kewod.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kewod.xyz/br_share_pkg_download.html?pid=app_invites
Submission: On December 19 via api (December 19th 2023, 5:07:39 am UTC) from US — Scanned from NL

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kewod.xyz.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.

This is the only time kewod.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.138.215.254 159.138.215.254	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
7	3

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kewod.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.138.215.254 (São Paulo, Brazil)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-159-138-215-254.compute.hwclouds-dns.com

stat.brpost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	kewod.xyz kewod.xyz	133 KB
1	brpost.net stat.brpost.net	451 B
7	2

	Domain	Requested by
6	kewod.xyz	kewod.xyz
1	stat.brpost.net	kewod.xyz
7	2

This site contains no links.

Subject Issuer	Validity	Valid
kewod.xyz GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.brpost.net R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kewod.xyz/br_share_pkg_download.html?pid=app_invites
Frame ID: 4EBB3A89373AC8451037ECE1839AEB35
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Go Daily - Obtenha informações do seu jeito

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

133 kB
Transfer

184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request br_share_pkg_download.html Show response kewod.xyz/	4 KB 2 KB	489ms 409ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kewod.xyz/br_share_pkg_download.html?pid=app_invites Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `94d598a432ee0b8df3e27dcae9e8a90c1c4a17f559532867f95c3217904319aa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 837d1f6999bd1cc6-AMS content-encoding br content-type text/html date Tue, 19 Dec 2023 05:07:34 GMT last-modified Wed, 13 Jul 2022 08:54:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL1dpaMJWAJizmJ%2BAUTE2A%2BjMadhMpzvwPN%2B7GI7XX1yNEp0BPO5WHYj0KS6gm1Rj6tu74sof6vvPcoSYDjjD7AylYoWOb1t%2Bzed4SriLW%2BGSCKAXFhuWp5ZGyvd%2F2Gc8OlOz1GWYVs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	br_share_pkg_download.409a769b70be043c0993.css kewod.xyz/css/	14 KB 9 KB	427ms 427ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css Requested by Host: kewod.xyz URL: https://kewod.xyz/br_share_pkg_download.html?pid=app_invites Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a2926ec8ffb1ccd3a40186c62aa0cbf97a60b6d17c00272624b152c0e45377` Request headers accept-language nl-NL,nl;q=0.9 Referer https://kewod.xyz/br_share_pkg_download.html?pid=app_invites User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 05:07:34 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Jul 2022 08:54:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62ce8857-38b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmGPrOdghRfKovBsRH6xVMFDnfeT1lK6w9tEpxqk0PIjKHW22GHwNDMRJHx0sBHFBxG1JYV7RwBrecKISX9AJpQ326vZHzrCunUGrCavFKrxDvFwU3BrIWWc9qzIOk%2FA2IHs4WMkLQQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 837d1f6c2b951cc6-AMS alt-svc h3=":443"; ma=86400
GET H2	200	br_share_pkg_download.b7a84fa90ef14111408b.js Show response kewod.xyz/js/	60 KB 22 KB	626ms 626ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kewod.xyz/js/br_share_pkg_download.b7a84fa90ef14111408b.js Requested by Host: kewod.xyz URL: https://kewod.xyz/br_share_pkg_download.html?pid=app_invites Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `597b42ba2b26e50d237113073869a2fa0d986e7b2e6b97792f2d4d77d7d50170` Request headers accept-language nl-NL,nl;q=0.9 Referer https://kewod.xyz/br_share_pkg_download.html?pid=app_invites User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 05:07:35 GMT content-encoding br cf-cache-status MISS last-modified Wed, 13 Jul 2022 08:54:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62ce8857-f0b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byiPqOiWF7GPSO25Rb7hXxo5YILFEucTFqmTyK7ueseUE8CaZ1N%2BnLgtTA9%2BQ3hOu%2BgHYAt7doOONw1dkUx0B968g0sC5OJ7x%2BCdW0K3aNn5Tm0t0nWqZ3VQgyKsBGwjxL0qTK34kS8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 837d1f6c2b961cc6-AMS alt-svc h3=":443"; ma=86400
