IOC Radar
DomainMediumSignal 12/100

safasf.com

Location
United StatesUnited States
First Seen
Apr 23, 2025
Last Seen
May 15, 2025
Apr 23
First Seen
423d ago
May 15
Last Seen
400d ago
3
Reports
source reports
12%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
12%
Signal Score
12 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

50 techniques

Feed Intelligence Summary

3 reports12% confidence
3
Source reports
12%
Confidence score
Category tags
account discoveryaccount profilingaccount takeoveraffiliate link cloakingairlineairline bookingairline booking scamairline fraudairline industryairline industry targetingairline points fraudairline related scamairline scamairline ticket scambotnetbrand abusebrand impersonationcall center fraudcall floodingcall spoofingcommand and controlcredential accesscredential harvestingcredential theftcustomer impersonationcustomer scamcustomer servicecustomer service impersonationcustomer service phishing/scamcustomer service scamcustomer support impersonationcustomer support scamdata exfiltrationdeceptive advertisingdelta airlinesdestination managementdistributed attacksfake contact informationfake numberfake phone numberfake supportfake support numberfinancefinancial scamfinancial theft attemptfleet managementfraudfraudulent activityfraudulent contactfraudulent phone numberfraudulent supportfraudulent support numberfreight serviceshospitality servicesindicatorinformation gatheringmalicious softwaremalwaremaritime transportmisinformation campaignmisleading informationmisusenetworknorth americapassenger transportationphishingphishing attackphishing campaignphishing via phonephone callphone fraudphone number abusephone number abuse/spoofingphone phishingphone scamphone spamphone spam/scam attemptpiipoints fraudpotential phishing/scam attemptprocess injectionpromo code abuserail transportrefund fraudrefund scamreputation abuseresearchedscamsms phishingsocial engineeringsocial engineering attacksouthwest airlinesspamt1001t1001.001t1027t1036t1055t1059t1071t1071.001t1078t1078.001t1078.004t1083t1189t1190t1192t1195t1199t1204t1204.002t1486t1496t1497t1498t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003t1567t1567.001t1583t1583.001t1583.006t1584t1586t1588t1588.002t1588.004t1589t1590t1591t1593t1598t1598.003t1598.004t1602t1608telephone abusetelephone deceptiontelephone fraudtelephone phishingtelephone scamtelephone spammingtoll fraudtourism marketingtourist attractionstransportation and warehousingtransportation infrastructuretransportation servicestransportation technologytraveltravel agenciestravel bookingtravel experiencetravel industrytravel related scamtravel scamtravel technologytravel ticket scamunited statesunsolicited call campaignunsolicited communicationusa

Activity Timeline

1 total obs
May 15May 15

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **safasf.com**, originating from the United States, has emerged as a significant indicator of compromise (IOC) in recent threat intelligence reports. First observed on April

Threat ScoreLow Risk
12
SIGNAL
Signal Score
12%
Confidence
3
Reports
First seenApr 23, 2025
Last seenMay 15, 2025

VirusTotal

Not checked

WHOIS

description
Refunds for eligible Southwest Airlines cancellations typically process within 7 business days for credit card payments ☎️ +1~(888)=217-8871, though travel funds may appear instantly in your account for future bookings. If you’d like to track the status of your refund or need help initiating one, simply call ☎️ +1=(888)+217~8871. You can also get refund-related support by contacting a live representative at 📲 +1_(888)+217-8871. For real-time updates or assistance verifying your refund timeline, reach out at 📲 +1~(888)+217=8871.
domain rank
-1
raw
Administrative city: Redacted for privacy Administrative country: Redacted for privacy Administrative state: Redacted for privacy Create date: 2025-08-01 00:00:00 Domain name: safasf.com Domain registrar id: 1923 Domain registrar url: www.gname.com Expiry date: 2026-08-01 00:00:00 Query time: 2025-08-02 09:55:02 Registrant city: ddb75a553547a419 Registrant company: ddb75a553547a419 Registrant country: Malaysia Registrant email: 7228194c8b3fe863s@ Registrant fax: 224ebce19c8a675a Registrant name: ddb75a553547a419 Registrant phone: 224ebce19c8a675a Registrant state: ddb75a553547a419 Registrant zip: ddb75a553547a419 Technical city: Redacted for privacy Technical country: Redacted for privacy Technical state: Redacted for privacy Update date: 2025-08-01 00:00:00
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 3 threat reports