smartcase.ltda Open in urlscan Pro
162.214.126.242 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gardacentre.com/VeR3F78yGvudWtEE/
Effective URL:
https://smartcase.ltda/bounce/index.php
Submission: On August 07 via api (August 7th 2024, 2:42:33 pm UTC) from US — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 162.214.126.242, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is smartcase.ltda.
TLS certificate: Issued by R11 on July 12th 2024. Valid for: 3 months.

This is the only time smartcase.ltda was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 1	182.23.64.67 182.23.64.67	38513 (LINTASART...) (LINTASARTA-AS-ID PT Aplikanusa Lintasarta)
11	162.214.126.242 162.214.126.242	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
11	2

1 182.23.64.67 (Indonesia) 1 redirects

ASN38513 (LINTASARTA-AS-ID PT Aplikanusa Lintasarta, ID)

www.gardacentre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.214.126.242 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-4983193.etm.ltda

smartcase.ltda	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	smartcase.ltda smartcase.ltda	868 KB
1	gardacentre.com 1 redirects www.gardacentre.com	260 B
0	Failed function sub() { [native code] }. Failed
11	3

	Domain	Requested by
11	smartcase.ltda	smartcase.ltda
1	www.gardacentre.com	1 redirects
0	truncated Failed	smartcase.ltda
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.smartcase.ltda R11	`2024-07-12` - `2024-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://smartcase.ltda/bounce/index.php
Frame ID: 9FDE1FD8D377345658A8BAC1291E2CAF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login

Page URL History Show full URLs

http://www.gardacentre.com/VeR3F78yGvudWtEE/ HTTP 307
https://www.gardacentre.com/VeR3F78yGvudWtEE/ HTTP 301
https://smartcase.ltda/bounce/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

868 kB
Transfer

865 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gardacentre.com/VeR3F78yGvudWtEE/ HTTP 307
https://www.gardacentre.com/VeR3F78yGvudWtEE/ HTTP 301
https://smartcase.ltda/bounce/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response smartcase.ltda/bounce/ Redirect Chain http://www.gardacentre.com/VeR3F78yGvudWtEE/ https://www.gardacentre.com/VeR3F78yGvudWtEE/ https://smartcase.ltda/bounce/index.php	6 KB 7 KB	584ms 97ms	Document text/html	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `668e7f655fa659d2355027c7b5864e12551af8565bc773b40505941c0103f93c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Length 6555 Content-Type text/html; charset=UTF-8 Date Wed, 07 Aug 2024 14:42:26 GMT Keep-Alive timeout=5, max=100 Server Apache Redirect headers Connection Keep-Alive Content-Length 247 Content-Type text/html; charset=iso-8859-1 Date Wed, 07 Aug 2024 14:42:26 GMT Keep-Alive timeout=5, max=100 Location https://smartcase.ltda/bounce/index.php Server Apache
GET H/1.1	200 OK	ionos.min.css smartcase.ltda/bounce/img/	536 KB 536 KB	101ms 97ms	Stylesheet text/css	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/ionos.min.css Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `6723ecb403154012c2450e5b7f91307a7753f44d2afb72907b1f1e14b9d656f2` Request headers Referer https://smartcase.ltda/bounce/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:26 GMT Last-Modified Thu, 16 Nov 2023 12:09:30 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 548395
GET H/1.1	200 OK	navigation.css smartcase.ltda/bounce/img/	87 KB 87 KB	283ms 94ms	Stylesheet text/css	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/navigation.css Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `d8f728a4d4a5a7c3fbb51a714fc879c165c15355ffef94481b90e7d2dc7d3a89` Request headers Referer https://smartcase.ltda/bounce/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 11:58:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 88878
GET H/1.1	200 OK	statuspage.css smartcase.ltda/bounce/img/	4 KB 5 KB	290ms 100ms	Stylesheet text/css	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/statuspage.css Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `c7df07994107ab0f418d55d13a8b4a0043e484bf2ab914d0b5a65f14f3acf72e` Request headers Referer https://smartcase.ltda/bounce/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 12:12:34 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4566
GET H/1.1	200 OK	starter-main.min.css smartcase.ltda/bounce/img/	2 KB 2 KB	288ms 96ms	Stylesheet text/css	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/starter-main.min.css Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `5ef6834dac6f7776e6e30377716395f46dfd88dc757daf6c51176dfb6a996761` Request headers Referer https://smartcase.ltda/bounce/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 11:32:42 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2061
GET H/1.1	200 OK	key.png smartcase.ltda/bounce/img/	1 KB 2 KB	288ms 96ms	Image image/png	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://smartcase.ltda/bounce/img/key.png Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `500cf959017e540aded29aa998d655d907970a66c4e2baa8c54d4bb169877615` Request headers Referer https://smartcase.ltda/bounce/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 11:49:08 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1435
GET H/1.1	200 OK	opensans-regular.woff smartcase.ltda/bounce/img/	62 KB 62 KB	98ms 97ms	Font font/woff	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/opensans-regular.woff Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/img/ionos.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b` Request headers Referer https://smartcase.ltda/bounce/img/ionos.min.css Origin https://smartcase.ltda User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 12:07:10 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 63712
GET		truncated /	0 0

