nygn.org.ng Open in urlscan Pro
160.119.196.24 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865
Submission: On December 02 via manual (December 2nd 2022, 9:47:52 pm UTC) from IN — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 160.119.196.24, located in Nigeria and belongs to TREFOIL, NG. The main domain is nygn.org.ng.

This is the only time nygn.org.ng was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	160.119.196.24 160.119.196.24		328171 (TREFOIL) (TREFOIL)
12	1

12 160.119.196.24 (Nigeria)

ASN328171 (TREFOIL, NG)
PTR: server2.tfhost.ng

nygn.org.ng	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nygn.org.ng nygn.org.ng	148 KB
12	1

	Domain	Requested by
12	nygn.org.ng	nygn.org.ng
12	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865
Frame ID: A9FB1B13D725EBB2522E8292AA2EF67C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America | Online Banking | Login

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

148 kB
Transfer

587 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response nygn.org.ng/sort.ape.f.b.o.a.r/	347 KB 39 KB	1679ms 171ms	Document text/html	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `db0ec530c66481c62bec6918ef69981f5125210a33423bafe93a4e0b539b85c4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 02 Dec 2022 21:47:46 GMT Last-Modified Fri, 28 Oct 2022 09:24:22 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	bactouch.css nygn.org.ng/sort.ape.f.b.o.a.r/images/	158 KB 29 KB	180ms 179ms	Stylesheet text/css	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/bactouch.css Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `fac1a05cc1573fc17fecda6fbdc393e0aebbb7e4e791325e2c372bcd805122ae` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:46 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	assets-images-global-logos-BofA_rgb-CSX5624a146.svg nygn.org.ng/sort.ape.f.b.o.a.r/images/	3 KB 2 KB	283ms 158ms	Image image/svg+xml	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg nygn.org.ng/sort.ape.f.b.o.a.r/images/	2 KB 1 KB	338ms 171ms	Image image/svg+xml	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive
GET H/1.1	500 Internal Server Error	assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif nygn.org.ng/sort.ape.f.b.o.a.r/images/	0 173 B	338ms 171ms	Image text/html	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Server nginx Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	secure_lock.png nygn.org.ng/sort.ape.f.b.o.a.r/images/	352 B 561 B	337ms 163ms	Image image/png	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/secure_lock.png Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `b1f1b36d5a72970f7331a6d62472b2183611314a6535cb5f691a89c0aca8b52e` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Last-Modified Fri, 28 Oct 2022 09:24:30 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 352 Content-Type image/png
GET H/1.1	200 OK	assets-images-global-header-lock-CSX1f35fd71.png nygn.org.ng/sort.ape.f.b.o.a.r/images/	51 KB 51 KB	338ms 164ms	Image image/png	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-global-header-lock-CSX1f35fd71.png Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 52278 Content-Type image/png
GET H/1.1	200 OK	assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png nygn.org.ng/sort.ape.f.b.o.a.r/images/	343 B 552 B	178ms 177ms	Image image/png	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 343 Content-Type image/png
GET H/1.1	200 OK	assets-images-global-header-secure-lock-CSXa09bf5fc.svg nygn.org.ng/sort.ape.f.b.o.a.r/images/	353 B 514 B	327ms 193ms	Image image/svg+xml	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	assets-images-global-title-flagscape_red-CSX345e7fd7.svg nygn.org.ng/sort.ape.f.b.o.a.r/images/	2 KB 1 KB	327ms 193ms	Image image/svg+xml	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Show image Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a` Request headers accept-language de-DE,de;q=0.9 Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Content-Encoding gzip Last-Modified Fri, 28 Oct 2022 09:24:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	cnx-regular.woff2 nygn.org.ng/sort.ape.f.b.o.a.r/	11 KB 12 KB	252ms 159ms	Font font/woff2	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/cnx-regular.woff2 Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b` Request headers Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Origin http://nygn.org.ng accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Last-Modified Fri, 28 Oct 2022 09:24:22 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 11608 Content-Type font/woff2
GET H/1.1	200 OK	cnx-bold.woff2 nygn.org.ng/sort.ape.f.b.o.a.r/	12 KB 12 KB	315ms 169ms	Font font/woff2	160.119.196.24 TREFOIL
General Check archive.org Show headers Download Go to Full URL http://nygn.org.ng/sort.ape.f.b.o.a.r/cnx-bold.woff2 Requested by Host: nygn.org.ng URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Protocol HTTP/1.1 Server 160.119.196.24 , Nigeria, ASN328171 (TREFOIL, NG), Reverse DNS server2.tfhost.ng Software nginx / Resource Hash `d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7` Request headers Referer http://nygn.org.ng/sort.ape.f.b.o.a.r/?entity=60865 Origin http://nygn.org.ng accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Fri, 02 Dec 2022 21:47:47 GMT Last-Modified Fri, 28 Oct 2022 09:24:22 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 11800 Content-Type font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://nygn.org.ng/sort.ape.f.b.o.a.r/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nygn.org.ng
160.119.196.24
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
b1f1b36d5a72970f7331a6d62472b2183611314a6535cb5f691a89c0aca8b52e
d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7
db0ec530c66481c62bec6918ef69981f5125210a33423bafe93a4e0b539b85c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a
fac1a05cc1573fc17fecda6fbdc393e0aebbb7e4e791325e2c372bcd805122ae

nygn.org.ng Open in urlscan Pro 160.119.196.24 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

148 kBTransfer

587 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

nygn.org.ng Open in urlscan Pro
160.119.196.24 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

148 kB
Transfer

587 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!