ogpleague.com.ng
Open in
urlscan Pro
67.220.188.162
Malicious Activity!
Public Scan
Effective URL: https://ogpleague.com.ng/1/owa/auth/?owa2=SharePointOnline&replaceCurrent=1&reason=2&url=https%3a%2f%2&appidKeyProducts%o...
Submission: On May 23 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 14th 2019. Valid for: 3 months.
This is the only time ogpleague.com.ng was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sharepoint (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 185.27.134.201 185.27.134.201 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
1 7 | 67.220.188.162 67.220.188.162 | 55081 (24SHELLS) (24SHELLS - 24 SHELLS) | |
9 | 3 |
ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: 20113427185.ifastnet.org
fvgbhbn.fast-page.org |
ASN55081 (24SHELLS - 24 SHELLS, US)
PTR: host1.smartwebng.com
ogpleague.com.ng |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ogpleague.com.ng
1 redirects
ogpleague.com.ng www.ogpleague.com.ng Failed |
36 KB |
3 |
fast-page.org
1 redirects
fvgbhbn.fast-page.org |
32 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
7 | ogpleague.com.ng |
1 redirects
fvgbhbn.fast-page.org
ogpleague.com.ng |
3 | fvgbhbn.fast-page.org |
1 redirects
fvgbhbn.fast-page.org
|
0 | www.ogpleague.com.ng Failed |
ogpleague.com.ng
|
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ogpleague.com.ng cPanel, Inc. Certification Authority |
2019-03-14 - 2019-06-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ogpleague.com.ng/1/owa/auth/?owa2=SharePointOnline&replaceCurrent=1&reason=2&url=https%3a%2f%2&appidKeyProducts%off%ice365=fcd00c0656cc4903655f8dde2439698c2aa39477
Frame ID: EA188DC3FE72A358675AB631F1E537D0
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://fvgbhbn.fast-page.org/ Page URL
-
http://fvgbhbn.fast-page.org/?i=1
HTTP 301
https://ogpleague.com.ng/1?i=1 HTTP 301
https://ogpleague.com.ng/1/?i=1 Page URL
- https://ogpleague.com.ng/1/owa/auth/?owa2=SharePointOnline&replaceCurrent=1&reason=2&url=https%3a%2f%... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://fvgbhbn.fast-page.org/ Page URL
-
http://fvgbhbn.fast-page.org/?i=1
HTTP 301
https://ogpleague.com.ng/1?i=1 HTTP 301
https://ogpleague.com.ng/1/?i=1 Page URL
- https://ogpleague.com.ng/1/owa/auth/?owa2=SharePointOnline&replaceCurrent=1&reason=2&url=https%3a%2f%2&appidKeyProducts%off%ice365=fcd00c0656cc4903655f8dde2439698c2aa39477 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://fvgbhbn.fast-page.org/?i=1 HTTP 301
- https://ogpleague.com.ng/1?i=1 HTTP 301
- https://ogpleague.com.ng/1/?i=1
- https://ogpleague.com.ng/1/owa/auth/css/fonts/segoeui-regular.ttf HTTP 301
- https://www.ogpleague.com.ng/1/owa/auth/css/fonts/segoeui-regular.ttf
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
fvgbhbn.fast-page.org/ |
832 B 830 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aes.js
fvgbhbn.fast-page.org/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ogpleague.com.ng/1/ Redirect Chain
|
256 B 626 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
ogpleague.com.ng/1/owa/auth/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enkr1p.js
ogpleague.com.ng/1/owa/auth/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp.css
ogpleague.com.ng/1/owa/auth/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01.png
ogpleague.com.ng/1/owa/auth/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shp.png
ogpleague.com.ng/1/owa/auth/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
segoeui-regular.ttf
www.ogpleague.com.ng/1/owa/auth/css/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ogpleague.com.ng
- URL
- https://www.ogpleague.com.ng/1/owa/auth/css/fonts/segoeui-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sharepoint (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| Aes object| Base64 object| Utf8 string| gentot string| udud string| keluaran string| ctrTxt0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fvgbhbn.fast-page.org
ogpleague.com.ng
www.ogpleague.com.ng
www.ogpleague.com.ng
185.27.134.201
67.220.188.162
402e22f38fb4a09ad692231f93a3abdbbb2f6d9ef8735ceffe8d40b27e66c815
4d1b7f1d0e902ebe002773bb4f2af7415ef23c6ab900b42e75234b6af6c80a54
53951cd879593f7c1fd75e7b63917d8251f2900fa229bfeb2cf5f6a6a94dc8d0
6369118b817a8a0549092cce8b77d77ac7ec88cc76a66d3ed9e32e9c4f6fb23f
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
956d9990b5d625b6418f429f765545c6dc305063bb838c007c7f3d819088904c
9c3145b7a4bb77badb48a52bfdf583ba07b9e5e0ea9c4f9a4f32f03a0871a1c6
bc305eefe3a03f90b27474051b3cd173bf347cdcf23acc6d57410e80f1a060c5
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc