![](/screenshots/9e2c32e1-6a83-4eeb-ad65-d9b1b2f6db91.png)
sdaadmoney.cf
Open in
urlscan Pro
172.67.147.227
Malicious Activity!
Public Scan
Submission: On October 06 via manual from SA — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 3rd 2021. Valid for: 3 months.
This is the only time sdaadmoney.cf was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SADAD (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 172.67.147.227 172.67.147.227 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 104.22.20.136 104.22.20.136 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
41 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
sadad.com
www.sadad.com |
429 KB |
2 |
sdaadmoney.cf
sdaadmoney.cf |
69 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
41 | 3 |
Domain | Requested by | |
---|---|---|
32 | www.sadad.com |
sdaadmoney.cf
www.sadad.com |
2 | sdaadmoney.cf |
sdaadmoney.cf
|
0 | mhtml.blink Failed |
sdaadmoney.cf
|
41 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sadad.com |
twitter.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sdaadmoney.cf R3 |
2021-10-03 - 2022-01-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-05 - 2022-07-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sdaadmoney.cf/
Frame ID: BADC6E14E4CF657D7DB29ADC31810281
Requests: 41 HTTP requests in this frame
28 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: الرئيسية
Search URL Search Domain Scan URL
Title: تسجيل الدخول
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: عن سداد
Search URL Search Domain Scan URL
Title: الرؤية والمهمة والأهداف
Search URL Search Domain Scan URL
Title: قيمنا
Search URL Search Domain Scan URL
Title: شهادات وجوائز
Search URL Search Domain Scan URL
Title: النشرة الإلكترونية
Search URL Search Domain Scan URL
Title: كنّا هناك
Search URL Search Domain Scan URL
Title: شخصي
Search URL Search Domain Scan URL
Title: فواتير سداد
Search URL Search Domain Scan URL
Title: طرق الدفع
Search URL Search Domain Scan URL
Title: المفوترون
Search URL Search Domain Scan URL
Title: فواتير سداد
Search URL Search Domain Scan URL
Title: انضم الآن
Search URL Search Domain Scan URL
Title: البنوك
Search URL Search Domain Scan URL
Title: طرق الدفع
Search URL Search Domain Scan URL
Title: أسئلة متكررة
Search URL Search Domain Scan URL
Title: توجيهات استخدام شعار سداد
Search URL Search Domain Scan URL
Title: فواتير سداد
Search URL Search Domain Scan URL
Title: تنويه
Search URL Search Domain Scan URL
Title: سياسة الخصوصية
Search URL Search Domain Scan URL
Title: شروط الاستخدام
Search URL Search Domain Scan URL
Title: اتصل بنا
Search URL Search Domain Scan URL
Title: خريطة الموقع
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sdaadmoney.cf/ |
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-bcf77f8f-2549-4b46-a774-e5ac5027fab2@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-3c0adda9-2169-43cb-9867-5082295ff9cf@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css-bbadbbef-00c5-4267-8e4d-458270822e43@mhtml.blink
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.css
www.sadad.com/Style%20Library/ar-SA/Themable/Core%20Styles/ |
30 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-layouts-21.css
www.sadad.com/Style%20Library/ar-SA/Core%20Styles/ |
1 KB 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corev48630.css
www.sadad.com/_layouts/1025/styles/Themable/ |
137 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ |
119 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie10-viewport-bug-workaround.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.smartmenus.bootstrap.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/multilevel-menu/css/ |
3 KB 707 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fgimg.png
www.sadad.com/_layouts/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arabic_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
372 B 489 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
english_icon.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
560 B 650 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sadad_logo_ar.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ah1.jpg
www.sadad.com/ar/Lists/Banks/Attachments/3/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkIcon.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
625 B 759 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ANBLogonewwebsite.jpg
www.sadad.com/ar/Lists/Banks/Attachments/5/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BAJ.jpg
www.sadad.com/ar/Lists/Banks/Attachments/6/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BSFCCM1.jpg
www.sadad.com/ar/Lists/Banks/Attachments/7/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ENBD.jpg
