https://new.upvote.biz/#pricing
172.66.159.99 · Cloudflare, Inc.
Toronto, Canada
1335 days
200 · 9.2s
Valid· WE1, Google Trust Services, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
UpvoteBiz
Vendors
27/31
Status
partial
Registered-domain escalation
Submit upvote.biz as the primary IOC, enriched with evidence from hostile subdomains like new.upvote.biz.
upvotebiz-clone-kit
upvotebiz-clone-kit
Directives: skipAi, skipUnblocker, skipMobileVariant
technology | ecommerce | finance | other · 7/19/2026
The page presents branding for UpvoteBiz and loads legitimate-sounding marketing content. However, the page visually mirrors a Reddit-inspired theme and demonstrates a dynamic SPA structure with credential-like endpoints (e.g., /api/auth/session) and large JS bundles, suggesting potential credential capture risk. The evidence does not conclusively prove phishing against a known brand domain, but the combination of dynamic SPA login-related endpoints and heavy script loading warrants caution for credential harvesting risks.
Capture
Stages: 1
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 42
Hosts: 1
Domains: 1
Suspicious Endpoints
hxxps://new[.]upvote[.]biz/api/auth/session
hxxps://new[.]upvote[.]biz/_next/static/chunks/app/(public)/api/page-3960e0eee308cc51.js
No suspicious indicators identified
The scan indicates potential credential collection risk due to SPA-rendered login or authentication flows in the page's JavaScript, and the page uses Reddit-like branding on a domain that is not the official Reddit site. While the branding clearly imitates a well-known service, there is no definitive evidence in the static HTML of a credential form. The presence of an /api/auth/session endpoint and multiple JS bundles increases suspicion of potential credential collection. Advise monitoring and further verification, as the page could be an impersonation attempt or a first-party marketing platform with risky data handling.
Monitor