identity.sandbox.adcb.ngenius-payments.com Open in urlscan Pro
2a02:26f0:eb::214:beed Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://portal.sandbox.adcb.ngenius-payments.com/
Effective URL:
https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code...
Submission: On May 29 via manual (May 29th 2020, 8:03:12 am UTC) from AE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2a02:26f0:eb::214:beed, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is identity.sandbox.adcb.ngenius-payments.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 29th 2020. Valid for: 3 months.

This is the only time identity.sandbox.adcb.ngenius-payments.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Abu Dhabi Commercial Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 18	2a02:26f0:eb:... 2a02:26f0:eb::214:beed	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	87.201.209.199 87.201.209.199	15802 (DU-AS1) (DU-AS1)
17	2

18 2a02:26f0:eb::214:beed (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)

portal.sandbox.adcb.ngenius-payments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
identity.sandbox.adcb.ngenius-payments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.201.209.199 (Dubai, United Arab Emirates)

ASN15802 (DU-AS1, AE)

www.adcb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ngenius-payments.com 2 redirects portal.sandbox.adcb.ngenius-payments.com identity.sandbox.adcb.ngenius-payments.com	735 KB
1	adcb.com www.adcb.com	11 KB
17	2

	Domain	Requested by
10	portal.sandbox.adcb.ngenius-payments.com	1 redirects portal.sandbox.adcb.ngenius-payments.com
8	identity.sandbox.adcb.ngenius-payments.com	1 redirects portal.sandbox.adcb.ngenius-payments.com identity.sandbox.adcb.ngenius-payments.com
1	www.adcb.com	identity.sandbox.adcb.ngenius-payments.com
17	3

This site contains no links.

Subject Issuer	Validity	Valid
paypage.adcb.ngenius-payments.com Let's Encrypt Authority X3	`2020-04-29` - `2020-07-28`	3 months	crt.sh
adcb.com DigiCert SHA2 Extended Validation Server CA	`2020-04-15` - `2021-10-15`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
Frame ID: 50421689606B72C99C4EDF94CBCE8385
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://portal.sandbox.adcb.ngenius-payments.com/ Page URL
https://portal.sandbox.adcb.ngenius-payments.com/api/auth/login HTTP 307
https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-porta... Page URL

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

746 kB
Transfer

2105 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://portal.sandbox.adcb.ngenius-payments.com/ Page URL
https://portal.sandbox.adcb.ngenius-payments.com/api/auth/login HTTP 307
https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://identity.sandbox.adcb.ngenius-payments.com/static/branding/tenant-logo?tenant=sandboxADCB HTTP 303
https://www.adcb.com/newadcb/images/logo.png

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
portal.sandbox.adcb.ngenius-payments.com/ 755 B
573 B 285ms
180ms Document
text/html 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

472e10f445cfdb3063438639ad5849dff9d87608d45567a407955c90fed15379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: portal.sandbox.adcb.ngenius-payments.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: CPWS
content-encoding: gzip
etag: W/"5ece5f82-2f3"
last-modified: Wed, 27 May 2020 12:39:30 GMT
vary: Accept-Encoding
content-type: text/html
content-length: 355
expires: Fri, 29 May 2020 08:02:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
strict-transport-security: max-age=15768000

GET
H2 200 fonts.css
portal.sandbox.adcb.ngenius-payments.com/static/fonts/ 2 KB
441 B 102ms
101ms Stylesheet
text/css 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/static/fonts/fonts.css

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

3d343bb44eae84c96d643023283c62df7161627b29e9a84189101ce5000cc94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:37:34 GMT
server: CPWS
etag: W/"5ece5f0e-643"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 225
expires: Fri, 29 May 2020 08:02:45 GMT

GET
H2 200 styles.css
portal.sandbox.adcb.ngenius-payments.com/ 363 KB
147 KB 186ms
185ms Stylesheet
text/css 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/styles.css

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

16b4be1d7b2f5ac5a2e86954bca7f36b6764075eae2c57242296d67f360cd353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:39:30 GMT
server: CPWS
etag: W/"5ece5f82-5adcb"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
expires: Fri, 29 May 2020 08:02:45 GMT

GET
H2 200 runtime.ec4e5d5f2605554a8189.js Show response
portal.sandbox.adcb.ngenius-payments.com/ 4 KB
2 KB 77ms
76ms Script
application/javascript 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/runtime.ec4e5d5f2605554a8189.js

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

06a4dcca439cc40b3ec1611012af6b7f033f19dd069626c7e7a34f357220bd75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:39:30 GMT
server: CPWS
etag: W/"5ece5f82-113f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 1875
expires: Fri, 29 May 2020 08:02:45 GMT

