sadadmoney-net.wantek.co Open in urlscan Pro
50.87.248.11 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sadadmoney-net.wantek.co/
Effective URL:
https://sadadmoney-net.wantek.co/
Submission: On December 09 via manual (December 9th 2021, 6:02:33 am UTC) from SA — Scanned from DE

Summary HTTP 23 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 23 HTTP transactions. The main IP is 50.87.248.11, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is sadadmoney-net.wantek.co.
TLS certificate: Issued by R3 on December 5th 2021. Valid for: 3 months.

This is the only time sadadmoney-net.wantek.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SADAD (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 3	50.87.248.11 50.87.248.11	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
15	2606:4700:10:... 2606:4700:10::6816:1588	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	3

3 50.87.248.11 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2088.bluehost.com

sadadmoney-net.wantek.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1588 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sadad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sadad.com www.sadad.com	79 KB
3	wantek.co 1 redirects sadadmoney-net.wantek.co	38 KB
0	Failed function sub() { [native code] }. Failed
23	3

	Domain	Requested by
15	www.sadad.com	sadadmoney-net.wantek.co www.sadad.com
3	sadadmoney-net.wantek.co	1 redirects
0	mhtml.blink Failed	sadadmoney-net.wantek.co
23	3

This site contains links to these domains. Also see Links.

Domain
www.sadad.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
sadadmoney.net R3	`2021-12-05` - `2022-03-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sadadmoney-net.wantek.co/
Frame ID: C629EA058B16C03531A10F4325E53129
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

فواتير سداد

Page URL History Show full URLs

http://sadadmoney-net.wantek.co/ HTTP 301
https://sadadmoney-net.wantek.co/ Page URL

Page Statistics

23
Requests

74 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

117 kB
Transfer

391 kB
Size

0
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sadad.com/en/pages/home-2.html
Title: Home

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/home.html
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Personal/Pages/default.html
Title: شخصي

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Personal/_layouts/Authenticate0f8e.html?Source=%2Far%2FPersonal%2FPages%2FSADADBills%2Easpx
Title: تسجيل الدخول

Search URL Search Domain Scan URL

URL: https://www.sadad.com/en/Pages/home.html

Search URL Search Domain Scan URL

URL: https://twitter.com/SADAD/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SADADPaymentSystem/%20/

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/AboutUs.html
Title: عن سداد

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/VMO.html
Title: الرؤية والمهمة والأهداف

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/Values.html
Title: قيمنا

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/MediaCenter/CertificatesandAwards/Pages/default.html
Title: شهادات وجوائز

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/MediaCenter/e-Newsletters/Pages/default.html
Title: النشرة الإلكترونية

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/MediaCenter/Wewerethere/Pages/default.html
Title: كنّا هناك

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Personal/Pages/SADADBills.html
Title: شخصي

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Personal/Pages/PaymentMethods.html
Title: طرق الدفع

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/Billers.html
Title: المفوترون

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Business/Pages/SADADBills.html
Title: فواتير سداد

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Business/Pages/MerchantsJoiningNow.html
Title: انضم الآن

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/Banks.html
Title: البنوك

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Business/Pages/PaymentMethods.html
Title: طرق الدفع

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/FAQ.html
Title: أسئلة متكررة

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/MediaCenter/Pages/SADAD-Logo-Guidelines.html
Title: توجيهات استخدام شعار سداد

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Banks/Pages/SADADBills.html
Title: فواتير سداد

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/Disclaimer.html
Title: تنويه

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/PrivacyPolicy.html
Title: سياسة الخصوصية

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/TermsOfUse.html
Title: شروط الاستخدام

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/ContactUs.html
Title: اتصل بنا

Search URL Search Domain Scan URL

URL: https://www.sadad.com/ar/Pages/Sitemap.html
Title: خريطة الموقع

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sadadmoney-net.wantek.co/ HTTP 301
https://sadadmoney-net.wantek.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sadadmoney-net.wantek.co/
Redirect Chain

http://sadadmoney-net.wantek.co/
https://sadadmoney-net.wantek.co/

29 KB
9 KB

767ms
473ms

Document
text/html

50.87.248.11
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.87.248.11 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box2088.bluehost.com

Software

Apache /

Resource Hash

5d156f2f0809d4647e3aa8ee439f1b914197c6a322b02779e989164ce2951a3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: max-age=300
expires: Thu, 09 Dec 2021 06:07:27 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-length: 8814
content-type: text/html; charset=UTF-8
date: Thu, 09 Dec 2021 06:02:27 GMT
server: Apache

