behtareenhealth.com.pk
Open in
urlscan Pro
64.31.43.162
Malicious Activity!
Public Scan
Submission: On March 08 via manual from PK — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.
This is the only time behtareenhealth.com.pk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Charles Schwab (Financial)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 64.31.43.162 64.31.43.162 | 46475 (LIMESTONE...) (LIMESTONENETWORKS) | |
1 | 2.18.29.152 2.18.29.152 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 92.123.104.63 92.123.104.63 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:480... 2a02:26f0:480:9a4::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a02:26f0:480... 2a02:26f0:480:18d::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:480... 2a02:26f0:480:989::2682 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
36 | 7 |
ASN46475 (LIMESTONENETWORKS, US)
PTR: s17.hosterpk.com
behtareenhealth.com.pk |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-29-152.deploy.static.akamaitechnologies.com
content.schwab.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-63.deploy.static.akamaitechnologies.com
client.schwabcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
behtareenhealth.com.pk
behtareenhealth.com.pk |
211 KB |
4 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1435 c.go-mpulse.net — Cisco Umbrella Rank: 659 s2.go-mpulse.net — Cisco Umbrella Rank: 5738 |
103 KB |
2 |
schwabcdn.com
client.schwabcdn.com — Cisco Umbrella Rank: 28614 |
41 KB |
1 |
schwab.com
content.schwab.com — Cisco Umbrella Rank: 28465 www.schwab.com Failed sws-gateway-nr.schwab.com Failed |
249 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
36 | 5 |
Domain | Requested by | |
---|---|---|
16 | behtareenhealth.com.pk |
behtareenhealth.com.pk
|
2 | c.go-mpulse.net |
s.go-mpulse.net
s2.go-mpulse.net |
2 | client.schwabcdn.com |
behtareenhealth.com.pk
|
1 | s2.go-mpulse.net |
behtareenhealth.com.pk
|
1 | s.go-mpulse.net |
behtareenhealth.com.pk
|
1 | content.schwab.com |
behtareenhealth.com.pk
|
0 | sws-gateway-nr.schwab.com Failed |
behtareenhealth.com.pk
|
0 | www.schwab.com Failed |
behtareenhealth.com.pk
|
0 | hhojmcideegachlhfgfdhailpfhgknjm Failed |
behtareenhealth.com.pk
|
36 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.schwab.com |
welcome.schwab.com |
sws-gateway-nr.schwab.com |
client.schwab.com |
brokercheck.finra.org |
www.sipc.org |
www.schwab-global.com |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.freelancepak.behtareenhealth.com.pk R3 |
2024-01-24 - 2024-04-23 |
3 months | crt.sh |
content.schwab.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-26 - 2024-06-25 |
a year | crt.sh |
client.schwabcdn.com Entrust Certification Authority - L1K |
2024-01-08 - 2025-01-07 |
a year | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2024-03-06 - 2025-03-06 |
a year | crt.sh |
s2.go-mpulse.net R3 |
2024-02-12 - 2024-05-12 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab.html
Frame ID: 53CB6CE978885E84D40407096DDFE59B
Requests: 19 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/EX83G-QNMSL-P9787-NRSC7-7EJJ3
Frame ID: 523C38D55C5C4620938F60D5B00B67B0
Requests: 2 HTTP requests in this frame
Frame:
https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/saved_resource(1).html
Frame ID: 781F821C338E08EB27C0AA17360404A0
Requests: 14 HTTP requests in this frame
Frame:
https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/saved_resource(2).html
Frame ID: 8C60268556E7B84CA01DD2455EFD2D05
Requests: 1 HTTP requests in this frame
17 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: create your Schwab Login ID and password first
Search URL Search Domain Scan URL
Title: Login ID
Search URL Search Domain Scan URL
Title: Password?