GET
H2 200 styles.ec4e5d5f2605554a8189.js Show response
portal.sandbox.adcb.ngenius-payments.com/ 15 KB
5 KB 193ms
192ms Script
application/javascript 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/styles.ec4e5d5f2605554a8189.js

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

91b2ece1ac11b558a5876c3d7e5186c487dbac483663b3339da4832fbe77fc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:39:30 GMT
server: CPWS
etag: W/"5ece5f82-3dcb"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 4810
expires: Fri, 29 May 2020 08:02:45 GMT

GET
H2 200 vendors~main.ec4e5d5f2605554a8189.js Show response
portal.sandbox.adcb.ngenius-payments.com/ 1 MB
328 KB 113ms
112ms Script
application/javascript 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/vendors~main.ec4e5d5f2605554a8189.js

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

012d43e7eb3a6afa0c48d285dc3ce8005153df2db56d52a85afc27bb836d0d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:39:30 GMT
server: CPWS
etag: W/"5ece5f82-147f34"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
expires: Fri, 29 May 2020 08:02:45 GMT

GET
H2 200 main.ec4e5d5f2605554a8189.js Show response
portal.sandbox.adcb.ngenius-payments.com/ 185 KB
46 KB 235ms
235ms Script
application/javascript 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/main.ec4e5d5f2605554a8189.js

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

3d15f3bf0c782228f790403b4515ca7d6780ac145b42aa0da5f181183f82fbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:45 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:39:30 GMT
server: CPWS
etag: W/"5ece5f82-2e4c9"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
expires: Fri, 29 May 2020 08:02:45 GMT

POST
H2 401 auth Show response
portal.sandbox.adcb.ngenius-payments.com/api/ 41 B
176 B 134ms
134ms XHR
application/json 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/api/auth

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/vendors~main.ec4e5d5f2605554a8189.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

e50fa7b8bf26636dfa4a246a973be017dc6504fb9f0aeebb28a6bde47a508641

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json
Referer: https://portal.sandbox.adcb.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

status: 401
date: Fri, 29 May 2020 08:02:45 GMT
x-correlation-id: ebc3b8ac939040ed01ef09d18965451a
server: CPWS
content-length: 41
strict-transport-security: max-age=15768000
content-type: application/json

GET
H2 200 5ec67cb22999b541d674b3a3d6b42fb6.png
portal.sandbox.adcb.ngenius-payments.com/ 4 KB
5 KB 162ms
161ms Image
image/png 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.sandbox.adcb.ngenius-payments.com/5ec67cb22999b541d674b3a3d6b42fb6.png

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.sandbox.adcb.ngenius-payments.com/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
last-modified: Wed, 27 May 2020 12:39:30 GMT
server: CPWS
etag: "5ece5f82-11f8"
strict-transport-security: max-age=15768000
content-type: image/png
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 4600
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H2

200

Primary Request auth Show response
identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/
Redirect Chain

https://portal.sandbox.adcb.ngenius-payments.com/api/auth/login
https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ng...

4 KB
2 KB

209ms
113ms

Document
text/html

2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB

Requested by

Host: portal.sandbox.adcb.ngenius-payments.com
URL: https://portal.sandbox.adcb.ngenius-payments.com/main.ec4e5d5f2605554a8189.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

2cd07003369ccb0b5f0bb8a839db191ad64ddbea8a34d94e625574af6e6d9e22

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: identity.sandbox.adcb.ngenius-payments.com
:scheme: https
:path: /auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://portal.sandbox.adcb.ngenius-payments.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://portal.sandbox.adcb.ngenius-payments.com/#/login

Response headers

status: 200
server: CPWS
content-encoding: gzip
content-language: en
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block
content-type: text/html;charset=utf-8
content-length: 1288
expires: Fri, 29 May 2020 08:02:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
set-cookie: AUTH_SESSION_ID=cead6b31-1be2-4421-b5bf-346c744a5f76.keycloak-service-557c86f8b6-sqdgq; Version=1; Path=/auth/realms/sandboxADCB/; Secure; HttpOnly KC_RESTART=eyJhbGciOiJIUzI1NiIsImtpZCIgOiAiOTgxNTJmN2UtNjMzYi00Y2Y1LWIwY2UtOGRmZDY5NDYxMzMzIn0.eyJjaWQiOiJnYXRld2F5LXBvcnRhbCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vcG9ydGFsLnNhbmRib3guYWRjYi5uZ2VuaXVzLXBheW1lbnRzLmNvbS9hcGkvYXV0aC9vcGVuLWlkP3RlbmFudD1zYW5kYm94QURDQiIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7ImlzcyI6Imh0dHBzOi8vaWRlbnRpdHkuc2FuZGJveC5hZGNiLm5nZW5pdXMtcGF5bWVudHMuY29tL2F1dGgvcmVhbG1zL3NhbmRib3hBRENCIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3BvcnRhbC5zYW5kYm94LmFkY2Iubmdlbml1cy1wYXltZW50cy5jb20vYXBpL2F1dGgvb3Blbi1pZD90ZW5hbnQ9c2FuZGJveEFEQ0IiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJwbGFpbiJ9fQ.ke3H22Xm9PnBcVtOl3Cn7lfeQdOQEArTyncEOTXFnKU; Version=1; Path=/auth/realms/sandboxADCB/; Secure; HttpOnly
strict-transport-security: max-age=15768000