Redirect headers

Date: Thu, 09 Dec 2021 06:02:27 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
Location: https://sadadmoney-net.wantek.co/
Cache-Control: max-age=300
Expires: Thu, 09 Dec 2021 06:07:27 GMT
Content-Length: 241
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET css-584e223b-968d-46a1-935d-ee1b98d44217@mhtml.blink
/ 0
0

GET css-f4320574-9ea0-4a7c-8534-9247bc69dbd6@mhtml.blink
/ 0
0

GET
H2 200 controls.css
www.sadad.com/Style%20Library/ar-SA/Themable/Core%20Styles/ 30 KB
5 KB 49ms
18ms Stylesheet
text/css 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sadad.com/Style%20Library/ar-SA/Themable/Core%20Styles/controls.css

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

359039bcb5264fecfde39a9f231db4b8d2badf0f168fc32c56fc889056e765f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5803
cf-polished: origSize=49555
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:58:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/css
cache-control: max-age=14400
cf-ray: 6bac0656be824351-FRA
cf-bgj: minify

GET
H2 200 page-layouts-21.css
www.sadad.com/Style%20Library/ar-SA/Core%20Styles/ 1 KB
665 B 56ms
25ms Stylesheet
text/css 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sadad.com/Style%20Library/ar-SA/Core%20Styles/page-layouts-21.css

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

701656161dc167a3fb85fffeabb2df89552a4ab322811c787d5e9d865eb69b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5803
cf-polished: origSize=1774
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:58:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: text/css
cache-control: max-age=14400
cf-ray: 6bac0656be854351-FRA
cf-bgj: minify

GET
H2 200 corev48630.css
www.sadad.com/_layouts/1025/styles/Themable/ 137 KB
24 KB 59ms
28ms Stylesheet
text/css 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sadad.com/_layouts/1025/styles/Themable/corev48630.css?rev=q4oC6vgYyMDS%2BypgPPiGcA%3D%3D

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ff9cf120fd5fd4257826f9f8b87a39318cb3bc4c2d7254fe6c9c21d2df25600

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5825
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 01:00:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/css
cache-control: max-age=14400
cf-ray: 6bac0656be864351-FRA
cf-bgj: minify

GET
H2 200 bootstrap.min.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ 119 KB
19 KB 50ms
19ms Stylesheet
text/css 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/bootstrap.min.css

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5988
vary: Accept-Encoding
content-length: 19741
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0656be874351-FRA

GET
H2 404 ie10-viewport-bug-workaround.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ 0
0 175ms
144ms Stylesheet
text/html 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ie10-viewport-bug-workaround.css
Requested by: Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 jquery.smartmenus.bootstrap.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/multilevel-menu/css/ 3 KB
711 B 49ms
19ms Stylesheet
text/css 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/multilevel-menu/css/jquery.smartmenus.bootstrap.css

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b343ff74c02205d8b4324cde81d74324da5ba7b06eca9a137ceb6c3c8d7b7e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5988
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:58:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/css
cache-control: max-age=14400
cf-ray: 6bac0656be884351-FRA
cf-bgj: minify

GET
H2 404 navbar.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ 0
0 182ms
151ms Stylesheet
text/html 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/navbar.css
Requested by: Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 styles.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/ 19 KB
4 KB 55ms
25ms Stylesheet
text/css 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70791816df959b5d95a23c1b21c23d14d1e4ec01764d31f41b354edec0bd6b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5825
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/css
cache-control: max-age=14400
cf-ray: 6bac0656be8a4351-FRA
cf-bgj: minify

GET
H2 200 fgimg.png
www.sadad.com/_layouts/images/ 20 KB
20 KB 20ms
19ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/images/fgimg.png

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4004293f081201ead3df6f86daa9d3974bde048ae8187cda602dffb256324124

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5824
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 20115
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 01:00:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0656deb44351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 arabic_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ 372 B
501 B 19ms
18ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/arabic_icon_disabled.png

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7234436a16815743645bf4ef4fafdce42027b982cf54e20518a16f01ff487207

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2015
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 372
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0656deb64351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 english_icon.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ 560 B
650 B 22ms
21ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/english_icon.png

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c8e9aadc1add3c5ed03bf930079ca0bab2689e47933aacbd6ec51d1bb5712e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2015
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 560
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0656deba4351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sadad_logo_ar.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ 3 KB
3 KB 21ms
20ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/sadad_logo_ar.png

Requested by

Host: sadadmoney-net.wantek.co
URL: https://sadadmoney-net.wantek.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b99a741b0cfdd528816822497368578c2bdbefa8a689797391a1d08d45acb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5824
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 2771
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0656debc4351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 twitter_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/ 494 B
584 B 14ms
13ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/twitter_icon_disabled.png

