nahugt.com Open in urlscan Pro
167.114.145.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nahugt.com/Auth/Validation/banks/CIBC/?err=301390738&id=2d6f3e77a4b9a0c7bf4dd62b883391e7=true
Effective URL:
http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1
Submission: On April 25 via manual (April 25th 2019, 4:52:23 pm UTC) from JP

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 167.114.145.131, located in Montréal, Canada and belongs to OVH, FR. The main domain is nahugt.com.

This is the only time nahugt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CIBC (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 16	167.114.145.131 167.114.145.131		16276 (OVH) (OVH)
15	1

16 167.114.145.131 (Montréal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: 131.ip-167-114-145.net

nahugt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	nahugt.com 1 redirects nahugt.com	151 KB
15	1

	Domain	Requested by
16	nahugt.com	1 redirects nahugt.com
15	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1
Frame ID: E3C86C365E03D1898DBFC658C1DD8010
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nahugt.com/Auth/Validation/banks/CIBC/?err=301390738&id=2d6f3e77a4b9a0c7bf4dd62b883391e... HTTP 302
http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

15
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

150 kB
Transfer

147 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nahugt.com/Auth/Validation/banks/CIBC/?err=301390738&id=2d6f3e77a4b9a0c7bf4dd62b883391e7=true HTTP 302
http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response nahugt.com/Auth/Validation/banks/CIBC/ Redirect Chain http://nahugt.com/Auth/Validation/banks/CIBC/?err=301390738&id=2d6f3e77a4b9a0c7bf4dd62b883391e7=true http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1	22 KB 22 KB	136ms 136ms	Document text/html	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `3a2c433a777e4c1bd02b21cf2b93fd6c06a809c26c44b07bed60cd572098449f` Request headers Host nahugt.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:07 GMT Server Apache Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Thu, 25 Apr 2019 16:52:07 GMT Server Apache Location login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	reset.css nahugt.com/Auth/Validation/banks/CIBC/files/	2 KB 2 KB	206ms 106ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/reset.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `450689ee5b83afc9b0bf9d5b024bb63fb465cd26ecc4205ed97b31c815ee6063` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1692
GET H/1.1	200 OK	reset-brand.css nahugt.com/Auth/Validation/banks/CIBC/files/	22 B 262 B	239ms 112ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/reset-brand.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `7f00dc002324f4a62d6458f868db7b3f7b94872188dded76d5d7e1292e67aec2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 22
GET H/1.1	200 OK	global.css nahugt.com/Auth/Validation/banks/CIBC/files/	37 KB 38 KB	239ms 113ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/global.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `d22f329e2adf3465023258c77b14497f3c0a195a1f8c0352074732e97986343d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 38321
GET H/1.1	200 OK	global-android2.css nahugt.com/Auth/Validation/banks/CIBC/files/	727 B 968 B	239ms 113ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/global-android2.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `3b0f436bd1ab4c85f4215e4d969215d8574d4c887b23d445e6e8f9f2a17cbfe0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 727
GET H/1.1	200 OK	global-brand.css nahugt.com/Auth/Validation/banks/CIBC/files/	2 KB 2 KB	240ms 113ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/global-brand.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `a20f4909b5cb454e3c4d940a44df7507798d57d7fc2ef084d79b7ea79ad435db` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2226
GET H/1.1	200 OK	carousel.css nahugt.com/Auth/Validation/banks/CIBC/files/	4 KB 4 KB	240ms 113ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/carousel.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `e40f8f834e1117f966c4e070dee2af93602a3348ad1f2be973b1e26fcc3545c6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3706
GET H/1.1	200 OK	signon.css nahugt.com/Auth/Validation/banks/CIBC/files/	5 KB 5 KB	309ms 103ms	Stylesheet text/css	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/signon.css Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `26f256cac010e67c2ecda04c42f8124fe61dc8a06f9353f2c3c81d3d9a77b1fe` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 4826
