oouagoiwoye.edu.ng Open in urlscan Pro
162.241.157.0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv...
Submission Tags: @ipnigh
Submission: On February 03 via api (February 3rd 2020, 12:58:53 am UTC) from GB

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 162.241.157.0, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is oouagoiwoye.edu.ng.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 18th 2020. Valid for: 3 months.

This is the only time oouagoiwoye.edu.ng was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Vkontakte (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
9	162.241.157.0 162.241.157.0		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
9	1

9 162.241.157.0 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-157-0.unifiedlayer.com

oouagoiwoye.edu.ng	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	oouagoiwoye.edu.ng oouagoiwoye.edu.ng	321 KB
9	1

	Domain	Requested by
9	oouagoiwoye.edu.ng	oouagoiwoye.edu.ng
9	1

This site contains no links.

Subject Issuer	Validity	Valid
oouagoiwoye.edu.ng Let's Encrypt Authority X3	`2020-01-18` - `2020-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
Frame ID: 2CF53464D3CA24F6ECA8BA4F87974AF0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

321 kB
Transfer

666 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set index.php Show response
oouagoiwoye.edu.ng/pass/ 8 KB
4 KB 948ms
947ms Document
text/html 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5 VK / PHP/3.22949 ASP.NET

Resource Hash

bf8ae6e4bd286dbca200ec9a593f4c9daef0942beba67c93899fc3e22d554f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	sameorigin

Request headers

Host: oouagoiwoye.edu.ng
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Cache-Control: no-store
Content-Type: text/html; charset=windows-1251
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5 VK
X-Powered-By: PHP/3.22949 ASP.NET
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=15768000
Set-Cookie: COOKIE%253Bremixlang%253B%252F%253B.vk.com=3%253Bsecure; expires=Sun, 24-Jan-2021 12:19:23 GMT; path=/; domain=.oouagoiwoye.edu.ng COOKIE%253Bremixlhk%253B%252F%253B.vk.com=36fd22995de004eb36%253Bsecure; expires=Sat, 06-Feb-2021 03:45:56 GMT; path=/; domain=.oouagoiwoye.edu.ng
Content-Disposition: inline; filename="authorize"
X-Powered-By-Plesk: PleskWin
Date: Mon, 03 Feb 2020 00:58:34 GMT
Content-Length: 3417

GET
H/1.1 200
OK index.php
oouagoiwoye.edu.ng/pass/ 393 KB
114 KB 1855ms
1854ms Stylesheet
text/css 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20Ro3zNb2hUb2zRLq1RLE5DK3a%2FzNC5aNaQaDC0yjG%3D

Requested by

Host: oouagoiwoye.edu.ng
URL: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5, VK / ASP.NET

Resource Hash

24bff55d25d164e628c90436a709bc86c5f85ff2a7a73cdeddbe4fadd86a5d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Date: Mon, 03 Feb 2020 00:58:35 GMT
Content-Disposition: inline; filename="common.css"
X-Powered-By-Plesk: PleskWin
X-Frontend: front605109
Last-Modified: Fri, 31 Jan 2020 15:14:09 GMT
Server: Microsoft-IIS/8.5, VK
ETag: "5e344441-52753"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=345600
Accept-Ranges: bytes
Expires: Fri, 07 Feb 2020 00:58:35 GMT

GET
H/1.1 200
OK index.php
oouagoiwoye.edu.ng/pass/ 61 KB
18 KB 1126ms
1125ms Stylesheet
text/css 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20Ro3zNb2hUb2dFK2sSo3zNxNi%3D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5, VK / ASP.NET

Resource Hash

fa05477b666a0e24e0a9d736733bc4533f99ce7cbbb190837cc33203d7de453e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Date: Mon, 03 Feb 2020 00:58:35 GMT
Content-Disposition: inline; filename="base.css"
Content-Length: 18292
X-Powered-By-Plesk: PleskWin
X-Frontend: front605109
Last-Modified: Fri, 24 Jan 2020 11:13:43 GMT
Server: Microsoft-IIS/8.5, VK
ETag: "5e2ad167-e02d"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=345600
Accept-Ranges: bytes
Expires: Fri, 07 Feb 2020 00:58:35 GMT

