Can someone verify the authenticity of this website?

General Discussion
1
  • Correctly Flagged
  • Incorrectly Flagged
0 voters

image
image535×342 15.4 KB

(IP Address: 172.67.73.233 on Port: 433) I forgot to delete the color my bad.

I got this same popup a few minutes later, as I was clicking off it, as I thought it was a duplicate popup that happened for whatever reason. I realized the first 3 digits of the IP Address in the 2nd Popup shared, were a little different then the ones on this one. (I think same port too, didn’t get a proper look as I clicked off it ofc.)

Here’s what I could already find via searching the IP on whois: Whois Lookup Captcha

image
image623×128 7.91 KB

image
image619×829 23.9 KB

image
image551×264 8.36 KB

Nothing on ReverseIP lookup:

image
image725×230 16.9 KB

Here’s what I could find via searching the website itself: Whois Lookup Captcha

image
image684×713 39.3 KB

image
image651×712 29.2 KB

I don’t even recognize going on the website, checked my browsing history too fyi, didn’t come up. Must’ve been a different link trying to secretly redirect me (or something, idk lol).

2

Bear in mind, when I went to go and access the website - This came up:

image
image1137×602 47.5 KB

3

The website cubeupload is an image hosting site and i.cubeupload.com / u.cubeupload.com is the content servers. Years ago people were uploading malicious files:

If you try to go to either one directly, you get “HTTP ERROR 500”. I think if you have an account and log in, you should have no trouble accessing your uploaded images. They might not allow ‘hot linking’ any more or have security protocols to prevent malicious files.
Those popup’s images might be hosted there and the uploader might be using some scripts to fetch the images.

4

So, I’m assuming you are saying that it is in fact a safe website and was incorrectly flagged?

5

The site is a hosting site and like any other host, it gets a blacklisting when it is determined something malicious is coming from it. The domain itself might not be malicious to visit it, but if its customers are uploading malicious content, then it will remain black listed until they fix the issue and ask to be removed from the blacklist.

The question would be, is there still malicious content on that domain?

You never mentioned how you came across that site or why you are interested in it. Did you find a file or image that is hosted there? Was it a popup that has its images originating from it? Its hard to help when I don’t know all the information that cause the inquiry.

6

The domain was registered in 2006 using the registrar Domainbox (Mesh Digital Ltd), which is a sub division of Godaddy. On my initial visit, it looks abandoned to me and all images seem to be deleted. This is one of the pages that looks like it was a sample page on how to use it for embedding the images on a website:
https://cubeupload.com/codes/774637

Opera Snapshot_2022-02-01_045810_cubeupload.com
Opera Snapshot_2022-02-01_045810_cubeupload.com1286×781 32 KB

The main page seems ok and I got no warnings or anything while visiting.

7

I came across the website via the popup that it has a trojan. Assuming i must have clicked on a link without realising that it was gonna take me there idk.