service-ch2ubs.com Open in urlscan Pro
66.29.141.35 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://plink.hu/f5j
Effective URL:
https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html
Submission Tags: 7230245
Submission: On July 15 via api (July 15th 2021, 7:30:33 pm UTC) from NL

Summary HTTP 10 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 66.29.141.35, located in United States and belongs to NAMECHEAP-NET, US. The main domain is service-ch2ubs.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 15th 2021. Valid for: a year.

This is the only time service-ch2ubs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UBS (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	79.172.205.122 79.172.205.122	43711 (SZERVERNE...) (SZERVERNET-HU-AS)
1 1	82.223.122.127 82.223.122.127	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 11	66.29.141.35 66.29.141.35	22612 (NAMECHEAP...) (NAMECHEAP-NET)
10	1

1 79.172.205.122 (Hungary) 1 redirects

ASN43711 (SZERVERNET-HU-AS, HU)
PTR: s102.profitarhely.hu

plink.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.223.122.127 (Spain) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail.zree.es

scholapuericantores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 66.29.141.35 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server310-3.web-hosting.com

service-ch2ubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	service-ch2ubs.com 1 redirects service-ch2ubs.com	177 KB
1	scholapuericantores.com 1 redirects scholapuericantores.com	142 B
1	plink.hu 1 redirects plink.hu	172 B
10	3

	Domain	Requested by
11	service-ch2ubs.com	1 redirects service-ch2ubs.com
1	scholapuericantores.com	1 redirects
1	plink.hu	1 redirects
10	3

This site contains links to these domains. Also see Links.

Domain
ebanking-ch2.ubs.com
secure.ubs.com

Subject Issuer	Validity	Valid
service-ch2ubs.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-15` - `2022-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html
Frame ID: 0E9582BB21DD9CF54C5501790DD3C7EA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://plink.hu/f5j HTTP 301
https://scholapuericantores.com/wp-blog/ HTTP 302
https://service-ch2ubs.com/workbench/ HTTP 302
https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

177 kB
Transfer

293 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://ebanking-ch2.ubs.com/workbench/WorkbenchOpenAction.do?login&locale=fr-CH
Title: Français

Search URL Search Domain Scan URL

URL: https://ebanking-ch2.ubs.com/workbench/WorkbenchOpenAction.do?login&locale=it-CH
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ebanking-ch2.ubs.com/workbench/WorkbenchOpenAction.do?login&locale=en-US
Title: English

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/branches
Title: Geschäftsstellen

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/atm
Title: Bancomaten/Geldautomaten

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/help
Title: Hilfe: Fragen und Antworten

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/support
Title: Digital Banking Support

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/service-line
Title: Service Line Privatkunden

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/corporate-assistance
Title: Betreuung Unternehmenskunden

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/contact
Title: Weitere Kontaktadressen

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-ebanking
Title: UBS E-Banking in der Schweiz

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-safe
Title: UBS Safe

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-quotes
Title: UBS Quotes

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-keyclub
Title: UBS KeyClub eStore

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-connect
Title: UBS Connect

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-keytrader
Title: UBS KeyTrader

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-investment-bank
Title: Kundenportale der Investment Bank

