kubitz.com.br Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e-in21.gtolink.in/t/em1/54994/1/cd2210df-5608-4588-898d-f5273145b43b/7f597516fa8a11eda79702342baa918a
Effective URL:
https://kubitz.com.br/service/
Submission: On May 25 via manual (May 25th 2023, 2:43:11 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kubitz.com.br.
TLS certificate: Issued by GTS CA 1P5 on April 10th 2023. Valid for: 3 months.

This is the only time kubitz.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.0.219.238 65.0.219.238	16509 (AMAZON-02) (AMAZON-02)
1 1	2.16.187.25 2.16.187.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	80.74.151.88 80.74.151.88	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
11	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
15	3

1 65.0.219.238 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-65-0-219-238.ap-south-1.compute.amazonaws.com

e-in21.gtolink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.187.25 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-25.deploy.static.akamaitechnologies.com

web-in21.mxradon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.74.151.88 (Switzerland) 2 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: vesta.ch-dns.net

www.audetour.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audetour.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kubitz.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	kubitz.com.br kubitz.com.br	256 KB
2	audetour.ch 2 redirects www.audetour.ch audetour.ch	441 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	mxradon.com 1 redirects web-in21.mxradon.com — Cisco Umbrella Rank: 203452	684 B
1	gtolink.in 1 redirects e-in21.gtolink.in — Cisco Umbrella Rank: 318540	602 B
15	5

	Domain	Requested by
11	kubitz.com.br	kubitz.com.br
1	fonts.googleapis.com	kubitz.com.br
1	audetour.ch	1 redirects
1	www.audetour.ch	1 redirects
1	web-in21.mxradon.com	1 redirects
1	e-in21.gtolink.in	1 redirects
15	6

This site contains no links.

Subject Issuer	Validity	Valid
*.kubitz.com.br GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kubitz.com.br/service/
Frame ID: 0883E8D888B14F171AF85192AB9CA91F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upgrade Needed

Page URL History Show full URLs

http://e-in21.gtolink.in/t/em1/54994/1/cd2210df-5608-4588-898d-f5273145b43b/7f597516fa8a11eda79702342... HTTP 302
http://web-in21.mxradon.com/t/sc/54994/08a3e0c6-faa0-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.au... HTTP 302
http://www.audetour.ch/e/ser/ HTTP 301
http://audetour.ch/e/ser/ HTTP 302
https://kubitz.com.br/service/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

80 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

3
IPs

4
Countries

258 kB
Transfer

466 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e-in21.gtolink.in/t/em1/54994/1/cd2210df-5608-4588-898d-f5273145b43b/7f597516fa8a11eda79702342baa918a HTTP 302
http://web-in21.mxradon.com/t/sc/54994/08a3e0c6-faa0-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.audetour.ch%2fe%2fser%2f&ce=730 HTTP 302
http://www.audetour.ch/e/ser/ HTTP 301
http://audetour.ch/e/ser/ HTTP 302
https://kubitz.com.br/service/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kubitz.com.br/service/
Redirect Chain

http://e-in21.gtolink.in/t/em1/54994/1/cd2210df-5608-4588-898d-f5273145b43b/7f597516fa8a11eda79702342baa918a
http://web-in21.mxradon.com/t/sc/54994/08a3e0c6-faa0-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.audetour.ch%2fe%2fser%2f&ce=730
http://www.audetour.ch/e/ser/
http://audetour.ch/e/ser/
https://kubitz.com.br/service/

10 KB
2 KB

166ms
123ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ace3fa97e14c9613723a0aefa0a976a58daf740faa2e4321a4439f7109c7d921

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cca6d2d6c7c2baf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 May 2023 02:42:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F%2Fhk6yOHU%2B1RDSo5hEUtx5W7QoemjbXaDmRz7%2F5HaK28UyRo5T7GGdbg9sOudHL4azEDT93%2Bd65rrhEpdE7Uz2A3fKo2viQ56lz5j1Q3Ppr7hS8ojp%2FUQ%2FdKxBjQajmOY6whxrzaq5uyJxp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: HIT
x-cache-hits: 2
x-powered-by: PleskLin
x-robots-tag: noindex
x-varnish: 227821468 229351231

