kubitz.com.br Open in urlscan Pro
172.67.209.24 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e-in21.gtolink.in/t/em1/54994/1/967d2b19-281e-485e-a50d-f12400c3d7a2/7f597516fa8a11eda79702342baa918a
Effective URL:
https://kubitz.com.br/service/
Submission: On May 25 via manual (May 25th 2023, 3:16:40 am UTC) from AU — Scanned from AU

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main IP is 172.67.209.24, located in United States and belongs to CLOUDFLARENET, US. The main domain is kubitz.com.br.
TLS certificate: Issued by GTS CA 1P5 on April 10th 2023. Valid for: 3 months.

This is the only time kubitz.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.66.25.51 52.66.25.51	16509 (AMAZON-02) (AMAZON-02)
1 1	23.61.205.49 23.61.205.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	80.74.151.88 80.74.151.88	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
16	172.67.209.24 172.67.209.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.12.95 142.251.12.95	15169 (GOOGLE) (GOOGLE)
17	2

1 52.66.25.51 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-66-25-51.ap-south-1.compute.amazonaws.com

e-in21.gtolink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.61.205.49 (Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-205-49.deploy.static.akamaitechnologies.com

web-in21.mxradon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.74.151.88 (Switzerland) 2 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: vesta.ch-dns.net

www.audetour.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audetour.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.209.24 (United States)

ASN13335 (CLOUDFLARENET, US)

kubitz.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	kubitz.com.br kubitz.com.br	281 KB
2	audetour.ch 2 redirects www.audetour.ch audetour.ch	441 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	mxradon.com 1 redirects web-in21.mxradon.com — Cisco Umbrella Rank: 203452	686 B
1	gtolink.in 1 redirects e-in21.gtolink.in — Cisco Umbrella Rank: 318540	602 B
17	5

	Domain	Requested by
16	kubitz.com.br	kubitz.com.br
1	fonts.googleapis.com	kubitz.com.br
1	audetour.ch	1 redirects
1	www.audetour.ch	1 redirects
1	web-in21.mxradon.com	1 redirects
1	e-in21.gtolink.in	1 redirects
17	6

This site contains no links.

Subject Issuer	Validity	Valid
*.kubitz.com.br GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kubitz.com.br/service/
Frame ID: B40BC1677D433D0A129BBFB94EB46AF3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upgrade Needed

Page URL History Show full URLs

http://e-in21.gtolink.in/t/em1/54994/1/967d2b19-281e-485e-a50d-f12400c3d7a2/7f597516fa8a11eda79702342... HTTP 302
http://web-in21.mxradon.com/t/sc/54994/775e6103-fa9d-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.au... HTTP 302
http://www.audetour.ch/e/ser/ HTTP 301
http://audetour.ch/e/ser/ HTTP 302
https://kubitz.com.br/service/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

2
IPs

4
Countries

283 kB
Transfer

492 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e-in21.gtolink.in/t/em1/54994/1/967d2b19-281e-485e-a50d-f12400c3d7a2/7f597516fa8a11eda79702342baa918a HTTP 302
http://web-in21.mxradon.com/t/sc/54994/775e6103-fa9d-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.audetour.ch%2fe%2fser%2f&ce=730 HTTP 302
http://www.audetour.ch/e/ser/ HTTP 301
http://audetour.ch/e/ser/ HTTP 302
https://kubitz.com.br/service/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kubitz.com.br/service/
Redirect Chain

http://e-in21.gtolink.in/t/em1/54994/1/967d2b19-281e-485e-a50d-f12400c3d7a2/7f597516fa8a11eda79702342baa918a
http://web-in21.mxradon.com/t/sc/54994/775e6103-fa9d-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.audetour.ch%2fe%2fser%2f&ce=730
http://www.audetour.ch/e/ser/
http://audetour.ch/e/ser/
https://kubitz.com.br/service/

10 KB
2 KB

1163ms
348ms

Document
text/html

172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ace3fa97e14c9613723a0aefa0a976a58daf740faa2e4321a4439f7109c7d921

