hz68fz7.com.ng
Open in
urlscan Pro
216.158.235.250
Malicious Activity!
Public Scan
Submission: On February 14 via automatic, source phishtank
Summary
This is the only time hz68fz7.com.ng was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 216.158.235.250 216.158.235.250 | 19318 (NJIIX-AS-1) (NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC) | |
1 | 95.101.250.34 95.101.250.34 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2400:cb00:204... 2400:cb00:2048:1::6819:8b17 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
1 | 46.4.115.108 46.4.115.108 | 24940 (HETZNER-AS ) (HETZNER-AS ) | |
1 | 66.235.148.128 66.235.148.128 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
7 | 6 |
ASN19318 (NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC, US)
PTR: cpan6.philmorehost.net
hz68fz7.com.ng |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-250-34.deploy.akamaitechnologies.com
use.typekit.net |
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.saif-zone.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net
stats.adobe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
hz68fz7.com.ng
hz68fz7.com.ng |
102 KB |
1 |
adobe.com
stats.adobe.com |
43 B |
1 |
cubeupload.com
u.cubeupload.com |
22 KB |
1 |
saif-zone.com
www.saif-zone.com |
1 KB |
1 |
typekit.net
use.typekit.net |
8 KB |
7 | 5 |
Domain | Requested by | |
---|---|---|
3 | hz68fz7.com.ng |
hz68fz7.com.ng
|
1 | stats.adobe.com |
hz68fz7.com.ng
|
1 | u.cubeupload.com |
hz68fz7.com.ng
|
1 | www.saif-zone.com |
hz68fz7.com.ng
|
1 | use.typekit.net |
hz68fz7.com.ng
|
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
typekit.net Symantec Class 3 Secure Server CA - G4 |
2016-05-10 - 2017-05-10 |
a year | crt.sh |
u.cubeupload.com Let's Encrypt Authority X3 |
2017-02-01 - 2017-05-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://hz68fz7.com.ng/saif12/adbb/ad/
Frame ID: 20321.1
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request 2- http://i.cubeupload.com/n82joM.png
- https://u.cubeupload.com/n82joM.png
- http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s51646551122318?AQB=1&ndh=1&t=14%2F1%2F2017%2022%3A24%3A33%202%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g...
- http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s51646551122318?AQB=1&pccr=true&vidn=2C51C1D085313EAC-400001294000FF28&&ndh=1&t=14%2F1%2F2017%2022%3A24%3A33%202%200&ce=UTF-8&ns=ad...
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
hz68fz7.com.ng/saif12/adbb/ad/ |
259 KB 101 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ath5djs.js
use.typekit.net/ |
18 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Saif-Zone-New-Logo.png
www.saif-zone.com/en/SiteAssets/ |
3 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n82joM.png
u.cubeupload.com/ Redirect Chain
|
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s51646551122318
stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
squarespinner_2x.gif
hz68fz7.com.ng/renga-idprovider/resources/web_v2/img/ |
375 B 292 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
hz68fz7.com.ng/ |
328 B 259 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hz68fz7.com.ng
stats.adobe.com
u.cubeupload.com
use.typekit.net
www.saif-zone.com
216.158.235.250
2400:cb00:2048:1::6819:8b17
46.4.115.108
66.235.148.128
95.101.250.34
0f7ca77a8ac88efd0254763ffd1e11bb301f729c71988b7abb7f2e32d58126dc
236c742683310fa2eb30816aca91aaf44d32566b02472a6c14262d6a5076b005
4403546cef517cb464c7cfa43e4c6170e0e16e35a5879e3aff4bd1b3bd41a6ea
64d12f0e4df422337328a3689a08d1fc5fb805fd7cef0cee089068a9d5c3bb7f
6b62a3658ad247e8f30d3e9f35da5e00ffac1ea09785bd1f0a9830f659cf01da
889c6889f88146801e256ce123c8697778fb4b308b06fffd0092b74ed6acdd38
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
e0f4c1d046d68053ddc2cf58080825c670b11d8f82b504111d4863b29af3b256