![](/screenshots/cd2d8e84-426f-448e-a345-199367fbbb7f.png)
kubitz.com.br
Open in
urlscan Pro
172.67.209.24
Malicious Activity!
Public Scan
Effective URL: https://kubitz.com.br/service/
Submission: On May 25 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on April 10th 2023. Valid for: 3 months.
This is the only time kubitz.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.66.25.51 52.66.25.51 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 23.61.205.49 23.61.205.49 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 2 | 80.74.151.88 80.74.151.88 | 21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch) | |
16 | 172.67.209.24 172.67.209.24 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.251.12.95 142.251.12.95 | 15169 (GOOGLE) (GOOGLE) | |
17 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-66-25-51.ap-south-1.compute.amazonaws.com
e-in21.gtolink.in |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-205-49.deploy.static.akamaitechnologies.com
web-in21.mxradon.com |
ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: vesta.ch-dns.net
www.audetour.ch | |
audetour.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
kubitz.com.br
kubitz.com.br |
281 KB |
2 |
audetour.ch
2 redirects
www.audetour.ch audetour.ch |
441 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
1 |
mxradon.com
1 redirects
web-in21.mxradon.com — Cisco Umbrella Rank: 203452 |
686 B |
1 |
gtolink.in
1 redirects
e-in21.gtolink.in — Cisco Umbrella Rank: 318540 |
602 B |
17 | 5 |
Domain | Requested by | |
---|---|---|
16 | kubitz.com.br |
kubitz.com.br
|
1 | fonts.googleapis.com |
kubitz.com.br
|
1 | audetour.ch | 1 redirects |
1 | www.audetour.ch | 1 redirects |
1 | web-in21.mxradon.com | 1 redirects |
1 | e-in21.gtolink.in | 1 redirects |
17 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.kubitz.com.br GTS CA 1P5 |
2023-04-10 - 2023-07-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-24 - 2023-07-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kubitz.com.br/service/
Frame ID: B40BC1677D433D0A129BBFB94EB46AF3
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/cd2d8e84-426f-448e-a345-199367fbbb7f.png)
Page Title
Upgrade NeededPage URL History Show full URLs
-
http://e-in21.gtolink.in/t/em1/54994/1/967d2b19-281e-485e-a50d-f12400c3d7a2/7f597516fa8a11eda79702342...
HTTP 302
http://web-in21.mxradon.com/t/sc/54994/775e6103-fa9d-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.au... HTTP 302
http://www.audetour.ch/e/ser/ HTTP 301
http://audetour.ch/e/ser/ HTTP 302
https://kubitz.com.br/service/ Page URL
Detected technologies
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://e-in21.gtolink.in/t/em1/54994/1/967d2b19-281e-485e-a50d-f12400c3d7a2/7f597516fa8a11eda79702342baa918a
HTTP 302
http://web-in21.mxradon.com/t/sc/54994/775e6103-fa9d-11ed-a797-02342baa918a?returnTo=http%3a%2f%2fwww.audetour.ch%2fe%2fser%2f&ce=730 HTTP 302
http://www.audetour.ch/e/ser/ HTTP 301
http://audetour.ch/e/ser/ HTTP 302
https://kubitz.com.br/service/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
kubitz.com.br/service/ Redirect Chain
|
10 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
kubitz.com.br/service/455/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
kubitz.com.br/service/455/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webflow.css
kubitz.com.br/service/455/ |
40 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
kubitz.com.br/service/455/ |
110 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
kubitz.com.br/service/455/ |
12 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu.png
kubitz.com.br/service/455/ |
115 B 446 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrome.png
kubitz.com.br/service/455/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firefox.png
kubitz.com.br/service/455/ |
118 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brave-browser.png
kubitz.com.br/service/455/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.png
kubitz.com.br/service/455/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mm.svg
kubitz.com.br/service/.r/455/ |
26 KB 26 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EuclidCircularB-Regular-WebXL.woff2
kubitz.com.br/service/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EuclidCircularB-Bold-WebXL.woff2
kubitz.com.br/service/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EuclidCircularB-Bold-WebXL.woff
kubitz.com.br/service/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EuclidCircularB-Regular-WebXL.woff
kubitz.com.br/service/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
e-in21.gtolink.in/ | Name: ASP.NET_SessionId Value: xbbqjywcah0xc0yybrduqhou |
|
e-in21.gtolink.in/ | Name: ORG54994 Value: 775e6103-fa9d-11ed-a797-02342baa918a |
|
web-in21.mxradon.com/ | Name: ASP.NET_SessionId Value: 5wfllwdpadnwa3mhyzgna3of |
|
web-in21.mxradon.com/ | Name: ORG54994 Value: 775e6103-fa9d-11ed-a797-02342baa918a |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
audetour.ch
e-in21.gtolink.in
fonts.googleapis.com
kubitz.com.br
web-in21.mxradon.com
www.audetour.ch
142.251.12.95
172.67.209.24
23.61.205.49
52.66.25.51
80.74.151.88
153bc68bdfdeddd913445584cd5b6b78d6eaf99e05f0883d60804234751e1b14
37fafee4313ce7758bb77494faff9b04812a24981630b1c9c4494ae390310b45
488e2dd6efbdf809de8dbcf89e460fac2f7594607fd03b24d8a951441cd07a53
5bccc9870d6e3da3bc5771259d489b21b29f8efe6191d7dfc1145437a129acb5
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6339c2de581da9c508bd39e4ed384e3a503533e07dca07fbf45a15be81fe9df3
7a49b3376004d691c550ea23d5723730f0b5ff16c088580e5fbdd3e5405a80b7
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
ace3fa97e14c9613723a0aefa0a976a58daf740faa2e4321a4439f7109c7d921
da09bcc6bffef3b3d94c08f29df5eb141e894725ea761129fa4a29cb1662ab0c
f8eed89279c9607a79ab5621ca7d51fdd035838538547cc37e660f57b8fca361
f9f8861952913e6fd057410cc19dc91c7230ec9ba22095c41ec0ce1a667eff33
fceeefd5f759eaa9ccaf24c56e8061247b6af7792260eda10e77ce777fe971d8