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cca9ecc6f56dfb9-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 May 2023 03:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Itl2RdWzb1cKtk%2ByLTNFPlPT%2BqaUVqdZgYWmU5itSd4JHIL9TOvLg2MvPXx8YH%2B%2BRI3%2Fl1%2FDZfqb2Pfv%2FqfaEaQDZiwgpMT5BZLhTp2mzUINbdjIJQTJNXTsZQzxwQua"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: HIT
x-cache-hits: 2
x-powered-by: PleskLin
x-robots-tag: noindex
x-varnish: 236454169 227369038

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 May 2023 03:16:32 GMT
Server: nginx
X-Powered-By: PHP/7.4.33
X-Robots-Tag: noindex
location: https://kubitz.com.br/service/

GET
H2 200 jquery.min.js Show response
kubitz.com.br/service/455/ 87 KB
32 KB 112ms
110ms Script
application/javascript 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/jquery.min.js
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:15:28 GMT
server: cloudflare
etag: W/"15d84-5ec8787e19000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXxsmncXRSOl8isYMV8S9RqP4jzmmVe8BiZTgPnnS3%2BPT4R1JLKPjOUgf%2BLIIRcJRlI14yucKYT5%2BXsugjGaVWLtI0z94hHYH%2FjdugSs021fvHk2g%2BGSkf7m%2FLWa5HHp"}],"group":"cf-nel","max_age":604800}
x-varnish: 226133120
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cca9eceaaa2dfb9-SYD

GET
H2 200 index.css
kubitz.com.br/service/455/ 4 KB
1 KB 103ms
102ms Stylesheet
text/css 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/index.css
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f9f8861952913e6fd057410cc19dc91c7230ec9ba22095c41ec0ce1a667eff33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:16:10 GMT
server: cloudflare
etag: W/"f72-5ec878a626e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFqItAAYlUGf%2FACAKFdwNkgs5rajBjlwlVZjR5qclpSxB4oVE4aIID%2F%2Bde2WegyjxnVNBEDXiOZgHISTAezX6C3deaQFojpvrsXYx37bmQChwWF7c6EpopQ92y50JAPR"}],"group":"cf-nel","max_age":604800}
x-varnish: 228958393
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cca9eceaaa3dfb9-SYD

GET
H2 200 webflow.css
kubitz.com.br/service/455/ 40 KB
10 KB 104ms
103ms Stylesheet
text/css 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/webflow.css
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6339c2de581da9c508bd39e4ed384e3a503533e07dca07fbf45a15be81fe9df3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:16:26 GMT
server: cloudflare
etag: W/"9fbc-5ec878b569280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Q9URpERTzon%2BTZ%2Fen14SMx3b%2BVq5w%2FLNYaR%2BzTD3EmPdbeusWC6qUgMFai%2FgONy2Ugdgi9%2FJ3OGFUA4A0sVR8weFFHn84qk2Y8lANH%2FlFWsWM%2BJ%2FcLZkXw%2BlXOwQqT0"}],"group":"cf-nel","max_age":604800}
x-varnish: 226692307
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cca9eceaaa4dfb9-SYD

GET
H2 200 css.css
kubitz.com.br/service/455/ 110 KB
15 KB 139ms
138ms Stylesheet
text/css 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/455/css.css
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5bccc9870d6e3da3bc5771259d489b21b29f8efe6191d7dfc1145437a129acb5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:16:44 GMT
server: cloudflare
etag: W/"1b835-5ec878c693b00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY2bzNgOt%2FiVNrEtG8Cqn6GaQ%2BryQhfG%2F%2BpdO1h1d7mIHoUKtX614a5c4K0oS54J8OTHhHgckSDLBjGGBx7grMkN15SxvXZRp%2BmJCDl10eFs6UwsugomywoVGgxJLDsu"}],"group":"cf-nel","max_age":604800}
x-varnish: 225712838
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cca9eceaaa6dfb9-SYD