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 May 2023 02:42:40 GMT
Server: nginx
X-Powered-By: PHP/7.4.33
X-Robots-Tag: noindex
location: https://kubitz.com.br/service/

GET
H2 200 jquery.min.js Show response
kubitz.com.br/service/455/ 87 KB
32 KB 511ms
509ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/jquery.min.js
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:15:28 GMT
server: cloudflare
etag: W/"15d84-5ec8787e19000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ad8ltGPBDgP0yvEtu44oq6QL%2BMrWg8xFGTE4AT0knx9GGoBWJA9knC5qPFfSv7kj0u6%2BF71ZT5QmAOHzYjryo%2FzWOELYN4VOsItOZR2dp8jzxPZZeUJTZtGIOMRc%2FlXEEy4yB%2BJxA2JIsdBR"}],"group":"cf-nel","max_age":604800}
x-varnish: 226133120
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cca6d2e3cef2baf-FRA

GET
H2 200 index.css
kubitz.com.br/service/455/ 4 KB
1 KB 105ms
103ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/index.css
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f9f8861952913e6fd057410cc19dc91c7230ec9ba22095c41ec0ce1a667eff33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:16:10 GMT
server: cloudflare
etag: W/"f72-5ec878a626e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHwgka5r5a4N%2FRhVpmN9D0g5i%2BM5M0Te8KMnLXW3osLbcespwozEuRIjCZef8ey%2BIzgNpwa90OOeSZf3oso7NWjTlcZtLusufFSJhMLZchIR%2BuazUuYXv7ZzUeqHPTy%2BvBKDukMCX5xOaJya"}],"group":"cf-nel","max_age":604800}
x-varnish: 228958393
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cca6d2e3cf02baf-FRA

GET
H2 200 webflow.css
kubitz.com.br/service/455/ 40 KB
10 KB 135ms
134ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/webflow.css
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6339c2de581da9c508bd39e4ed384e3a503533e07dca07fbf45a15be81fe9df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:16:26 GMT
server: cloudflare
etag: W/"9fbc-5ec878b569280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJsTAsipZDzFPYRVODGrL5bHe4K%2FPAOKed1Jpm25w952XiknjdOOR5kULsrPyRnTXCdgmst30oyoAtS8sbmW492tIgc0CGmzqM1Lh8R6ZW7nGLf%2FnjImVNPHWiGd9q5IspoIQrFxSyAxRVtb"}],"group":"cf-nel","max_age":604800}
x-varnish: 226692307
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cca6d2e3cf12baf-FRA

GET
H2 200 css.css
kubitz.com.br/service/455/ 110 KB
15 KB 16ms
15ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/css.css
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5bccc9870d6e3da3bc5771259d489b21b29f8efe6191d7dfc1145437a129acb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4111
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:16:44 GMT
server: cloudflare
etag: W/"1b835-5ec878c693b00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HME%2FrkigIwYtCAC3ur46LnshvKHguvKTHzIrd%2FqDqh6WVXd6tLz7Brf%2BpT6OKOmysMJdSE0S%2F7C%2BDOU%2FvNs0Yz%2Br8qYMdiHl3t40xCTxbVrfkv2ZWhwyiQ0qK46ZNHKV9yYlxR2M%2FbdV5k1c"}],"group":"cf-nel","max_age":604800}
x-varnish: 225712838
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cca6d2e3cf32baf-FRA

