slfcin.com.ng
Open in
urlscan Pro
164.160.128.121
Malicious Activity!
Public Scan
Submission: On March 22 via manual from CN
Summary
This is the only time slfcin.com.ng was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 164.160.128.121 164.160.128.121 | 328110 (Garanntor...) (Garanntor-Hosting-AS) | |
6 | 13.32.220.199 13.32.220.199 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 198.90.22.157 198.90.22.157 | 35914 (ARMOR-DEF...) (ARMOR-DEFENSE - Armor Defense Inc) | |
1 2 | 172.82.228.16 172.82.228.16 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 172.227.115.186 172.227.115.186 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
10 | 6 |
ASN328110 (Garanntor-Hosting-AS, NG)
PTR: gh-ws-lh02.garanntor.net
slfcin.com.ng |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-220-199.fra56.r.cloudfront.net
static.adobelogin.com |
ASN35914 (ARMOR-DEFENSE - Armor Defense Inc, US)
nau.edu |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net
stats.adobe.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-115-186.deploy.static.akamaitechnologies.com
use.typekit.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
adobelogin.com
static.adobelogin.com |
83 KB |
2 |
adobe.com
1 redirects
stats.adobe.com |
2 KB |
1 |
typekit.net
use.typekit.net |
7 KB |
1 |
nau.edu
nau.edu |
50 KB |
1 |
slfcin.com.ng
slfcin.com.ng |
7 KB |
10 | 5 |
Domain | Requested by | |
---|---|---|
6 | static.adobelogin.com |
slfcin.com.ng
|
2 | stats.adobe.com |
1 redirects
slfcin.com.ng
|
1 | use.typekit.net |
slfcin.com.ng
|
1 | nau.edu |
slfcin.com.ng
|
1 | slfcin.com.ng | |
10 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.adobe.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://slfcin.com.ng/purchase/access/
Frame ID: 49BE5FF3881A77BD96429656504CC6E8
Requests: 11 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- env /^Modernizr$/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
Typekit (Font Scripts) Expand
Detected patterns
- env /^Typekit$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Learn more.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://stats.adobe.com/b/ss/adbadobenonacdcprod,adbims/1/JS-1.5.2/s6862318395929?AQB=1&ndh=1&pf=1&t=22%2F2%2F2018%201%3A16%3A26%204%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AIMS%3AonLoad_SignInForm&g=http%3A%2F%2Fslfcin.com.ng%2Fpurchase%2Faccess%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AIMS%3AonLoad_SignInForm&v13=SignIn&c22=Anyware_Checkout&v30=unified_checkout&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1 HTTP 302
- http://stats.adobe.com/b/ss/adbadobenonacdcprod,adbims/1/JS-1.5.2/s6862318395929?AQB=1&pccr=true&vidn=2D5981F505314097-60000115C02D478C&&ndh=1&pf=1&t=22%2F2%2F2018%201%3A16%3A26%204%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AIMS%3AonLoad_SignInForm&g=http%3A%2F%2Fslfcin.com.ng%2Fpurchase%2Faccess%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AIMS%3AonLoad_SignInForm&v13=SignIn&c22=Anyware_Checkout&v30=unified_checkout&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
slfcin.com.ng/purchase/access/ |
26 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head.css
static.adobelogin.com/renga-idprovider/resources/667ef2cbfb05ea8af675b27878f5e5d3/spectrum/css/ |
44 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_head.js
static.adobelogin.com/renga-idprovider/resources/667ef2cbfb05ea8af675b27878f5e5d3/spectrum/script/ |
56 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
logo(1).png
nau.edu/uploadedImages/Administrative/ITS/CTSS/Desktop_Support_(Central)/~Topic_Pages/Images/ |
49 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_body.js
static.adobelogin.com/renga-idprovider/resources/667ef2cbfb05ea8af675b27878f5e5d3/spectrum/script/ |
147 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_capsindicator.js
static.adobelogin.com/renga-idprovider/resources/667ef2cbfb05ea8af675b27878f5e5d3/spectrum/script/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s6862318395929
stats.adobe.com/b/ss/adbadobenonacdcprod,adbims/1/JS-1.5.2/ Redirect Chain
|
43 B 654 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock-yellow.svg
static.adobelogin.com/renga-idprovider/resources/667ef2cbfb05ea8af675b27878f5e5d3/spectrum/img/icons/ |
345 B 910 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.svg
static.adobelogin.com/renga-idprovider/resources/667ef2cbfb05ea8af675b27878f5e5d3/spectrum/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ecr2zvs.js
use.typekit.net/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| special_day_char function| css_browser_selector function| Visitor function| AppMeasurement function| s_gi function| s_pgicq number| CSSBS number| CSSBS_webkit number| CSSBS_chrome number| CSSBS_mac number| CSSBS_js number| CSSBS_portrait object| Modernizr number| s_objectID number| s_giq function| initAnalytics function| scReport object| s_c_il number| s_c_in string| s_tnt object| s_i_adbadobenonacdcprod_adbims function| getEnhancedDropdownParent function| $ function| jQuery object| _ object| IMS function| getValidatorGroups object| components object| views object| jQuery19103859579002100548 object| Typekit0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nau.edu
slfcin.com.ng
static.adobelogin.com
stats.adobe.com
use.typekit.net
13.32.220.199
164.160.128.121
172.227.115.186
172.82.228.16
198.90.22.157
1b849de8df94fee715c5d1488b05b184b5ec22ccf32c8bd1ec7050125eb73108
306c19f28f895bff08ba4e7123afaca5048e6b24f3745a0a526bfc1c5789e94d
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca
699b2c7c3a0ad8d364b127d9166ad97dcf686d175e7a8c6ce46c7445601a210c
73c941d052a0a57d7ccc13c7796eed4357b5ecdacd2e2941f570f7ad01c35292
77b666492557b7c733257b630cc5ea99ff1a310514aae1826b91c89f5478dc45
86e3d9538feeaef2f14ed8b857314be95a9746bda44c2748265b4a96ee9b154c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a63348885355ccc271e65c77c8759a99f8e0d9577dad70b51f7eb16fdd1f160f
b9595b09402cadfa0faefaa50459eca5711c50690080202e77cd5f43953c6f62
d40b113dda51a012d08be3ed60ee9c8e1978f43a6e28f7dac6929fd792905956