GET
H2 200 logo.svg
kubitz.com.br/service/455/ 12 KB
4 KB 103ms
102ms Image
image/svg+xml 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/logo.svg
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 02:17:06 GMT
server: cloudflare
etag: W/"2ef3-5ec878db8ec80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n25ObS0PhitrR%2BW0fVAUQgz%2FPCb7a0KJaTXCF%2BM80SuLw2Kl8fSoG0LR1LoE%2BHJhWOaJEiIW%2Ffcor0bnsV1UN2ya16Bc58xbzFK7NZHItlhOq%2BeK2GITEsqnFOfSSnw%2F"}],"group":"cf-nel","max_age":604800}
x-varnish: 224012170
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7cca9ecfec45dfb9-SYD

GET
H2 200 menu.png
kubitz.com.br/service/455/ 115 B
446 B 100ms
100ms Image
image/png 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/menu.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 488e2dd6efbdf809de8dbcf89e460fac2f7594607fd03b24d8a951441cd07a53

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115
last-modified: Thu, 03 Nov 2022 02:17:16 GMT
server: cloudflare
etag: "73-5ec878e518300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STlbRqukGPT1oV2ujnFQdBNCXxovaQzQfLi6pDIFRYIEKPTnV2rdtjVO9uD84uvxHeI3UDDan5ZZFfviiLB0Hj%2Bpdbz%2BU7MWstAeDbQQAO39xKREMiNWrz0DJeiwTD3k"}],"group":"cf-nel","max_age":604800}
x-varnish: 225712847
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca9ecfec47dfb9-SYD

GET
H2 200 chrome.png
kubitz.com.br/service/455/ 24 KB
25 KB 103ms
101ms Image
image/png 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/chrome.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 37fafee4313ce7758bb77494faff9b04812a24981630b1c9c4494ae390310b45

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24800
last-modified: Thu, 03 Nov 2022 02:17:34 GMT
server: cloudflare
etag: "60e0-5ec878f642b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofng5X6Eqa%2FnJ6%2BgWHoDghL4WICbgAMsi%2BWbGd4Twao1BLc%2Bgg3oj2eGW3a83dp8Gcs%2BOoixx4l8cEHMJzaSBkUtKhgIRNdR96CPyJ7%2Bldcl2HDcMtIydFN%2FkShwmpHM"}],"group":"cf-nel","max_age":604800}
x-varnish: 222772871
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca9ed01c81dfb9-SYD

GET
H2 200 firefox.png
kubitz.com.br/service/455/ 118 KB
119 KB 119ms
118ms Image
image/png 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/firefox.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7a49b3376004d691c550ea23d5723730f0b5ff16c088580e5fbdd3e5405a80b7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121303
last-modified: Thu, 03 Nov 2022 02:17:46 GMT
server: cloudflare
etag: "1d9d7-5ec87901b4680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SV2K1N3oyGvnDKIOS%2BXej28SvriVUnwZObzUTEQ6p1Lxn53s3gxmAlwl7i2KS5SQQc5WMbQDaeFQ%2FIHxuAlGYSb1tXDrGrBlN4OHbubQnE6k%2FbrfU6hFZZW1c%2BryVPjy"}],"group":"cf-nel","max_age":604800}
x-varnish: 222796885
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca9ed01c82dfb9-SYD

GET
H2 200 brave-browser.png
kubitz.com.br/service/455/ 9 KB
10 KB 138ms
137ms Image
image/png 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/brave-browser.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: da09bcc6bffef3b3d94c08f29df5eb141e894725ea761129fa4a29cb1662ab0c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5398
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9427
last-modified: Thu, 03 Nov 2022 02:17:54 GMT
server: cloudflare
etag: "24d3-5ec8790955880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COiuDavgTQSDwxHTnsK9jlbaPjP1VQfVvnTQhVQVnioerOEAyGZQZ8HHIEgY5g9U3rcD3jXfHNapzOEGD%2BbNt0Xj18dbA2wEnL9TWh8GvEJ3pLfGlLnMIZ4LotP7JF6z"}],"group":"cf-nel","max_age":604800}
x-varnish: 227258609
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca9ed01c83dfb9-SYD

