![](/screenshots/6bd4a9b0-2f8d-4db6-ade3-f895908a98a4.png)
sadadmoney-net.wantek.co
Open in
urlscan Pro
50.87.248.11
Malicious Activity!
Public Scan
Effective URL: https://sadadmoney-net.wantek.co/
Submission: On December 09 via manual from SA — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 5th 2021. Valid for: 3 months.
This is the only time sadadmoney-net.wantek.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SADAD (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 50.87.248.11 50.87.248.11 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
15 | 2606:4700:10:... 2606:4700:10::6816:1588 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2088.bluehost.com
sadadmoney-net.wantek.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
sadad.com
www.sadad.com |
79 KB |
3 |
wantek.co
1 redirects
sadadmoney-net.wantek.co |
38 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
23 | 3 |
Domain | Requested by | |
---|---|---|
15 | www.sadad.com |
sadadmoney-net.wantek.co
www.sadad.com |
3 | sadadmoney-net.wantek.co | 1 redirects |
0 | mhtml.blink Failed |
sadadmoney-net.wantek.co
|
23 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sadad.com |
twitter.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sadadmoney.net R3 |
2021-12-05 - 2022-03-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-05 - 2022-07-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sadadmoney-net.wantek.co/
Frame ID: C629EA058B16C03531A10F4325E53129
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/6bd4a9b0-2f8d-4db6-ade3-f895908a98a4.png)
Page Title
فواتير سدادPage URL History Show full URLs
-
http://sadadmoney-net.wantek.co/
HTTP 301
https://sadadmoney-net.wantek.co/ Page URL
Page Statistics
28 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: الرئيسية
Search URL Search Domain Scan URL
Title: شخصي
Search URL Search Domain Scan URL
Title: تسجيل الدخول
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: عن سداد
Search URL Search Domain Scan URL
Title: الرؤية والمهمة والأهداف
Search URL Search Domain Scan URL
Title: قيمنا
Search URL Search Domain Scan URL
Title: شهادات وجوائز
Search URL Search Domain Scan URL
Title: النشرة الإلكترونية
Search URL Search Domain Scan URL
Title: كنّا هناك
Search URL Search Domain Scan URL
Title: شخصي
Search URL Search Domain Scan URL
Title: طرق الدفع
Search URL Search Domain Scan URL
Title: المفوترون
Search URL Search Domain Scan URL
Title: فواتير سداد
Search URL Search Domain Scan URL
Title: انضم الآن
Search URL Search Domain Scan URL
Title: البنوك
Search URL Search Domain Scan URL
Title: طرق الدفع
Search URL Search Domain Scan URL
Title: أسئلة متكررة
Search URL Search Domain Scan URL
Title: توجيهات استخدام شعار سداد
Search URL Search Domain Scan URL
Title: فواتير سداد
Search URL Search Domain Scan URL
Title: تنويه
Search URL Search Domain Scan URL
Title: سياسة الخصوصية
Search URL Search Domain Scan URL
Title: شروط الاستخدام
Search URL Search Domain Scan URL
Title: اتصل بنا
Search URL Search Domain Scan URL
Title: خريطة الموقع
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sadadmoney-net.wantek.co/
HTTP 301
https://sadadmoney-net.wantek.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sadadmoney-net.wantek.co/ Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-584e223b-968d-46a1-935d-ee1b98d44217@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-f4320574-9ea0-4a7c-8534-9247bc69dbd6@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.css
www.sadad.com/Style%20Library/ar-SA/Themable/Core%20Styles/ |
30 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-layouts-21.css
www.sadad.com/Style%20Library/ar-SA/Core%20Styles/ |
1 KB 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corev48630.css
www.sadad.com/_layouts/1025/styles/Themable/ |
137 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ |
119 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie10-viewport-bug-workaround.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.smartmenus.bootstrap.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/multilevel-menu/css/ |
3 KB 711 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fgimg.png
www.sadad.com/_layouts/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arabic_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
372 B 501 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
english_icon.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
560 B 650 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sadad_logo_ar.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/ |
494 B 584 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/ |
706 B 796 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
title_corner_bg_ar.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
262 B 339 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_btn.png
sadadmoney-net.wantek.co/_layouts/inc/SADAD.Internet.Portal/img/ |
29 KB 29 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-65Bold.html
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-55Roman.html
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-65Bold.ttf
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-55Roman.ttf
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mhtml.blink
- URL
- cid:css-584e223b-968d-46a1-935d-ee1b98d44217@mhtml.blink
- Domain
- mhtml.blink
- URL
- cid:css-f4320574-9ea0-4a7c-8534-9247bc69dbd6@mhtml.blink
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SADAD (Financial)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mhtml.blink
sadadmoney-net.wantek.co
www.sadad.com
mhtml.blink
www.sadad.com
2606:4700:10::6816:1588
50.87.248.11
152b33cb3f2a8fd0dadbcf16c5ffc8189adefac666a334eef48e8414ea1f84bd
2d56ce204051bce3c87f407dba052ed956337c2aeb93df7811f01d60d8fae757
359039bcb5264fecfde39a9f231db4b8d2badf0f168fc32c56fc889056e765f3
4004293f081201ead3df6f86daa9d3974bde048ae8187cda602dffb256324124
5d156f2f0809d4647e3aa8ee439f1b914197c6a322b02779e989164ce2951a3d
5ebd9fdde20679e9639aa035038fa007f990cdeb54bdecaccb9f94816d399c8b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
701656161dc167a3fb85fffeabb2df89552a4ab322811c787d5e9d865eb69b1b
70791816df959b5d95a23c1b21c23d14d1e4ec01764d31f41b354edec0bd6b85
7234436a16815743645bf4ef4fafdce42027b982cf54e20518a16f01ff487207
7ff9cf120fd5fd4257826f9f8b87a39318cb3bc4c2d7254fe6c9c21d2df25600
9c8e9aadc1add3c5ed03bf930079ca0bab2689e47933aacbd6ec51d1bb5712e3
a3b99a741b0cfdd528816822497368578c2bdbefa8a689797391a1d08d45acb8
b343ff74c02205d8b4324cde81d74324da5ba7b06eca9a137ceb6c3c8d7b7e9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855