urlscan.io logo urlscan.io
SecurityTrails logo

smitzt-check.ubpages.com Open in urlscan Pro
172.64.146.119  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://smitzt-check.ubpages.com/login-v1/
Submission: On March 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 172.64.146.119, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is smitzt-check.ubpages.com.
TLS certificate: Issued by E1 on February 5th 2024. Valid for: 3 months.
This is the only time smitzt-check.ubpages.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
3 172.64.146.119 13335 (CLOUDFLAR...)
2 18.238.80.123 16509 (AMAZON-02)
5 18.164.115.225 16509 (AMAZON-02)
11 4
Apex Domain
Subdomains		 Transfer
5 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
5 KB
3 ubpages.com
smitzt-check.ubpages.com
22 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 36816
43 KB
11 3
Domain Requested by
5 d9hhrg4mnvzow.cloudfront.net smitzt-check.ubpages.com
3 smitzt-check.ubpages.com smitzt-check.ubpages.com
2 builder-assets.unbounce.com smitzt-check.ubpages.com
11 3

This site contains no links.

Subject Issuer Validity Valid
ubpages.com
E1		 2024-02-05 -
2024-05-05		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M03		 2023-12-10 -
2025-01-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://smitzt-check.ubpages.com/login-v1/
Frame ID: 3784176836B6D567DB5FC492D86778C2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Facebook

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

69 kB
Transfer

227 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
smitzt-check.ubpages.com/login-v1/ 		36 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47126aca73d464cf2ce53171c965665f5ca7bfa9fb4391767d7e631a42b5698

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
868803a46d7e369d-YYZ
content-encoding
br
content-location
https://smitzt-check.ubpages.com/login-v1/
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 17:48:43 GMT
etag
W/"a:263460d303664274b82ae0a5c01a6f11"
link
<https://smitzt-check.ubpages.com/login-v1/>; rel="canonical"
server
cloudflare
x-unbounce-pageid
3fecb59e-e766-11ee-9f8c-b24a52366dce
x-unbounce-variant
a
x-unbounce-visitorid
263460d3-0366-4274-b82a-e0a5c01a6f11
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 16:12:15 GMT
content-encoding
gzip
via
1.1 891301f67eeb14db1b941c87f006cfaa.cloudfront.net (CloudFront)
x-amz-version-id
IGcxgSFWwgqHVdByZ80UpVh2qmeNOwru
x-amz-cf-pop
JFK52-P5
age
3634589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Tue, 06 Feb 2024 22:57:30 GMT
server
AmazonS3
etag
"30e7cb5a22c554a27c1542cdc59a3422"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
mrQP8fJd-n2rThMiIBhy1cxf03uhhsowN4DFIBVnNtc3AyQHSIigQQ==
f4df309c96d8e9be008e7023f24330b4e9cd076f.js
smitzt-check.ubpages.com/_ub/static/ts/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smitzt-check.ubpages.com/_ub/static/ts/f4df309c96d8e9be008e7023f24330b4e9cd076f.js
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54506d6275c3d09572d1ab044f7343378fc9b40fa9b1769c5fccd543ee497348