GET
H2 200 microsoft.png
kubitz.com.br/service/455/ 37 KB
38 KB 168ms
167ms Image
image/png 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/455/microsoft.png
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 153bc68bdfdeddd913445584cd5b6b78d6eaf99e05f0883d60804234751e1b14

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5399
x-powered-by: PleskLin
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38086
last-modified: Thu, 03 Nov 2022 02:18:02 GMT
server: cloudflare
etag: "94c6-5ec87910f6a80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iOKzwZqO5%2F9MFv7NfXJM8OMyrVJwZnI2mYWKRwY5Tu5U%2BKdukoQbgrRLYZFVUblDQJ7QNGfDJitJEC6j3au7kjJoztULKpinu6tuvVrFHSDAK2bn5O0Swfo%2Fur6AsX9"}],"group":"cf-nel","max_age":604800}
x-varnish: 224104810
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cca9ed08cfddfb9-SYD

GET
H2 404 mm.svg
kubitz.com.br/service/.r/455/ 26 KB
26 KB 993ms
993ms Image
text/html 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kubitz.com.br/service/.r/455/mm.svg
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8eed89279c9607a79ab5621ca7d51fdd035838538547cc37e660f57b8fca361

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:34 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0D4wlnmbb7ABykmkSvUHwvD7TJY5mQYODEz1XbiqDlSmGrujzeWRKGHp7oh3Na1TuN4hT49FDTapkWrpish8Y86WvBpaUHM%2FuOSoyMBq2oC2P07tNuV1SlvKiMziAP6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-varnish: 236028264
x-cache: MISS
cache-control: max-age=14400, must-revalidate
cf-ray: 7cca9ed08d01dfb9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 870ms
194ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;1,100;1,300;1,400&display=swap

Requested by

Host: kubitz.com.br
URL: https://kubitz.com.br/service/455/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

fceeefd5f759eaa9ccaf24c56e8061247b6af7792260eda10e77ce777fe971d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://kubitz.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 May 2023 03:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 May 2023 03:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 May 2023 03:16:34 GMT