Search URL Search Domain Scan URL
Title: New User?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Client Relationship Summaries
Search URL Search Domain Scan URL
Title: Schwab Safe®
Search URL Search Domain Scan URL
Title: The Schwab Security Guarantee
Search URL Search Domain Scan URL
Title: Web Browser Information
Search URL Search Domain Scan URL
Title: FINRA's BrokerCheck
Search URL Search Domain Scan URL
Title: member SIPC
Search URL Search Domain Scan URL
Title: non-U.S. residents
Search URL Search Domain Scan URL
Title: California Privacy Notice
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login%20_%20Charles%20Schwab.html
behtareenhealth.com.pk/schwab/ |
140 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s92726557205792
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-background-hq.png
content.schwab.com/web/login/ |
248 KB 249 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CharlesModern-Regular.8f42eb9674012799efea.woff
client.schwabcdn.com/Areas/Access/Content/login/dist/font/ |
22 KB 22 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CharlesModernMedium.1b247deb1873c1b8b158.woff
client.schwabcdn.com/Areas/Access/Content/login/dist/font/ |
19 KB 19 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.9887b156e7f00e5514d9.css
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
52 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Themes-Image-promo-369.jpg
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Getty_1166830366_PTS_pro_trustee.jpg
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SIP-1-Login-Screener.png
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1aIgI
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index.js
hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CS_logo_140x140.jpg
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EX83G-QNMSL-P9787-NRSC7-7EJJ3
s.go-mpulse.net/boomerang/ Frame 523C |
209 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
c.go-mpulse.net/api/ Frame 523C |
114 B 277 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
saved_resource(1).html
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
484 KB 81 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
getlocation
www.schwab.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
saved_resource(2).html
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 8C60 |
149 B 208 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CharlesModern-Regular.8f42eb9674012799efea.woff
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CharlesModernMedium.1b247deb1873c1b8b158.woff
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CharlesModern-Light.49518a871252ad9f5bc3.woff
sws-gateway-nr.schwab.com/ui/canary/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf
sws-gateway-nr.schwab.com/ui/canary/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CZVGX-3YDPM-X96ZN-Y57BM-BDYU2
s2.go-mpulse.net/boomerang/ Frame 781F |
209 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CZVGX-3YDPM-X96ZN-Y57BM-BDYU2
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
schwab-secondary.css
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
364 B 299 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
runtime.2c5f2a81d996105c561d.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p0lyf1lls.371ea7095b3ccbda5ed6.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
scripts.3b517bdbcd910ce71d98.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.c0757e910978d6420034.js.download
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index.js
hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CobrowseJS.ashx
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
13 KB 13 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
c.go-mpulse.net/api/ Frame 781F |
142 B 305 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fyl.css
behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/ Frame 781F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- hhojmcideegachlhfgfdhailpfhgknjm
- URL
- chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/index.js
- Domain
- www.schwab.com
- URL
- https://www.schwab.com/api/getlocation
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/font/CharlesModern-Regular.8f42eb9674012799efea.woff
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
- Domain
- sws-gateway-nr.schwab.com
- URL
- https://sws-gateway-nr.schwab.com/ui/canary/CharlesModern-Light.49518a871252ad9f5bc3.woff
- Domain
- sws-gateway-nr.schwab.com
- URL
- https://sws-gateway-nr.schwab.com/ui/canary/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/CZVGX-3YDPM-X96ZN-Y57BM-BDYU2
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/runtime.2c5f2a81d996105c561d.js.download
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/p0lyf1lls.371ea7095b3ccbda5ed6.js.download
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/scripts.3b517bdbcd910ce71d98.js.download
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/main.c0757e910978d6420034.js.download
- Domain
- hhojmcideegachlhfgfdhailpfhgknjm
- URL
- chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/index.js
- Domain
- behtareenhealth.com.pk
- URL
- https://behtareenhealth.com.pk/schwab/Login%20_%20Charles%20Schwab_files/fyl.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Charles Schwab (Financial)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| languageSelector object| feedbackSubmitted function| sendFeedback function| callGeolocationApi function| setPrivacyLinkVisibility function| initializeTealiumLoading function| loadTealium0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
behtareenhealth.com.pk
c.go-mpulse.net
client.schwabcdn.com
content.schwab.com
hhojmcideegachlhfgfdhailpfhgknjm
s.go-mpulse.net
s2.go-mpulse.net
sws-gateway-nr.schwab.com
www.schwab.com
behtareenhealth.com.pk
hhojmcideegachlhfgfdhailpfhgknjm
sws-gateway-nr.schwab.com
www.schwab.com
2.18.29.152
2a02:26f0:480:18d::11a6
2a02:26f0:480:989::2682
2a02:26f0:480:9a4::11a6
64.31.43.162
92.123.104.63
17e736da295f4f5ea92c52526c3553fb8407458d3b05844f2e705c1bcee4494e
2bb9907bce592dc0ca4cba959985cae86b091c88d6ee207de221cade96b5fe7b
3b5021c912cc9fc5e576f4622811bb9ea528bae3874e4812ea8c36a6c14c998e
44fb34059330c59dcd4a9545ba27d9b8f734476aaf0080d9004f84a287ca35d9
4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60a68e17e48ad3544f69d30834c00596c7711e525bbd9541adbddc671b6b13c3
61de0434d04b57d22f1a273ec9cf1a7fe1ee60b822a7f3f559330951414e3378
6d2aaec1c4f741796d011216027fd876a8196bb6e6de1bb77cf527eee4c3e844
763eb71efe450ba10517a69afa179a0fbb96197aa4814f06c87e7f5e9af29a10
866d3cf7b3cb6382cf9973ceaf898ed1d5437d819fad403747c01a3fc5208810
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
9df6d0b6d7f305faeeac1f2b8996ce76973669f323cbc360aed1fdc9117a479e
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de
badfe43ae0ddbe5abbc84ca378a906003a750943c9b647af89057b14db7c831f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f