phishing/scam

English

JSESSIONID

CFID

CFTOKEN

You're looking at domain 'aberdeen-airport.safepermit.com' on the commercial generic top-level domain (.com) and includes subdomain 'aberdeen-airport'. The registrable portion 'safepermit' spans 10 characters holding 4 vowels versus 6 consonants. Breaking it apart gives two words: safe, permit. Average segment length settles at 5 characters. No strong language cues emerged from the frequency lists.

csrfToken

kuEmail

kuPassword

submit

loginForm

redirect

reset_form

html/a6/76/a6760db6-7699-4151-92ad-6b0d3e7cbc68.html.gz

523965ecf04fa205b04bbbf7bbfe7902667844e68134f58e07bb3aa397745d27

c2f590f4e7466db007f89ef513c5f3d3fdae717cac28c82ba1f8e565c4296840

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

92bb784d848b1fb5d60576b55069adb6effb357c6ece1f5b270b972598d1f5c8

c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

b446dd8d59181e54a5f490a8622a0cacdd84b0b118e7e6d17c8e534de2a4661d

766e2b087bc93709646072c34c912417dfeae6f2392cbf9196e0ebac8e61fa61

3a2f127164e688922632729d697d2efb51d97f07022c640373c124ca69bf285e

ROBOTS

viewport

csrf-token

html/a6/76/a6760db6-7699-4151-92ad-6b0d3e7cbc68_nodriver.html.gz

SafePermit.com

GoDaddy.com, LLC

SAFEPERMIT.COM

Abuse

Admin

Cloudflare-NOC

Cloudflare, Inc.

CLOUDFLARENET


    $(function() {
      // Show or hide the privacy banner based on the session attribute privacyBannerConsent
      const complianceTeamApproval = 0; //TODO: 27/01/2022 - SG - Set this to 1 when we get approval from compliance team
      const sessionConsent = 0;
      
      if (complianceTeamApproval === 1) {
        if (sessionConsent === 0) {
          document.getElementById("privacyFooter").style.display = 'flex';
        } else if(sessionConsent === 1) {
          document.getElementById("privacyFooter").style.display = 'none';
        }
      }
    });

    // Hide the privacy banner and set privacyBannerConsent to 1 when the user clicks the close button
    function closePrivacyBanner() {
      document.getElementById("privacyFooter").classList.toggle('hide');
      OLS.Fetcher.postNoLayout({type: '69a626ef-864f-495f-aead-03c1031b2a00',giveConsent: 1});
    }
  


        $('#kuEmailReset').keypress(function(e) {
            if (e.which == 13) {
                e.preventDefault();
                $("#submitReset")[0].click()
            }
        });

        function resetPassword(element){

            let form = element.closest('form');

            if(!form.reportValidity()){
                return;
            }

            let toastrSetting = {
                "closeButton": true,
                "timeOut": "0",
                "extendedTimeOut": "0"
            };

            $.post('index.cfm?nolayout&page=passwordResetLinkSubmit', $("#reset_form").serialize())
                .done(function(data) {

                    var result = $.parseJSON(data);
                    var message = "If\x20you\x20are\x20not\x20receiving\x20the\x20password\x20reset\x20link\x20email,\x20be\x20sure\x20to\x20check\x20your\x20\x26\x23x22junk\x26\x23x22\x20folder\x20and\x20that\x20you\x20are\x20using\x20the\x20same\x20email\x20address\x20provided\x20to\x20the\x20site\x20point\x20of\x20contact.\x20For\x20further\x20assistance,\x20view\x20our\x20\x3Ca\x20href\x3D\x22https\x3A\x2F\x2Fhelp.ehs.com\x2Fknowledge\x2Dbase\x2Fpassword\x2Dresets\x2Dfor\x2Dcontrol\x2Dof\x2Dwork\x2F\x22\x20target\x3D\x22_blank\x22\x20style\x3D\x22color\x3A\x20lightblue\x3B\x22\x20onmouseover\x3D\x22this.style.color\x3D\x27gray\x27\x3B\x22\x20onmouseout\x3D\x22this.style.color\x3D\x27lightblue\x27\x3B\x22\x3Elogin\x20and\x20password\x20reset\x20support\x20guide.\x3C\x2Fa\x3E";

                    if (result.STATUSCODE == 1){
                        $('#reset_password').toggle();
                        toastr.success(message,"Success",toastrSetting);
                    }
                    else{
                        toastr.error(result.MESSAGE,"Error",toastrSetting);
                    }

            }).fail(function(xhr, status, error){
                var result = $.parseJSON(xhr.responseText);
                toastr.error(result.MESSAGE,"Error",toastrSetting);
            });
        }
    

Requests	IP Address	Location	AS Autonomous System
13	142.251.141.74	United States	AS15169Google LLC
13	104.18.27.154	United States	AS13335Cloudflare, Inc.
26	2	-	-

Security Scan Report: aberdeen-airport.safepermit.com

Summary

AI Security Verdict

Confirmed Scam

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies8

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History