Redirect headers

status: 307
server: CPWS
content-length: 0
location: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
x-correlation-id: 9b04afe55c61affe480c7c27d73d7e93
expires: Fri, 29 May 2020 08:02:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
strict-transport-security: max-age=15768000

GET
H2 200 fonts.css
identity.sandbox.adcb.ngenius-payments.com/static/fonts/ 2 KB
441 B 105ms
104ms Stylesheet
text/css 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/static/fonts/fonts.css

Requested by

Host: identity.sandbox.adcb.ngenius-payments.com
URL: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

3d343bb44eae84c96d643023283c62df7161627b29e9a84189101ce5000cc94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 12:37:34 GMT
server: CPWS
etag: W/"5ece5f0e-643"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 225
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H2 200 login-branding.css
identity.sandbox.adcb.ngenius-payments.com/static/branding/ 531 B
426 B 153ms
152ms Stylesheet
text/css 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/static/branding/login-branding.css?tenant=sandboxADCB

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

506de7ee3a0e664a4a1c91cf321aa0809af9372a8eeea86e400eb1878cf8720f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
content-encoding: gzip
server: CPWS
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=0, no-cache, no-store
x-correlation-id: 62ff7c16910987440b0aed7735af2097
strict-transport-security: max-age=15768000
content-length: 213
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H2 200 base.css
identity.sandbox.adcb.ngenius-payments.com/auth/resources/4.1.0.final/login/base/css/ 7 KB
2 KB 118ms
117ms Stylesheet
text/css 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/auth/resources/4.1.0.final/login/base/css/base.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

5ae843d9fedd8c744c9e0390fb08caa34180bbe68f2fe55b433cf76de7826d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
content-encoding: gzip
server: CPWS
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 1688
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H/1.1

200
OK

logo.png
www.adcb.com/newadcb/images/
Redirect Chain

https://identity.sandbox.adcb.ngenius-payments.com/static/branding/tenant-logo?tenant=sandboxADCB
https://www.adcb.com/newadcb/images/logo.png

11 KB
11 KB

1645ms
206ms

Image
image/png

87.201.209.199
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adcb.com/newadcb/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

87.201.209.199 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Resource Hash

94801eadb3ff7808a7221df40af914fe7485cdc58effed27756f5c85435938ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' http://.lemnisk.co https://.lemnisk.co https://cdn25.vzeesp.com http://cdn25.vzeesp.com wss://*.lemnisk.co;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/protocol/openid-connect/auth?client_id=gateway-portal&response_type=code&redirect_uri=https%3A%2F%2Fportal.sandbox.adcb.ngenius-payments.com%2Fapi%2Fauth%2Fopen-id%3Ftenant%3DsandboxADCB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' http://*.lemnisk.co https://*.lemnisk.co https://cdn25.vzeesp.com http://cdn25.vzeesp.com wss://*.lemnisk.co;
Last-Modified: Tue, 12 Nov 2013 13:37:58 GMT
Date: Fri, 29 May 2020 08:02:28 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://www.adcb.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 10800

Redirect headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
x-correlation-id: dc6649d1968bbe441c190154bc7df98f
server: CPWS
status: 303
location: https://www.adcb.com/newadcb/images/logo.png
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 0
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H2 200 background.svg
identity.sandbox.adcb.ngenius-payments.com/auth/resources/4.1.0.final/login/base/img/ 1 KB
949 B 53ms
52ms Image
image/svg+xml 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/auth/resources/4.1.0.final/login/base/img/background.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

761a8757fab906800ee9eee11dc4d0e86362cf6de30c67f9b7bbdffc62f17a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://identity.sandbox.adcb.ngenius-payments.com/auth/resources/4.1.0.final/login/base/css/base.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
content-encoding: gzip
server: CPWS
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000
content-length: 768
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H2 200 Gotham-Light.otf
identity.sandbox.adcb.ngenius-payments.com/static/fonts/ 97 KB
97 KB 50ms
50ms Font
application/octet-stream 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/static/fonts/Gotham-Light.otf

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

2e6dfb8d71d937ca33455daef89e9047b3af17a54c40f2afc6cf458e64ad9304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://identity.sandbox.adcb.ngenius-payments.com/static/fonts/fonts.css
Origin: https://identity.sandbox.adcb.ngenius-payments.com

