sadhqer.life
Open in
urlscan Pro
37.220.87.2
Malicious Activity!
Public Scan
Submission: On April 19 via manual from DE — Scanned from UK
Summary
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.
This is the only time sadhqer.life was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: TBC Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 37.220.87.2 37.220.87.2 | 204603 (PARTNER-AS) (PARTNER-AS) | |
1 | 69.16.175.42 69.16.175.42 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
8 | 2 |
ASN204603 (PARTNER-AS, RU)
PTR: ipn-37-220-87-2.artem-catv.ru
sadhqer.life |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
sadhqer.life
sadhqer.life |
571 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 997 |
30 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
7 | sadhqer.life |
sadhqer.life
|
1 | code.jquery.com |
sadhqer.life
|
8 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.google.com |
windows.microsoft.com |
www.mozilla.org |
www.opera.com |
www.apple.com |
www.tbcbank.ge |
tbconline.ge |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sadhqer.life R3 |
2023-04-18 - 2023-07-17 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sadhqer.life/
Frame ID: 0EF8600A6CA4581D0DFC383032B750DF
Requests: 8 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: tbcbank.ge
Search URL Search Domain Scan URL
Title: უსაფრთხოება და კონფიდენციალურობა
Search URL Search Domain Scan URL
Title: დაგვიკავშირდი
Search URL Search Domain Scan URL
Title: ბიზნესი
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sadhqer.life/ |
2 KB 937 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.html
sadhqer.life/ |
196 KB 36 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
sadhqer.life/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-background.jpeg
sadhqer.life/img/ |
296 KB 296 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
down.png
sadhqer.life/img/ |
417 B 622 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBCDinNusxuri-Medium.woff2
sadhqer.life/fonts/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBCDinMtavruli-Regular.ttf
sadhqer.life/fonts/ |
181 KB 181 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: TBC Bank (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| call function| validateInputUser function| validateInputPass0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
sadhqer.life
37.220.87.2
69.16.175.42
028dbe842bbe9829d449b66701b5e1d198d171271eeb6a8662fd9df8322c1411
2cb3697c18883d8ab58a331e039a8867e44bb4e2f8e96d928d1452b91e7cbc07
53b0819dd629d617ac07b4821b2fc299e611aa8c2e27334753100e24e7171640
b3addfbde22b9a0039e49982a29880962a15668ec7564acdf2dc17b28121d4e6
c70935d6fee36cf12343e14fd569acef646cf68ed6e36d77343c75bb5cc0cf4a
d8e1d8f48cd8f050f88a0967744ecc2f2be8944989b7ece2cddcb99525c3f4fc
e7bff00c0a529f8ea9606e6a47a40c0d15da64387cb4ad41d1285096a39f5ebf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e