GET
H/1.1 200
OK index.php
oouagoiwoye.edu.ng/pass/ 6 KB
2 KB 783ms
782ms Stylesheet
text/css 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20Ro3zNb2hUb2nRLZvNp3r0nE5DK3a%2Faw%3D%3D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5, VK / ASP.NET

Resource Hash

ee6f066eeb5353a1020557a47f9ac167105a6725b4e7781fd3429eb28d29706b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Date: Mon, 03 Feb 2020 00:58:34 GMT
Content-Disposition: inline; filename="fonts_utf.css"
Content-Length: 1873
X-Powered-By-Plesk: PleskWin
X-Frontend: front605109
Last-Modified: Fri, 24 Jan 2020 11:13:55 GMT
Server: Microsoft-IIS/8.5, VK
ETag: "5e2ad173-11db"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=345600
Accept-Ranges: bytes
Expires: Fri, 07 Feb 2020 00:58:35 GMT

GET
H/1.1 200
OK index.php
oouagoiwoye.edu.ng/pass/ 186 KB
174 KB 1372ms
1371ms Stylesheet
text/css 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20Ro3zNb2hUb2nRLZvNp2zSJh9ToqaSo3zNxNi%3D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5, VK / ASP.NET

Resource Hash

a829957bc1615e417bb9f955b1cd1d3e9839e7cafb146693953aec73a781ac10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Date: Mon, 03 Feb 2020 00:58:35 GMT
Content-Disposition: inline; filename="fonts_cnt_mac.css"
X-Powered-By-Plesk: PleskWin
X-Frontend: front605109
Last-Modified: Fri, 24 Jan 2020 11:13:54 GMT
Server: Microsoft-IIS/8.5, VK
ETag: "5e2ad172-22e2f"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=345600
Accept-Ranges: bytes
Expires: Fri, 07 Feb 2020 00:58:35 GMT

GET
H/1.1 200
OK index.php
oouagoiwoye.edu.ng/pass/ 4 KB
2 KB 1133ms
838ms Stylesheet
text/css 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20Ro3zNb2hQMu9Ropr0Mh9QL3l1Kk5DK3a%2FzjeOajm2ajK0ajw%3D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5, VK / ASP.NET

Resource Hash

188f5befd8e726e1cc834708b150762e3c5640d22ee2c5dc6ccaf5819ed85b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Date: Mon, 03 Feb 2020 00:58:35 GMT
Content-Disposition: inline; filename="oauth_popup.css"
Content-Length: 1645
X-Powered-By-Plesk: PleskWin
X-Frontend: front605109
Last-Modified: Fri, 24 Jan 2020 11:15:25 GMT
Server: Microsoft-IIS/8.5, VK
ETag: "5e2ad1cd-fda"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=345600
Accept-Ranges: bytes
Expires: Fri, 07 Feb 2020 00:58:35 GMT

GET
H/1.1 200
OK index.php Show response
oouagoiwoye.edu.ng/pass/ 3 KB
2 KB 1135ms
839ms Script
application/x-javascript 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20RMZaRoplXb2zRLq1RLB9UMqJYJk5WKN8OatmOajK5ata3
Requested by: Host: oouagoiwoye.edu.ng
URL: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-157-0.unifiedlayer.com
Software: Microsoft-IIS/8.5, VK / ASP.NET
Resource Hash: 8d51d3444a0bd5851bc1213cad24cd54d73809210961891c3d9525c03c2206e5

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 00:58:35 GMT
Content-Encoding: gzip
X-Powered-By: ASP.NET
Content-Disposition: inline; filename="common_light.js"
Content-Length: 1448
X-Powered-By-Plesk: PleskWin
X-Frontend: front605109
Last-Modified: Sun, 02 Feb 2020 20:42:19 GMT
Server: Microsoft-IIS/8.5, VK
ETag: "5e37342b-db1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=345600
Accept-Ranges: bytes
Expires: Fri, 07 Feb 2020 00:58:35 GMT