Search URL Search Domain Scan URL

URL: https://secure.ubs.com/__digitalbanking-CH/de/login-more
Title: More logins

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://plink.hu/f5j HTTP 301
https://scholapuericantores.com/wp-blog/ HTTP 302
https://service-ch2ubs.com/workbench/ HTTP 302
https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/ Redirect Chain https://plink.hu/f5j https://scholapuericantores.com/wp-blog/ https://service-ch2ubs.com/workbench/ https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html	14 KB 4 KB	172ms 171ms	Document text/html	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `08b698ac7974b1517a218d8222bb1bb739127c009ca0897303d9c404b1ebb319` Request headers :method GET :authority service-ch2ubs.com :scheme https :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:12 GMT server Apache last-modified Thu, 15 Jul 2021 19:30:12 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip content-length 3581 content-type text/html Redirect headers date Thu, 15 Jul 2021 19:30:12 GMT server Apache x-powered-by PHP/7.2.34 location a4bc4ecdab6c5e67001fda4264eef4f0192/index.html content-length 0 content-type text/html; charset=UTF-8
GET H2	200	uwr.css service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	95 KB 13 KB	324ms 324ms	Stylesheet text/css	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `ebbbaf979803af26f6204ed17ae4e490c1552d01c888462cee6ac4522ec4414b` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 13466
GET H2	200	default.css service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	28 KB 7 KB	176ms 176ms	Stylesheet text/css	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `14f1b7122680e653a6d8039c7b147f9b135cb3c426e35375aa687aa30cb35a6a` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6772
GET H2	200	d5f7284703073bcfa98f27157dd0cd59e34b1f35.svg service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	6 KB 3 KB	477ms 476ms	Image image/svg+xml	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/d5f7284703073bcfa98f27157dd0cd59e34b1f35.svg Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `167d91249d9000e337cbaaaa58a6f446f0beba3fa2b62eaef0fddd2a82f82263` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/d5f7284703073bcfa98f27157dd0cd59e34b1f35.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 2571
GET H2	200	409b4bec-c67e-4764-a141-054db8df81d2.woff service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	59 KB 59 KB	179ms 178ms	Font font/woff	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/409b4bec-c67e-4764-a141-054db8df81d2.woff Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `337ec17f70f0041ed0e70bfd10cac161da800980036a66342791091c10bf22d1` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/409b4bec-c67e-4764-a141-054db8df81d2.woff pragma no-cache origin https://service-ch2ubs.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css :scheme https sec-fetch-site same-origin :method GET Origin https://service-ch2ubs.com Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache accept-ranges bytes content-length 60260 content-type font/woff
GET H2	200	6dc452effbbb854fea9bb46f011fdc33d9154da4.svg service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	526 B 521 B	478ms 477ms	Image image/svg+xml	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/6dc452effbbb854fea9bb46f011fdc33d9154da4.svg Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `329a54a4d1966abb2a846911add2bbee0944c6afd17cff49f3a86cb24a2e2c37` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/6dc452effbbb854fea9bb46f011fdc33d9154da4.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 373
GET H2	200	ffddee7f6fe73fa38192cc5efdbc2c42f78ca397.svg service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	526 B 522 B	477ms 477ms	Image image/svg+xml	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/ffddee7f6fe73fa38192cc5efdbc2c42f78ca397.svg Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `80a57ce9e47761df90463391c2fb538c0da1e24b8da19df8d7970ed72d75663f` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/ffddee7f6fe73fa38192cc5efdbc2c42f78ca397.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 374
GET H2	200	59d9a83f-4045-4d43-af46-655f845461ee.woff service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	70 KB 70 KB	478ms 477ms	Font font/woff	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/59d9a83f-4045-4d43-af46-655f845461ee.woff Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `31b67d268afc10ee4a23749d1c406633589e64272a8e151f97a50cd1a34802a2` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/59d9a83f-4045-4d43-af46-655f845461ee.woff pragma no-cache origin https://service-ch2ubs.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css :scheme https sec-fetch-site same-origin :method GET Origin https://service-ch2ubs.com Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache accept-ranges bytes content-length 71616 content-type font/woff
GET H2	200	44a86a2a6fab0970b9dcdc93690423933f0bbce9.svg service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	533 B 496 B	761ms 761ms	Image image/svg+xml	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/44a86a2a6fab0970b9dcdc93690423933f0bbce9.svg Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `b1484e7fd1898dd79dfa52a93cc617ed4e31c8c22829413d8b5d5b56f8c5fff6` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/44a86a2a6fab0970b9dcdc93690423933f0bbce9.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/uwr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 348
GET H2	200	illustrations-login_keychain.png service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/	20 KB 20 KB	618ms 618ms	Image image/png	66.29.141.35 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/illustrations-login_keychain.png Requested by Host: service-ch2ubs.com URL: https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.35 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server310-3.web-hosting.com Software Apache / Resource Hash `2192281c5f07f6a11781f3f980f4cc3542ca6cbf29c417c0eb5d1636c84863a4` Request headers :path /workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/illustrations-login_keychain.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority service-ch2ubs.com referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css :scheme https sec-fetch-site same-origin :method GET Referer https://service-ch2ubs.com/workbench/a4bc4ecdab6c5e67001fda4264eef4f0192/godfather/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 19:30:13 GMT last-modified Thu, 15 Jul 2021 19:30:12 GMT server Apache accept-ranges bytes content-length 20174 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UBS (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

plink.hu
scholapuericantores.com
service-ch2ubs.com
66.29.141.35
79.172.205.122
82.223.122.127
08b698ac7974b1517a218d8222bb1bb739127c009ca0897303d9c404b1ebb319
14f1b7122680e653a6d8039c7b147f9b135cb3c426e35375aa687aa30cb35a6a
167d91249d9000e337cbaaaa58a6f446f0beba3fa2b62eaef0fddd2a82f82263
2192281c5f07f6a11781f3f980f4cc3542ca6cbf29c417c0eb5d1636c84863a4
31b67d268afc10ee4a23749d1c406633589e64272a8e151f97a50cd1a34802a2
329a54a4d1966abb2a846911add2bbee0944c6afd17cff49f3a86cb24a2e2c37
337ec17f70f0041ed0e70bfd10cac161da800980036a66342791091c10bf22d1
80a57ce9e47761df90463391c2fb538c0da1e24b8da19df8d7970ed72d75663f
b1484e7fd1898dd79dfa52a93cc617ed4e31c8c22829413d8b5d5b56f8c5fff6
ebbbaf979803af26f6204ed17ae4e490c1552d01c888462cee6ac4522ec4414b

service-ch2ubs.com Open in urlscan Pro 66.29.141.35 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

3 Countries

177 kBTransfer

293 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

service-ch2ubs.com Open in urlscan Pro
66.29.141.35 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

177 kB
Transfer

293 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!