GET
H2 404 EuclidCircularB-Regular-WebXL.woff2
kubitz.com.br/service/fonts/ 0
0 1016ms
1016ms Font
text/html 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Regular-WebXL.woff2
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/455/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kubitz.com.br/service/455/css.css
Origin: https://kubitz.com.br
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUNOjz2YObl2tOmEInf0lB5qF7EAsEks4WINnkG%2FK5IWljqVUA8nEWP9P1IoeCa%2BJPBWErFjmqL7bsFJxchCGMg1mQuji%2FFXvxMWH8l0cFOCHVAiHl8bPJ1CUwLC%2B9wA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-varnish: 236355997
x-cache: MISS
cache-control: max-age=14400, must-revalidate
cf-ray: 7cca9ed59b04dfb9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 EuclidCircularB-Bold-WebXL.woff2
kubitz.com.br/service/fonts/ 0
0 1013ms
1013ms Font
text/html 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Bold-WebXL.woff2
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/455/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kubitz.com.br/service/455/css.css
Origin: https://kubitz.com.br
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SKJL%2FqK8QVE5nQ3Hp3yyrSfuBz2LEL4Utmw8XGFGby3X8XSkVlqap7iVArqZ7EIA9TZ72KlV%2Fo9i%2ByR2nLguDziZyzFb48QhCmpAW3EcZzwzIoTVpI4UhH6iQD4mv%2BH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-varnish: 236028267
x-cache: MISS
cache-control: max-age=14400, must-revalidate
cf-ray: 7cca9ed59b07dfb9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 EuclidCircularB-Bold-WebXL.woff
kubitz.com.br/service/fonts/ 0
0 989ms
989ms Font
text/html 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Bold-WebXL.woff
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/455/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kubitz.com.br/service/455/css.css
Origin: https://kubitz.com.br
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nG5P0XewKY%2B819kZBzm5c8N8aeeO6ot3j87lnwIQILWWUfXDKJqhOfyxqMqiw1dAPqTCJ9sS3dm7iHzHKJkvJFfE9ZlFnc1v2VnuELrYriIc8F4xPGrbsQyaTVYno%2B01"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-varnish: 236028270
x-cache: MISS
cache-control: max-age=14400, must-revalidate
cf-ray: 7cca9edbea1edfb9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 EuclidCircularB-Regular-WebXL.woff
kubitz.com.br/service/fonts/ 0
0 991ms
991ms Font
text/html 172.67.209.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Regular-WebXL.woff
Requested by: Host: kubitz.com.br
URL: https://kubitz.com.br/service/455/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.209.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kubitz.com.br/service/455/css.css
Origin: https://kubitz.com.br
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 03:16:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqnudqI55XBu12WS%2BHeWTK%2Ba1VUktAbSKLFp0NEKfk9Ku9R8y760UPu036j6RgNJGGeIsT9bEd3o4%2BRoEkFldq%2BBLtrjIR7MHH06ly5Mm9%2BHMHDEs6QjH03xlVgTOMtC"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-varnish: 236356000
x-cache: MISS
cache-control: max-age=14400, must-revalidate
cf-ray: 7cca9edbfa22dfb9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e-in21.gtolink.in/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xbbqjywcah0xc0yybrduqhou
e-in21.gtolink.in/	1970-01-20 21:39:04	Name: ORG54994 Value: 775e6103-fa9d-11ed-a797-02342baa918a
web-in21.mxradon.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 5wfllwdpadnwa3mhyzgna3of
web-in21.mxradon.com/	1970-01-20 21:39:04	Name: ORG54994 Value: 775e6103-fa9d-11ed-a797-02342baa918a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kubitz.com.br/service/.r/455/mm.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Bold-WebXL.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Regular-WebXL.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Bold-WebXL.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kubitz.com.br/service/fonts/EuclidCircularB-Regular-WebXL.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audetour.ch
e-in21.gtolink.in
fonts.googleapis.com
kubitz.com.br
web-in21.mxradon.com
www.audetour.ch
142.251.12.95
172.67.209.24
23.61.205.49
52.66.25.51
80.74.151.88
153bc68bdfdeddd913445584cd5b6b78d6eaf99e05f0883d60804234751e1b14
37fafee4313ce7758bb77494faff9b04812a24981630b1c9c4494ae390310b45
488e2dd6efbdf809de8dbcf89e460fac2f7594607fd03b24d8a951441cd07a53
5bccc9870d6e3da3bc5771259d489b21b29f8efe6191d7dfc1145437a129acb5
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6339c2de581da9c508bd39e4ed384e3a503533e07dca07fbf45a15be81fe9df3
7a49b3376004d691c550ea23d5723730f0b5ff16c088580e5fbdd3e5405a80b7
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
ace3fa97e14c9613723a0aefa0a976a58daf740faa2e4321a4439f7109c7d921
da09bcc6bffef3b3d94c08f29df5eb141e894725ea761129fa4a29cb1662ab0c
f8eed89279c9607a79ab5621ca7d51fdd035838538547cc37e660f57b8fca361
f9f8861952913e6fd057410cc19dc91c7230ec9ba22095c41ec0ce1a667eff33
fceeefd5f759eaa9ccaf24c56e8061247b6af7792260eda10e77ce777fe971d8

kubitz.com.br Open in urlscan Pro 172.67.209.24 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

2 IPs

4 Countries

283 kBTransfer

492 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

4 Cookies

5 Console Messages

Indicators

kubitz.com.br Open in urlscan Pro
172.67.209.24 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

2
IPs

4
Countries

283 kB
Transfer

492 kB
Size

4
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!