GET
H3 200 logo.svg
kubitz.com.br/service/455/ 12 KB
4 KB 13ms
13ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/logo.svg
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2676
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:17:06 GMT
server: cloudflare
etag: W/"2ef3-5ec878db8ec80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA7nt%2B9BpDpisCpUMgJ1%2BkiTYbUnD0qz%2FqbXkcRqQFUbhcm0oW4AFeZbbd0D%2F5eNVJnheoyBq%2Bg5H8BcaVMVrqjUiswb4itvqemm2MkCKrH7InMd9cd7fwFcHscBeXoNmYEuxMU6SrgkPptP"}],"group":"cf-nel","max_age":604800}
x-varnish: 224012170
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7cca6d2f1d5c928f-FRA

GET
H3 200 menu.png
kubitz.com.br/service/455/ 115 B
646 B 12ms
11ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/menu.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 488e2dd6efbdf809de8dbcf89e460fac2f7594607fd03b24d8a951441cd07a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2676
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115
last-modified: Thu, 03 Nov 2022 02:17:16 GMT
server: cloudflare
etag: "73-5ec878e518300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMW4zBlx8M8BBjFnvAN4Ffi4OFQsJ%2BqMYVx%2F0W6qyiTBW0pvVnkLrpltNqbEjLjgWXjvM04VgBD%2Fmq7M460hHakjm6dR%2B%2FThjenOUuf4GYSV94TBPd7tz5gsZGAM8afhtxKV84mSPIBuPCT%2B"}],"group":"cf-nel","max_age":604800}
x-varnish: 225712847
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca6d2f2d67928f-FRA

GET
H3 200 chrome.png
kubitz.com.br/service/455/ 24 KB
25 KB 13ms
13ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/chrome.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 37fafee4313ce7758bb77494faff9b04812a24981630b1c9c4494ae390310b45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2676
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24800
last-modified: Thu, 03 Nov 2022 02:17:34 GMT
server: cloudflare
etag: "60e0-5ec878f642b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUX0vEeFHNCIEGr3tqnIZ0AbYGC8685qHnD1G1MJaRgFWcMSNwohN2eZ39RlEM403bsnkEclv1pFMP5%2Br9nZkX8rZTNW%2FUdkWt07nsfTSMj%2F%2BKkRA9g3LcM7bxsr2IjHz8Z6WY%2BiF8RH7V6I"}],"group":"cf-nel","max_age":604800}
x-varnish: 222772871
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca6d2f4d75928f-FRA

GET
H3 200 firefox.png
kubitz.com.br/service/455/ 118 KB
119 KB 18ms
18ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/firefox.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7a49b3376004d691c550ea23d5723730f0b5ff16c088580e5fbdd3e5405a80b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2676
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121303
last-modified: Thu, 03 Nov 2022 02:17:46 GMT
server: cloudflare
etag: "1d9d7-5ec87901b4680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKjPCcnMESkqi5aoHj6r1hofWwmVuEr%2Frx2Pa9H8aFTQLykDuylkb4%2FNa%2BGdvm%2BSTAQ%2BjmjhOYcZqSpNYxvqnz9TKxiKBBEBOMJznH8BUVug23hGPfvfhI0rZnXVV6srjzaBu5tHK9hs0tiE"}],"group":"cf-nel","max_age":604800}
x-varnish: 222796885
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca6d2f6d89928f-FRA

GET
H3 200 brave-browser.png
kubitz.com.br/service/455/ 9 KB
10 KB 14ms
13ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/brave-browser.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: da09bcc6bffef3b3d94c08f29df5eb141e894725ea761129fa4a29cb1662ab0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2676
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9427
last-modified: Thu, 03 Nov 2022 02:17:54 GMT
server: cloudflare
etag: "24d3-5ec8790955880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xi%2B9YqgZlCuME4gKyPfBj4uUsC9JJRCrh0xh%2BRj1lkfe8dVZtY5ouMh5s0rbUSAeRmN%2Fjq6MI3T3YSRDwFI4rU2cOzCgyxS%2FKCKAYiCTSyF%2B4K2i%2BgbzUJ2PM7LZTVW3%2Bt1stBMScn%2BCjaJi"}],"group":"cf-nel","max_age":604800}
x-varnish: 227258609
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca6d2f9da4928f-FRA