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/login-v1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:48:43 GMT
content-encoding
br
via
1.1 c68c42bee8ee2097b641e29171b317c8.cloudfront.net (CloudFront)
x-amz-version-id
6lHFLJ3xek5g4FyMNhNu5u9aCngMTYpY
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P3
age
20994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 21 Mar 2024 15:18:03 GMT
server
cloudflare
etag
W/"9ff346a1c542989814c7dda8628acdf9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
868803a54f09369d-YYZ
x-amz-cf-id
ErQffTcuEE2lB6lLExGp5eFT0VSW5a8R7fcUGWlIO2N3KdkegWW9Bw==
expires
Sat, 22 Mar 2025 17:48:43 GMT
main.bundle-4ea5d01.z.js
builder-assets.unbounce.com/published-js/ 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-4ea5d01.z.js
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ea5d010a87ac4f32be233cec4099eac5d1d2d89df8c9016bb0457167effeee0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 22:28:50 GMT
content-encoding
gzip
via
1.1 891301f67eeb14db1b941c87f006cfaa.cloudfront.net (CloudFront)
x-amz-version-id
Qq92r4XdYjFbBW7hBakPYgPjwPjd94RR
x-amz-cf-pop
JFK52-P5
age
328794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39952
last-modified
Mon, 18 Mar 2024 22:24:27 GMT
server
AmazonS3
etag
"8886684cd399bd044111f5c786588b07"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nl6Nh_rwXOcNVkPNYwHS5AybSIVXhSSVjNTWbl8CU3Xt8AMocSHP1g==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
i
smitzt-check.ubpages.com/_ub/ 		2 B
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://smitzt-check.ubpages.com/_ub/i
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/_ub/static/ts/f4df309c96d8e9be008e7023f24330b4e9cd076f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://smitzt-check.ubpages.com/login-v1/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Mar 2024 17:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://smitzt-check.ubpages.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
cf-ray
868803a638b1369d-YYZ
content-length
2
167ad149-467f-49d9-aa84-78c59c7c3ecc
https://smitzt-check.ubpages.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://smitzt-check.ubpages.com/167ad149-467f-49d9-aa84-78c59c7c3ecc
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-4ea5d01.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
5427
Content-Type
text/css
jltrw0-11111_107501d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/jltrw0-11111_107501d000000000000028.png
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-225.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:39:19 GMT
x-amz-version-id
HfVWxVYLqFEQrZY9Vn0hN.Tg4MkjXp.c
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 20:04:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
565
etag
"0366bc9d507764fa9984c28adedd5862"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1801
x-amz-cf-id
Os3Wq03hYYpSdi7g38GcWgOc8FainFlbfvEoRN0g1yeyCU5i2SHlqQ==
go0io6--_10a0003000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ 		97 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/go0io6--_10a0003000000000000028.png
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-225.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:39:19 GMT
x-amz-version-id
eD7UZNL4Oer6wgp1JkKSnOR0ayGecSlE
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 20:04:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
565
etag
"1221bcc453459e2dfe0f7e3552088838"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
97
x-amz-cf-id
2-6pPah-BYX5QI-Oqb0F6YI3OwIVhsmmfCDOVdcVFmyhba_bIX90WA==
1s3h3sq-untitled_100t00j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ 		259 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/1s3h3sq-untitled_100t00j000000000000028.png
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-225.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:00:35 GMT
x-amz-version-id
zWrKED8Qv.j9Kz5KGeERu4HX14qHI69i
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 12:35:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
100089
etag
"7dc58655100a9b1337a276f78b855556"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
259
x-amz-cf-id
QVW6pzKV3RgcTmlphCMHwymD6SO8H-y0j6kQWcLjg9daDY8CyeVXRg==
ovge2-xd_100d00d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ 		227 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ovge2-xd_100d00d000000000000028.png
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-225.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:00:35 GMT
x-amz-version-id
czgG3lnO4YxGF4mpUtW63TCyUaYhV7Q1
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 12:35:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
100089
etag
"b15353fe5729359a2ef0e7b25b685ba4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
227
x-amz-cf-id
kiGIijFkWp9aTVz5FDXreQMe-pzN1QhM8CAss4JjtpJ85H4GbMFPWg==
ke5w6g-thong-bao_10av01e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ 		485 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-v1/ke5w6g-thong-bao_10av01e000000000000028.png
Requested by
Host: smitzt-check.ubpages.com
URL: https://smitzt-check.ubpages.com/login-v1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-225.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332bd7547dba1c0ddddf55126e44caee5596e8144d200445fcaa8e4a81e4ca58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smitzt-check.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:39:19 GMT
x-amz-version-id
aSe94Xl7xzm0faNDXwUDAn6LaKN4iFfh
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 20:04:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
565
etag
"b7ec7db8b9744e69586b7e22b6ceff6a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
485
x-amz-cf-id
Gx4SHgchfqPZgv2P5Xl1Rg9JQ7kh-foijyO_W32SMyWH65fUrSpeFw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ub object| module function| ubSnowplow boolean| ubSnowplowInitialized function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam

4 Cookies

Domain/Path Name / Value
smitzt-check.ubpages.com/login-v1/ Name: ubpv
Value: a%2C3fecb59e-e766-11ee-9f8c-b24a52366dce
smitzt-check.ubpages.com/ Name: ubvs
Value: 263460d3-0366-4274-b82a-e0a5c01a6f11
.ubpages.com/ Name: ubvt
Value: v2%7C263460d3-0366-4274-b82a-e0a5c01a6f11%7C3fecb59e-e766-11ee-9f8c-b24a52366dce%3Aa%3Asingle
.ubpages.com/ Name: __cf_bm
Value: yNnfGBlBN5XO2qre6.gciRWAodwKrFX9J_O_qztJwlw-1711129723-1.0.1.1-1WkWPUCdT_QPKJT20uyBjpd2vB27kSozwHOMj9.hMeI0UBP77sG2Bru0ZvRwPKUpWnKjKkA_aitvKIJYd.ZNhQ