gl4adzsh0t.click
Open in
urlscan Pro
104.21.54.45
Malicious Activity!
Public Scan
Submission: On June 14 via api from RU — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.
This is the only time gl4adzsh0t.click was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SberBank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 104.21.54.45 104.21.54.45 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.166.188.188 104.166.188.188 | 21859 (ZEN-ECN) (ZEN-ECN) | |
4 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
27 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
gl4adzsh0t.click
gl4adzsh0t.click |
424 KB |
4 |
gstatic.com
fonts.gstatic.com |
51 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265 |
75 KB |
1 |
imotech.video
api.imotech.video — Cisco Umbrella Rank: 75159 |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77 |
1 KB |
27 | 5 |
Domain | Requested by | |
---|---|---|
17 | gl4adzsh0t.click |
gl4adzsh0t.click
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | cdnjs.cloudflare.com |
gl4adzsh0t.click
|
1 | api.imotech.video |
gl4adzsh0t.click
|
1 | fonts.googleapis.com |
gl4adzsh0t.click
|
27 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gl4adzsh0t.click WE1 |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.imotech.video AlphaSSL CA - SHA256 - G4 |
2023-07-12 - 2024-08-12 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gl4adzsh0t.click/refresher?key=1600764f7867d6ec66f8
Frame ID: 1756C44C074EEFA942DFF32B567BC2F7
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Получите доступ к заработку в интернете от 94 000 рублей на платформе отDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
refresher
gl4adzsh0t.click/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/19.2.16/css/ |
25 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/styles/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form.css
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/styles/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
api.imotech.video/ad/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
back.svg
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
526 B 836 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
138 KB 96 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
verified.svg
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
830 B 989 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phone.svg
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
underground.js
gl4adzsh0t.click/landers/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
libphonenumber-js.min.js
cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.10.58/ |
172 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/19.2.16/js/ |
32 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.js
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/js/ |
620 B 844 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom.js
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/js/ |
581 B 789 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chat.js
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form.js
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
refresher
gl4adzsh0t.click/ |
22 B 22 B |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader.gif
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
40 KB 40 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
238 KB 239 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
avatar.svg
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
210 B 689 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
gl4adzsh0t.click/landers/191_2d143e0e290515323206041f743b175e1e000e1823080432705552322f093e1f34/images/ |
28 KB 28 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SberBank (Banking)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| php_var function| bge function| sendRequestToBpix function| bge_ec_register object| bgdataLayer function| getQueryParams object| BPixelJS function| handleUserActivity function| startSendingRequests function| $ function| jQuery object| libphonenumber object| intlTelInputGlobals function| intlTelInput function| checkLocalStorage function| activateRegistrationForm4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gl4adzsh0t.click/ | Name: bc734 Value: 49aadcf9ff72bd51fa76db6760c227ec::1901:191 |
|
gl4adzsh0t.click/ | Name: uclick Value: kO7ellsJa4g13uf8bWCY5dB8xq1NU8s+5720QVw4YSk6GdDqvyw/ajJuY+pT/MoPy3j/FqU= |
|
gl4adzsh0t.click/ | Name: bcid Value: cpm4kcpmab0c7383i9og |
|
gl4adzsh0t.click/ | Name: cid Value: cpm4kcpmab0c7383i9og |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.imotech.video
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gl4adzsh0t.click
104.166.188.188
104.17.25.14
104.21.54.45
2a00:1450:4001:80b::200a
2a00:1450:4001:829::2003
1b8b0f2c83b395b520b9c94b76dff417814ea6fad694e36c7fa6bbaa36bfc644
31a653d3eef4fee8a0f663943e6da108d433da1103312e7ecca6fabea7dc7048
338bef3e850a85355f2e96acccfe4a32c2cb6d65dc1e96f92e41c6652e1aa658
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
57d4ea85a60012dac3014e047b85f06cbfd126366ed5d6e52df87726204a41fa
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6e4b0d0b71acb766482f7952dcf75855b2b20a33b4025051fcd02e2f8bd600c8
72c95b5175643370c57b8befe9fcaa4586bbff20886f7a3aca54d0df57cb0372
75406290a36c4f1b84f31a09098495f37951172a97f2a8931e57d5a56eb8036b
772bb77f7844995689027dc98342f07db91ababcd6e7f5dd5915c5dd2bc07f0a
81c9f9c685786d7e90fa0d877d41b52abb1ba68ea875c856b3a022c3cf410365
8a0a9e2acfa9985df9605a42298a1a5a61ecf03ec550b028192c0073360e8585
8ec47b02c1d77db28b451e3ab6786e76bdb8b9872de84ec0be08b253e6843cfb
9e0c93ff9ff4c5837e632e0be3840d7bb6692d64851df3768d62000896680976
aa1632b7087051eb51c59abe05908789ebec4311af5ed212c81059cebd2d29e8
b0da0439a71471db884fbd654518df5c4f9a1d08ad09abaf1e4ee34ab716e8b6
b360359ffe7d46d32329b6a454b0540e6d34bd444a6f9ecface6663e1cb98aba
d202c1816dc206ed1fedca7f0943f0715fb1e21e69eb8a743a436acfd70c1294
d45e035fc8a6284b01d9f86db0201f55332dca8836c658561242a6200b88141f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4396841a7c3b2805e113d3c72d7719158f36bb3d8938c1dbc0c5fc9394b8b57
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f832ceba3c99c4edc245a71fef30c6aaaf790d13c8f8de5a3964f2fdcfbd13cd
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a