GET
H3 200 microsoft.png
kubitz.com.br/service/455/ 37 KB
38 KB 23ms
22ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/microsoft.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 153bc68bdfdeddd913445584cd5b6b78d6eaf99e05f0883d60804234751e1b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 02:42:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2676
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38086
last-modified: Thu, 03 Nov 2022 02:18:02 GMT
server: cloudflare
etag: "94c6-5ec87910f6a80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9qKsj6ixIPg5AX6i%2FZImYrqTNkV0MKxf4O9Znp%2B%2FQvIlm%2FFb7OaIsrJdjl5aXzKZOdRBc8A9JH3EFBPOxFrpongBx9L1jbshnvomaxfktYd1WBqO5OJBMJ0ZModB8%2BYNOWXlj9gy0KJwzvd"}],"group":"cf-nel","max_age":604800}
x-varnish: 224104810
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca6d2fadac928f-FRA

GET mm.svg
kubitz.com.br/service/.r/455/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 42ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;1,100;1,300;1,400&display=swap

Requested by

Host: kubitz.com.br
URL: https://kubitz.com.br/service/455/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fceeefd5f759eaa9ccaf24c56e8061247b6af7792260eda10e77ce777fe971d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kubitz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 May 2023 02:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 May 2023 02:42:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 May 2023 02:42:41 GMT

GET EuclidCircularB-Regular-WebXL.woff2
kubitz.com.br/service/fonts/ 0
0

GET EuclidCircularB-Bold-WebXL.woff2
kubitz.com.br/service/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kubitz.com.br
URL: https://kubitz.com.br/service/.r/455/mm.svg

Domain: kubitz.com.br
URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Regular-WebXL.woff2

Domain: kubitz.com.br
URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Bold-WebXL.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e-in21.gtolink.in/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: f0blwodqdo5zf5cnz02h3n2l
e-in21.gtolink.in/	1970-01-20 21:39:02	Name: ORG54994 Value: 08a3e0c6-faa0-11ed-a797-02342baa918a
web-in21.mxradon.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rpy3tayvmriju2vg2sg4kuqu
web-in21.mxradon.com/	1970-01-20 21:39:02	Name: ORG54994 Value: 08a3e0c6-faa0-11ed-a797-02342baa918a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audetour.ch
e-in21.gtolink.in
fonts.googleapis.com
kubitz.com.br
web-in21.mxradon.com
www.audetour.ch
kubitz.com.br
2.16.187.25
2a00:1450:4001:829::200a
2a06:98c1:3120::3
65.0.219.238
80.74.151.88
153bc68bdfdeddd913445584cd5b6b78d6eaf99e05f0883d60804234751e1b14
37fafee4313ce7758bb77494faff9b04812a24981630b1c9c4494ae390310b45
488e2dd6efbdf809de8dbcf89e460fac2f7594607fd03b24d8a951441cd07a53
5bccc9870d6e3da3bc5771259d489b21b29f8efe6191d7dfc1145437a129acb5
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6339c2de581da9c508bd39e4ed384e3a503533e07dca07fbf45a15be81fe9df3
7a49b3376004d691c550ea23d5723730f0b5ff16c088580e5fbdd3e5405a80b7
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
ace3fa97e14c9613723a0aefa0a976a58daf740faa2e4321a4439f7109c7d921
da09bcc6bffef3b3d94c08f29df5eb141e894725ea761129fa4a29cb1662ab0c
f9f8861952913e6fd057410cc19dc91c7230ec9ba22095c41ec0ce1a667eff33
fceeefd5f759eaa9ccaf24c56e8061247b6af7792260eda10e77ce777fe971d8

kubitz.com.br Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

80 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

3 IPs

4 Countries

258 kBTransfer

466 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

4 Cookies

Indicators

kubitz.com.br Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

3
IPs

4
Countries

258 kB
Transfer

466 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!