GET H/1.1	200 OK	drawer-menu-open.png nahugt.com/Auth/Validation/banks/CIBC/files/	3 KB 3 KB	108ms 107ms	Image image/png	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/drawer-menu-open.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `fe04cfbad1041cb95de45b569b9e6480731e4757a44ae8590e7f1edf5e0ba3e5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3059
GET H/1.1	200 OK	drawer-menu-close.png nahugt.com/Auth/Validation/banks/CIBC/files/	3 KB 4 KB	107ms 106ms	Image image/png	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/drawer-menu-close.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `4d1a3cb4e1cebf8273b4dec091b77950c28c069d2424968fc33fd0ec9a59f4b9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3491
GET H/1.1	200 OK	close-icon-red.png nahugt.com/Auth/Validation/banks/CIBC/files/	1 KB 2 KB	107ms 106ms	Image image/png	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/close-icon-red.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `48c6f308267c8da184c2d8c9f25e7071d804a4a1e0e13f778c1bb8ad9cc930d8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1462
GET H/1.1	200 OK	sizer.png nahugt.com/Auth/Validation/banks/CIBC/files/	659 B 900 B	103ms 102ms	Image image/png	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/sizer.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `d69592bce320eb8e9f4d725d60e66f47e33b6e6b3e07508b10a3844f64519b2b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 659
GET H/1.1	200 OK	39144-mobileweb-A-en.png nahugt.com/Auth/Validation/banks/CIBC/files/	65 KB 65 KB	100ms 100ms	Image image/png	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/39144-mobileweb-A-en.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `c220cd0287f23a627d7e9e01d49a0d18ff9b1b4e9e381498fb20a7774be7ff25` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 66139
GET H/1.1	200 OK	shadow.png nahugt.com/Auth/Validation/banks/CIBC/files/	1 KB 1 KB	100ms 100ms	Image image/png	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/shadow.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `199ecd8bb57f20b880354f85b43c02e004a54d0f16b27acb795c1b34a1d10a2a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Last-Modified Sat, 27 Oct 2018 08:25:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1129
GET H/1.1	404 Not Found	logo.png nahugt.com/Auth/Validation/banks/CIBC/files/images/	365 B 365 B	100ms 100ms	Image text/html	167.114.145.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://nahugt.com/Auth/Validation/banks/CIBC/files/images/logo.png Requested by Host: nahugt.com URL: http://nahugt.com/Auth/Validation/banks/CIBC/login.php?page=4523cd0c9b20a166e2c6f61bb75bd4d1 Protocol HTTP/1.1 Server 167.114.145.131 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 131.ip-167-114-145.net Software Apache / Resource Hash `cb1b757af0ff5d78642cd851f06810d80f342be0a96068a4e7ee9abf77277081` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nahugt.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nahugt.com/Auth/Validation/banks/CIBC/files/global.css Connection keep-alive Cache-Control no-cache Referer http://nahugt.com/Auth/Validation/banks/CIBC/files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 25 Apr 2019 16:52:08 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 365 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CIBC (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nahugt.com
167.114.145.131
199ecd8bb57f20b880354f85b43c02e004a54d0f16b27acb795c1b34a1d10a2a
26f256cac010e67c2ecda04c42f8124fe61dc8a06f9353f2c3c81d3d9a77b1fe
3a2c433a777e4c1bd02b21cf2b93fd6c06a809c26c44b07bed60cd572098449f
3b0f436bd1ab4c85f4215e4d969215d8574d4c887b23d445e6e8f9f2a17cbfe0
450689ee5b83afc9b0bf9d5b024bb63fb465cd26ecc4205ed97b31c815ee6063
48c6f308267c8da184c2d8c9f25e7071d804a4a1e0e13f778c1bb8ad9cc930d8
4d1a3cb4e1cebf8273b4dec091b77950c28c069d2424968fc33fd0ec9a59f4b9
7f00dc002324f4a62d6458f868db7b3f7b94872188dded76d5d7e1292e67aec2
a20f4909b5cb454e3c4d940a44df7507798d57d7fc2ef084d79b7ea79ad435db
c220cd0287f23a627d7e9e01d49a0d18ff9b1b4e9e381498fb20a7774be7ff25
cb1b757af0ff5d78642cd851f06810d80f342be0a96068a4e7ee9abf77277081
d22f329e2adf3465023258c77b14497f3c0a195a1f8c0352074732e97986343d
d69592bce320eb8e9f4d725d60e66f47e33b6e6b3e07508b10a3844f64519b2b
e40f8f834e1117f966c4e070dee2af93602a3348ad1f2be973b1e26fcc3545c6
fe04cfbad1041cb95de45b569b9e6480731e4757a44ae8590e7f1edf5e0ba3e5

nahugt.com Open in urlscan Pro 167.114.145.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

150 kBTransfer

147 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

nahugt.com Open in urlscan Pro
167.114.145.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

150 kB
Transfer

147 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!