68f35a3a30e3c567e31fcfb4ac

www.kitconcafe.com Open in urlscan Pro 20.81.68.24 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

22 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

91 kBTransfer

144 kBSize

7 Cookies

16 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

7 Cookies

2 Console Messages

Indicators

www.kitconcafe.com Open in urlscan Pro
20.81.68.24 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

91 kB
Transfer

144 kB
Size

7
Cookies

21 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!