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
last-modified: Wed, 27 May 2020 12:37:34 GMT
server: CPWS
etag: "5ece5f0e-18308"
strict-transport-security: max-age=15768000
content-type: application/octet-stream
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 99080
expires: Fri, 29 May 2020 08:02:46 GMT

GET
H2 200 Gotham-Book.otf
identity.sandbox.adcb.ngenius-payments.com/static/fonts/ 97 KB
98 KB 54ms
53ms Font
application/octet-stream 2a02:26f0:eb::214:beed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.sandbox.adcb.ngenius-payments.com/static/fonts/Gotham-Book.otf

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb::214:beed , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

CPWS /

Resource Hash

d14b56377fc75359100fc8471dac2996e4296cb11eeb66c84cf98764ed7f6346

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://identity.sandbox.adcb.ngenius-payments.com/static/fonts/fonts.css
Origin: https://identity.sandbox.adcb.ngenius-payments.com

Response headers

pragma: no-cache
date: Fri, 29 May 2020 08:02:46 GMT
last-modified: Wed, 27 May 2020 12:37:34 GMT
server: CPWS
etag: "5ece5f0e-18424"
strict-transport-security: max-age=15768000
content-type: application/octet-stream
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 99364
expires: Fri, 29 May 2020 08:02:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Abu Dhabi Commercial Bank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsImtpZCIgOiAiOTgxNTJmN2UtNjMzYi00Y2Y1LWIwY2UtOGRmZDY5NDYxMzMzIn0.eyJjaWQiOiJnYXRld2F5LXBvcnRhbCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vcG9ydGFsLnNhbmRib3guYWRjYi5uZ2VuaXVzLXBheW1lbnRzLmNvbS9hcGkvYXV0aC9vcGVuLWlkP3RlbmFudD1zYW5kYm94QURDQiIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7ImlzcyI6Imh0dHBzOi8vaWRlbnRpdHkuc2FuZGJveC5hZGNiLm5nZW5pdXMtcGF5bWVudHMuY29tL2F1dGgvcmVhbG1zL3NhbmRib3hBRENCIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3BvcnRhbC5zYW5kYm94LmFkY2Iubmdlbml1cy1wYXltZW50cy5jb20vYXBpL2F1dGgvb3Blbi1pZD90ZW5hbnQ9c2FuZGJveEFEQ0IiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJwbGFpbiJ9fQ.ke3H22Xm9PnBcVtOl3Cn7lfeQdOQEArTyncEOTXFnKU
			identity.sandbox.adcb.ngenius-payments.com/auth/realms/sandboxADCB/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: cead6b31-1be2-4421-b5bf-346c744a5f76.keycloak-service-557c86f8b6-sqdgq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

identity.sandbox.adcb.ngenius-payments.com
portal.sandbox.adcb.ngenius-payments.com
www.adcb.com
2a02:26f0:eb::214:beed
87.201.209.199
012d43e7eb3a6afa0c48d285dc3ce8005153df2db56d52a85afc27bb836d0d35
06a4dcca439cc40b3ec1611012af6b7f033f19dd069626c7e7a34f357220bd75
16b4be1d7b2f5ac5a2e86954bca7f36b6764075eae2c57242296d67f360cd353
2cd07003369ccb0b5f0bb8a839db191ad64ddbea8a34d94e625574af6e6d9e22
2e6dfb8d71d937ca33455daef89e9047b3af17a54c40f2afc6cf458e64ad9304
3d15f3bf0c782228f790403b4515ca7d6780ac145b42aa0da5f181183f82fbd6
3d343bb44eae84c96d643023283c62df7161627b29e9a84189101ce5000cc94e
472e10f445cfdb3063438639ad5849dff9d87608d45567a407955c90fed15379
506de7ee3a0e664a4a1c91cf321aa0809af9372a8eeea86e400eb1878cf8720f
5ae843d9fedd8c744c9e0390fb08caa34180bbe68f2fe55b433cf76de7826d4a
761a8757fab906800ee9eee11dc4d0e86362cf6de30c67f9b7bbdffc62f17a8d
91b2ece1ac11b558a5876c3d7e5186c487dbac483663b3339da4832fbe77fc54
94801eadb3ff7808a7221df40af914fe7485cdc58effed27756f5c85435938ee
d14b56377fc75359100fc8471dac2996e4296cb11eeb66c84cf98764ed7f6346
e50fa7b8bf26636dfa4a246a973be017dc6504fb9f0aeebb28a6bde47a508641

identity.sandbox.adcb.ngenius-payments.com Open in urlscan Pro 2a02:26f0:eb::214:beed Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

746 kBTransfer

2105 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

identity.sandbox.adcb.ngenius-payments.com Open in urlscan Pro
2a02:26f0:eb::214:beed Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

746 kB
Transfer

2105 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!