GET
H/1.1 200
OK pjs.js Show response
oouagoiwoye.edu.ng/pass/ 4 KB
2 KB 917ms
132ms Script
application/javascript 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://oouagoiwoye.edu.ng/pass/pjs.js
Requested by: Host: oouagoiwoye.edu.ng
URL: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-157-0.unifiedlayer.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b846cc7c8830b6d78646aa7fccc30f1e23074e30c080256cb04bcd1f8e011520

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO9Ropr0Mk52MO5DL20Ropr0Mg9OMpXBx2zUMqrSJh9Xnj0TaunOnqvXKArDJh91KAC9Mfv0KfaBa0iBaCoBaCn2MO5DL20BaCnNMghOnu5QMfmBa0n1KAQBa0vYJfvQKOsOztzldte1aCoBaDsOvAzYoq1QMq9SopwSopzXousOztdgJpYBaDsOvA5BJ3aBaDsOvDeOztKNzusOztzgJpvTp3zRJpdDnusOztziJgrUnqJOoq0BaDsOzZr0Lr9TnqvXJq0BaDsNvgzYoq1QMq9SopvFK2BFdAvXK3lUopC9J2BCn2r0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Mon, 03 Feb 2020 00:58:35 GMT
Content-Encoding: gzip
ETag: "086fb19811d11:0"
Last-Modified: Wed, 28 Oct 2015 15:52:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1996

GET
H/1.1 200
OK index.php
oouagoiwoye.edu.ng/pass/ 462 B
983 B 802ms
801ms Image
image/png 162.241.157.0
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20RMq1Fn2rNb2PRn29HJAUSKg5Z

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.241.157.0 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-241-157-0.unifiedlayer.com

Software

Microsoft-IIS/8.5, VK / ASP.NET

Resource Hash

7274d450ff709e09bf4a9ef26028f433eeaae8f19cce8835a139ff3f8a95aac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://oouagoiwoye.edu.ng/pass/index.php?q=Mfv0Kfa6bO92MO5DL20Ro3zNb2hQMu9Ropr0Mh9QL3l1Kk5DK3a%2FzjeOajm2ajK0ajw%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000
X-Frontend: front605109
Last-Modified: Sun, 02 Feb 2020 20:42:17 GMT
Server: Microsoft-IIS/8.5, VK
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=604800
Date: Mon, 03 Feb 2020 00:58:36 GMT
Content-Disposition: inline; filename="logo_vk.png"
Accept-Ranges: bytes
Content-Length: 462
ETag: "5e373429-1ce"
Expires: Mon, 10 Feb 2020 00:58:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vkontakte (Social Network)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.oouagoiwoye.edu.ng/	1970-01-19 15:56:23	Name: COOKIE%253Bremixlhk%253B%252F%253B.vk.com Value: 36fd22995de004eb36%253Bsecure
			.oouagoiwoye.edu.ng/	1970-01-19 15:38:10	Name: COOKIE%253Bremixlang%253B%252F%253B.vk.com Value: 3%253Bsecure

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oouagoiwoye.edu.ng
162.241.157.0
188f5befd8e726e1cc834708b150762e3c5640d22ee2c5dc6ccaf5819ed85b0f
24bff55d25d164e628c90436a709bc86c5f85ff2a7a73cdeddbe4fadd86a5d4c
7274d450ff709e09bf4a9ef26028f433eeaae8f19cce8835a139ff3f8a95aac1
8d51d3444a0bd5851bc1213cad24cd54d73809210961891c3d9525c03c2206e5
a829957bc1615e417bb9f955b1cd1d3e9839e7cafb146693953aec73a781ac10
b846cc7c8830b6d78646aa7fccc30f1e23074e30c080256cb04bcd1f8e011520
bf8ae6e4bd286dbca200ec9a593f4c9daef0942beba67c93899fc3e22d554f01
ee6f066eeb5353a1020557a47f9ac167105a6725b4e7781fd3429eb28d29706b
fa05477b666a0e24e0a9d736733bc4533f99ce7cbbb190837cc33203d7de453e

oouagoiwoye.edu.ng Open in urlscan Pro 162.241.157.0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

321 kBTransfer

666 kBSize

2 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

35 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

oouagoiwoye.edu.ng Open in urlscan Pro
162.241.157.0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

321 kB
Transfer

666 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!