www.sadad.com/ar/Lists/Banks/Attachments/8/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MUSCAT.jpg
www.sadad.com/ar/Lists/Banks/Attachments/9/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RBP1.jpg
www.sadad.com/ar/Lists/Banks/Attachments/10/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SABB-LOGO2.gif
www.sadad.com/ar/Lists/Banks/Attachments/11/ |
13 KB 13 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sambalogo.bmp
www.sadad.com/ar/Lists/Banks/Attachments/12/ |
106 KB 106 KB |
Image
image/x-ms-bmp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
The_Saudi_Investment_Bank.png
www.sadad.com/ar/Lists/Banks/Attachments/13/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Untitled.jpg
www.sadad.com/ar/Lists/Banks/Attachments/14/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
untitledba.bmp
www.sadad.com/ar/Lists/Banks/Attachments/15/ |
96 KB 96 KB |
Image
image/x-ms-bmp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
936143_1223754970.gif
www.sadad.com/ar/Lists/Banks/Attachments/16/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GIB.jpg
www.sadad.com/ar/Lists/Banks/Attachments/17/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Al_Rajhi_Bank.jpg
www.sadad.com/ar/Lists/Banks/Attachments/18/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NBK_Logo.jpg
www.sadad.com/ar/Lists/Banks/Attachments/19/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/ |
494 B 562 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube_icon_disabled.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/ |
706 B 797 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
title_corner_bg_ar.png
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/ |
262 B 343 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_btn.png
sdaadmoney.cf/_layouts/inc/SADAD.Internet.Portal/img/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-65Bold.html
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-55Roman.html
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-55Roman.ttf
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTArabic-65Bold.ttf
www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mhtml.blink
- URL
- cid:css-bcf77f8f-2549-4b46-a774-e5ac5027fab2@mhtml.blink
- Domain
- mhtml.blink
- URL
- cid:css-3c0adda9-2169-43cb-9867-5082295ff9cf@mhtml.blink
- Domain
- mhtml.blink
- URL
- cid:css-bbadbbef-00c5-4267-8e4d-458270822e43@mhtml.blink
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf
- Domain
- www.sadad.com
- URL
- https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SADAD (Financial)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mhtml.blink
sdaadmoney.cf
www.sadad.com
mhtml.blink
www.sadad.com
104.22.20.136
172.67.147.227
12bf0c9521c513c27d9f119145df1055894963c1575a08671457ea58be2acd65
152b33cb3f2a8fd0dadbcf16c5ffc8189adefac666a334eef48e8414ea1f84bd
2214dd3e3aaa4190276ae54c9f9ecaee8de74dff1295b20ced6163e36b1f74f1
27a0fc28cfa6fcb58ed09381bb504fe2a64c4575c899999ba79b879a1c28e13c
2d56ce204051bce3c87f407dba052ed956337c2aeb93df7811f01d60d8fae757
33411c99d23fea47c220dcaa01b92e0effff49fe58c77bd24a78b05374b9783a
359039bcb5264fecfde39a9f231db4b8d2badf0f168fc32c56fc889056e765f3
377e79b1924f6791cb854879830b3b2b132b59dc2533100b4ca4cecf0bf53c5c
4004293f081201ead3df6f86daa9d3974bde048ae8187cda602dffb256324124
42c0a09e992f57d3ab09367a7a9715240c3208f2b40cba5312cfc5de5049dfba
5690aed1e54590c924886bf81ecba9f4a0566613e9b8ac4695d4afeb0404bd23
591f43929a28796a47b185bd1fba8b5dbb8029cd5e6f044c79346b0a784685a5
5ca5e67c1d267762ebb01996f5387541fc0d88118e75d691c2094b8ecbd90eb5
5ebd9fdde20679e9639aa035038fa007f990cdeb54bdecaccb9f94816d399c8b
61c0b403a7398cca707d0bbc0506fa118c685561768b662ca16b8d266185e151
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
701656161dc167a3fb85fffeabb2df89552a4ab322811c787d5e9d865eb69b1b
70791816df959b5d95a23c1b21c23d14d1e4ec01764d31f41b354edec0bd6b85
7234436a16815743645bf4ef4fafdce42027b982cf54e20518a16f01ff487207
7b2103abd225ce0041a68fb29ef8aefbf0855860be8cd5364969312133af1ebf
7ff9cf120fd5fd4257826f9f8b87a39318cb3bc4c2d7254fe6c9c21d2df25600
82811f2112076423b69ce960ac2ce849e1359ee749cc320234d5c8fe74c87b11
9c8e9aadc1add3c5ed03bf930079ca0bab2689e47933aacbd6ec51d1bb5712e3
a1e7e3474cd42b1a8e6a3556c83dd183732f2203daa8d689ae79b3b0482ac388
a3b99a741b0cfdd528816822497368578c2bdbefa8a689797391a1d08d45acb8
acb852be211af316065fdf1773d45cdfb35d24dadf9395c7bcf3466bdfd2923d
b343ff74c02205d8b4324cde81d74324da5ba7b06eca9a137ceb6c3c8d7b7e9f
c06099afdb076aff559f77872c4191b7b231eeb351cb921e1c2931b9ebd83dea
cfb68debfcec66389d4442ae8becd53059a734301fb03e453ec7d14402219b68
e9b50bc443f5058609707562e0dc85344d3dee36f201b87afdf5f6abe9479da4
f008eb262e2f375179045ef0bf62dd91de419386fc99da237c0f84b0a0c2a7b8
f6eac338fd0482c0a5ccdb022d113d73084517ca02deb4582ad18e29d305bf33