GET H/1.1	200 OK	overpass-regular.woff smartcase.ltda/bounce/img/	42 KB 42 KB	97ms 97ms	Font font/woff	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/overpass-regular.woff Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/img/ionos.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5` Request headers Referer https://smartcase.ltda/bounce/img/ionos.min.css Origin https://smartcase.ltda User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 12:07:02 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 42580
GET H/1.1	200 OK	opensans-semibold.woff smartcase.ltda/bounce/img/	68 KB 68 KB	99ms 99ms	Font font/woff	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/opensans-semibold.woff Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/img/ionos.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `b0390aa3e137e3e49d7d6ed5d86c208fec1dd45ff8a56836c3f86c2e32cd2d7a` Request headers Referer https://smartcase.ltda/bounce/img/ionos.min.css Origin https://smartcase.ltda User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 12:07:06 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 69888
GET H/1.1	200 OK	exos-icon-font.woff smartcase.ltda/bounce/img/	50 KB 50 KB	98ms 97ms	Font font/woff	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/exos-icon-font.woff Requested by Host: smartcase.ltda URL: https://smartcase.ltda/bounce/img/ionos.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3` Request headers Referer https://smartcase.ltda/bounce/img/ionos.min.css Origin https://smartcase.ltda User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 12:07:14 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 50688
GET H/1.1	200 OK	favicon.ico smartcase.ltda/bounce/img/	7 KB 7 KB	100ms 99ms	Other image/x-icon	162.214.126.242 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://smartcase.ltda/bounce/img/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.214.126.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-4983193.etm.ltda Software Apache / Resource Hash `192483228ae6cdab87abbbde507440bffbdc1d90e7fd565f915c19b820cff3b0` Request headers Referer https://smartcase.ltda/bounce/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 07 Aug 2024 14:42:27 GMT Last-Modified Thu, 16 Nov 2023 11:51:18 GMT Server Apache Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 7406

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://smartcase.ltda/bounce/index.php Message: [DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: data:image/svg+xml; Message: Failed to load resource: net::ERR_INVALID_URL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

smartcase.ltda
truncated
www.gardacentre.com
truncated
162.214.126.242
182.23.64.67
192483228ae6cdab87abbbde507440bffbdc1d90e7fd565f915c19b820cff3b0
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3
500cf959017e540aded29aa998d655d907970a66c4e2baa8c54d4bb169877615
5ef6834dac6f7776e6e30377716395f46dfd88dc757daf6c51176dfb6a996761
668e7f655fa659d2355027c7b5864e12551af8565bc773b40505941c0103f93c
6723ecb403154012c2450e5b7f91307a7753f44d2afb72907b1f1e14b9d656f2
b0390aa3e137e3e49d7d6ed5d86c208fec1dd45ff8a56836c3f86c2e32cd2d7a
c7df07994107ab0f418d55d13a8b4a0043e484bf2ab914d0b5a65f14f3acf72e
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
d8f728a4d4a5a7c3fbb51a714fc879c165c15355ffef94481b90e7d2dc7d3a89

smartcase.ltda Open in urlscan Pro 162.214.126.242 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

868 kBTransfer

865 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

smartcase.ltda Open in urlscan Pro
162.214.126.242 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

868 kB
Transfer

865 kB
Size

0
Cookies

11 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!