smitzt-check.ubpages.com
Open in
urlscan Pro
172.64.146.119
Malicious Activity!
Public Scan
Effective URL: https://smitzt-check.ubpages.com/italy/
Submission: On March 22 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by E1 on February 5th 2024. Valid for: 3 months.
This is the only time smitzt-check.ubpages.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 76.76.21.9 76.76.21.9 | 16509 (AMAZON-02) (AMAZON-02) | |
2 8 | 172.64.146.119 172.64.146.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 13.224.189.14 13.224.189.14 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 52.222.137.27 52.222.137.27 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 4 |
ASN13335 (CLOUDFLARENET, US)
smitzt-check.ubpages.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-14.fra2.r.cloudfront.net
builder-assets.unbounce.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-27.ams50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
ubpages.com
2 redirects
smitzt-check.ubpages.com |
39 KB |
6 |
cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
540 KB |
4 |
unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 36816 |
85 KB |
2 |
url.zip
2 redirects
url.zip www.url.zip |
436 B |
18 | 4 |
Domain | Requested by | |
---|---|---|
8 | smitzt-check.ubpages.com |
2 redirects
smitzt-check.ubpages.com
|
6 | d9hhrg4mnvzow.cloudfront.net |
smitzt-check.ubpages.com
|
4 | builder-assets.unbounce.com |
smitzt-check.ubpages.com
|
1 | www.url.zip | 1 redirects |
1 | url.zip | 1 redirects |
18 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ubpages.com E1 |
2024-02-05 - 2024-05-05 |
3 months | crt.sh |
*.unbounce.com Amazon RSA 2048 M03 |
2023-12-10 - 2025-01-07 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://smitzt-check.ubpages.com/italy/
Frame ID: 66EBABCCB3DD77E16970FC3FB3A7B740
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://url.zip/eb6247d
HTTP 308
https://www.url.zip/eb6247d HTTP 307
https://smitzt-check.ubpages.com/login-italy HTTP 301
https://smitzt-check.ubpages.com/login-italy/ Page URL
-
https://smitzt-check.ubpages.com/italy
HTTP 301
https://smitzt-check.ubpages.com/italy/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://url.zip/eb6247d
HTTP 308
https://www.url.zip/eb6247d HTTP 307
https://smitzt-check.ubpages.com/login-italy HTTP 301
https://smitzt-check.ubpages.com/login-italy/ Page URL
-
https://smitzt-check.ubpages.com/italy
HTTP 301
https://smitzt-check.ubpages.com/italy/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://url.zip/eb6247d HTTP 308
- https://www.url.zip/eb6247d HTTP 307
- https://smitzt-check.ubpages.com/login-italy HTTP 301
- https://smitzt-check.ubpages.com/login-italy/
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
smitzt-check.ubpages.com/login-italy/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f4df309c96d8e9be008e7023f24330b4e9cd076f.js
smitzt-check.ubpages.com/_ub/static/ts/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-4ea5d01.z.js
builder-assets.unbounce.com/published-js/ |
125 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
smitzt-check.ubpages.com/_ub/ |
2 B 216 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8270b997-734b-4324-a312-b3cc8fc98d7b
https://smitzt-check.ubpages.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1675d90f-giphy.gif
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/login-italy/ |
534 KB 535 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
smitzt-check.ubpages.com/italy/ Redirect Chain
|
36 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f4df309c96d8e9be008e7023f24330b4e9cd076f.js
smitzt-check.ubpages.com/_ub/static/ts/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-4ea5d01.z.js
builder-assets.unbounce.com/published-js/ |
125 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
smitzt-check.ubpages.com/_ub/ |
2 B 64 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
093ad588-8f29-4cad-afcd-63d7747fe89a
https://smitzt-check.ubpages.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jltrw0-11111_107501d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/italy/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go0io6--_10a0003000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/italy/ |
97 B 515 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1s3h3sq-untitled_100t00j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/italy/ |
259 B 679 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ovge2-xd_100d00d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/italy/ |
227 B 646 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ke5w6g-thong-bao_10av01e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/smitzt-check.ubpages.com/italy/ |
485 B 904 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
smitzt-check.ubpages.com/login-italy/ | Name: ubpv Value: a%2C834c6f68-398b-41a4-af3c-6148707716e7 |
|
smitzt-check.ubpages.com/italy/ | Name: ubpv Value: a%2Cb741a3c2-b1a4-4b92-8e40-9943d011ca3b |
|
.ubpages.com/ | Name: __cf_bm Value: RLPQgx_AsSCV9uzCMQvNMxXcI_wS7qGb2HbxbylnQ9Q-1711113885-1.0.1.1-DsxAWnyaA.Z8NxQcFUqNwmMDRyyuPj5e_cvV8mYqKY0M4i8XBb0Ba0cGzNK9qs0XHqCJbh7emLnOv0k1y2fgcg |
|
smitzt-check.ubpages.com/ | Name: ubvs Value: 5d23f180-761a-4994-8fc1-73e012b2aa86 |
|
.ubpages.com/ | Name: ubvt Value: v2%7C5d23f180-761a-4994-8fc1-73e012b2aa86%7Cb741a3c2-b1a4-4b92-8e40-9943d011ca3b%3Aa%3Asingle%7C834c6f68-398b-41a4-af3c-6148707716e7%3Aa%3Asingle |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
smitzt-check.ubpages.com
url.zip
www.url.zip
13.224.189.14
172.64.146.119
52.222.137.27
76.76.21.21
76.76.21.9
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2
327ae742eed82e987d258a3485271cdb3350e4fea187221508406fbb3ee516ab
332bd7547dba1c0ddddf55126e44caee5596e8144d200445fcaa8e4a81e4ca58
4ea5d010a87ac4f32be233cec4099eac5d1d2d89df8c9016bb0457167effeee0
54506d6275c3d09572d1ab044f7343378fc9b40fa9b1769c5fccd543ee497348
76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912
aecd70910fb07f11c1e17e31312b659fb624fe028f65dc22034464ca41a768c5
ba6963b8866e8858cb11c03305397db683d72db307b09cf97efea087ec7661f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629