Requested by

Host: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ebd9fdde20679e9639aa035038fa007f990cdeb54bdecaccb9f94816d399c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2015
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 494
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0657b86a4351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 youtube_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/ 706 B
796 B 17ms
16ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/youtube_icon_disabled.png

Requested by

Host: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152b33cb3f2a8fd0dadbcf16c5ffc8189adefac666a334eef48e8414ea1f84bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2015
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 706
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0657b86b4351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 title_corner_bg_ar.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ 262 B
339 B 19ms
18ms Image
image/png 2606:4700:10::6816:1588
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/title_corner_bg_ar.png

Requested by

Host: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1588 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d56ce204051bce3c87f407dba052ed956337c2aeb93df7811f01d60d8fae757

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:02:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5824
cf-polished: origSize=378
vary: Accept-Encoding
content-length: 262
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 00:59:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bac0657b86d4351-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer_btn.png
sadadmoney-net.wantek.co/_layouts/inc/SADAD.Internet.Portal/img/ 29 KB
29 KB 453ms
453ms Image
text/html 50.87.248.11
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sadadmoney-net.wantek.co/_layouts/inc/SADAD.Internet.Portal/img/footer_btn.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.87.248.11 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box2088.bluehost.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sadadmoney-net.wantek.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
server: Apache
date: Thu, 09 Dec 2021 06:02:28 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/html; charset=UTF-8
cache-control: max-age=300
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8814
expires: Thu, 09 Dec 2021 06:07:28 GMT

GET FrutigerLTArabic-65Bold.html
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ 0
0

GET FrutigerLTArabic-55Roman.html
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ 0
0

GET FrutigerLTArabic-65Bold.ttf
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ 0
0

GET FrutigerLTArabic-55Roman.ttf
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mhtml.blink
URL: cid:css-584e223b-968d-46a1-935d-ee1b98d44217@mhtml.blink

Domain: mhtml.blink
URL: cid:css-f4320574-9ea0-4a7c-8534-9247bc69dbd6@mhtml.blink

Domain: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html

Domain: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html

Domain: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf

Domain: www.sadad.com
URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SADAD (Financial)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: cid:css-584e223b-968d-46a1-935d-ee1b98d44217@mhtml.blink Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: cid:css-f4320574-9ea0-4a7c-8534-9247bc69dbd6@mhtml.blink Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ie10-viewport-bug-workaround.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/navbar.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://sadadmoney-net.wantek.co/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html' from origin 'https://sadadmoney-net.wantek.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sadadmoney-net.wantek.co/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html' from origin 'https://sadadmoney-net.wantek.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sadadmoney-net.wantek.co/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf' from origin 'https://sadadmoney-net.wantek.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sadadmoney-net.wantek.co/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf' from origin 'https://sadadmoney-net.wantek.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mhtml.blink
sadadmoney-net.wantek.co
www.sadad.com
mhtml.blink
www.sadad.com
2606:4700:10::6816:1588
50.87.248.11
152b33cb3f2a8fd0dadbcf16c5ffc8189adefac666a334eef48e8414ea1f84bd
2d56ce204051bce3c87f407dba052ed956337c2aeb93df7811f01d60d8fae757
359039bcb5264fecfde39a9f231db4b8d2badf0f168fc32c56fc889056e765f3
4004293f081201ead3df6f86daa9d3974bde048ae8187cda602dffb256324124
5d156f2f0809d4647e3aa8ee439f1b914197c6a322b02779e989164ce2951a3d
5ebd9fdde20679e9639aa035038fa007f990cdeb54bdecaccb9f94816d399c8b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
701656161dc167a3fb85fffeabb2df89552a4ab322811c787d5e9d865eb69b1b
70791816df959b5d95a23c1b21c23d14d1e4ec01764d31f41b354edec0bd6b85
7234436a16815743645bf4ef4fafdce42027b982cf54e20518a16f01ff487207
7ff9cf120fd5fd4257826f9f8b87a39318cb3bc4c2d7254fe6c9c21d2df25600
9c8e9aadc1add3c5ed03bf930079ca0bab2689e47933aacbd6ec51d1bb5712e3
a3b99a741b0cfdd528816822497368578c2bdbefa8a689797391a1d08d45acb8
b343ff74c02205d8b4324cde81d74324da5ba7b06eca9a137ceb6c3c8d7b7e9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

sadadmoney-net.wantek.co Open in urlscan Pro 50.87.248.11 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

23 Requests

74 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

117 kBTransfer

391 kBSize

0 Cookies

28 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

12 Console Messages

Security Headers

Indicators

sadadmoney-net.wantek.co Open in urlscan Pro
50.87.248.11 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

74 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

117 kB
Transfer

391 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!