GET H3	200	d41f3cbc7e83672d42a615c196884e78.png kewod.xyz/img/	65 KB 66 KB	784ms 783ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kewod.xyz/img/d41f3cbc7e83672d42a615c196884e78.png Requested by Host: kewod.xyz URL: https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a0a1cc3e77f20cfdee04822d68e62cbd5049a5f4c006f3b4aad2ab66c61d36e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 05:07:35 GMT cf-cache-status MISS last-modified Wed, 13 Jul 2022 08:54:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62ce8857-10551" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsqo8468IeKv9c6X6KUejH0%2BWxmSrpSEEnominJhrZIhvp3myLKiEpWkubAlrU6BQCQr7JhX%2B6NtdwbTipnpqzzO5h0hQwkvryVMwKY1dGqRVu5Bw5byBIFhOTsmmhOzd6nP8Zv0VF4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 837d1f6edb2c6662-AMS alt-svc h3=":443"; ma=86400 content-length 66897
GET H3	200	0f8106164056aeab671057acb34989f4.png kewod.xyz/img/	13 KB 14 KB	421ms 421ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kewod.xyz/img/0f8106164056aeab671057acb34989f4.png Requested by Host: kewod.xyz URL: https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eaaacc6fdf69b4db510334f90af2b35f20537cff75d1c585b1fa309cf097e549` Request headers accept-language nl-NL,nl;q=0.9 Referer https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 05:07:35 GMT cf-cache-status MISS last-modified Wed, 13 Jul 2022 08:54:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62ce8857-3481" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzDxe7fVq%2BvoCQmSqPd2xCc5cOhk38KMVe1XqY0aJnlLUdGzn75LMg15cT6ZrTCW0ApPd0FdDmNC%2B64RTtxJSTRrsbVdTYYwuJvfcul8E%2BQ%2BNrZZD%2BJvFmQfbTwsinW5gvKpNHQVzpI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 837d1f6edb2e6662-AMS alt-svc h3=":443"; ma=86400 content-length 13441
GET H3	200	80ae108d67cd09b0fef35f153fa90e11.png kewod.xyz/img/	21 KB 21 KB	447ms 446ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kewod.xyz/img/80ae108d67cd09b0fef35f153fa90e11.png Requested by Host: kewod.xyz URL: https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c9da7affe7294b0dc807621077788b43bacbd6ed04d9e8ff38b3007aa2199200` Request headers accept-language nl-NL,nl;q=0.9 Referer https://kewod.xyz/css/br_share_pkg_download.409a769b70be043c0993.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 05:07:35 GMT cf-cache-status REVALIDATED last-modified Wed, 13 Jul 2022 08:54:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62ce8857-5226" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klYzA7LhIA8fYlQBQelzdALr7QM86FP%2FvUVss%2BAKeWTFwfgfWEopKfg8iCjEtOWdpQMbdbt5kFXXiQ8uOmlCTP0WxD1KUFo%2BKyCSOOrQEYH5KV9DZNTN2jq13ahhbA5im65Ti8%2BglxE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 837d1f6edb2f6662-AMS alt-svc h3=":443"; ma=86400 content-length 21030
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e42b59282d4e9c75b234ddeeefd32820816f7c0548607528b3e34a224e218125` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6d23125f860addf09a4725784ce9597db8b9c2616164b55141e5e8b4a0f9af74` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	894 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8f0551824968832e090d25551160f007f2176ac6bbcbe04b7a0e58ec0aa25efd` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	h5_stat Show response stat.brpost.net/api/	9 B 451 B	671ms 215ms	XHR application/json	159.138.215.254 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://stat.brpost.net/api/h5_stat?sign=34e076768ff50ce8256ad35e1667171c Requested by Host: kewod.xyz URL: https://kewod.xyz/js/br_share_pkg_download.b7a84fa90ef14111408b.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.215.254 São Paulo, Brazil, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-215-254.compute.hwclouds-dns.com Software nginx / Resource Hash `2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822` Request headers Referer https://kewod.xyz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 19 Dec 2023 05:07:35 GMT Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://kewod.xyz Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 9

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kewod.xyz
stat.brpost.net
159.138.215.254
2a06:98c1:3120::3
2a0a1cc3e77f20cfdee04822d68e62cbd5049a5f4c006f3b4aad2ab66c61d36e
2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822
597b42ba2b26e50d237113073869a2fa0d986e7b2e6b97792f2d4d77d7d50170
6d23125f860addf09a4725784ce9597db8b9c2616164b55141e5e8b4a0f9af74
8f0551824968832e090d25551160f007f2176ac6bbcbe04b7a0e58ec0aa25efd
94d598a432ee0b8df3e27dcae9e8a90c1c4a17f559532867f95c3217904319aa
c9da7affe7294b0dc807621077788b43bacbd6ed04d9e8ff38b3007aa2199200
d5a2926ec8ffb1ccd3a40186c62aa0cbf97a60b6d17c00272624b152c0e45377
e42b59282d4e9c75b234ddeeefd32820816f7c0548607528b3e34a224e218125
eaaacc6fdf69b4db510334f90af2b35f20537cff75d1c585b1fa309cf097e549

kewod.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

133 kBTransfer

184 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

kewod.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

133 kB
Transfer

184 kB
Size

0
Cookies

7 HTTP transactions
3 data transactions