Closed sr093906 closed 1 year ago
Blocked by phishing.army and https://gitlab.com/malware-filter/phishing-filter (curated from PhishTank, OpenPhish, phishunt.io)
ping @drego85: false positve?
Domain:
- aksu.edu.ng
Malware/Phishing/Scam:
- Malicous? LIKELY (2)
Top 1M rank:
- Umbrella: -/-
- Tranco: -/-
- Chrome: 693562/-
Nofilter DNS:
- Google OK
Secure DNS:
- CleanBrowsing BLOCKED
- Cloudflare OK
- CONTROLD.TIF BLOCKED
- DNS0.eu OK
- DNS0.eu.ZERO OK
- NextDNS.TIF_AI OK
- NRD.DGA.IDN OK
- OpenDNS OK
- Quad101 OK
- Quad9 OK
- SafeDNS OK
- UltraDNS OK
- Yandex OK
Blocklists:
- 1Hosts.Lite OK
- 1Hosts.Mini OK
- 1Hosts.Pro OK
- AdGuardDNS OK
- AhaDNS BLOCKED
- CONTROLD BLOCKED
- DNSforge.de BLOCKED
- EasyList OK
- HaGeZi.LIGHT BLOCKED
- HaGeZi.NORMAL BLOCKED
- HaGeZi.PERSONAL BLOCKED
- HaGeZi.PRO BLOCKED
- HaGeZi.PRO.PLUS BLOCKED
- HaGeZi.ULTIMATE BLOCKED
- hBlock OK
- Lightswitch05 OK
- NextDNS OK
- NoTracking BLOCKED
- OISD BLOCKED
- OVPN OK
- QuidsUp.NOTRACK OK
- StevenBlack OK
- Tiarap BLOCKED
Intels:
- Google https://transparencyreport.google.com/safe-browsing/search?url=aksu.edu.ng
- VirusTotal https://www.virustotal.com/en/domain/aksu.edu.ng/information/
- AlienVault https://otx.alienvault.com/indicator/domain/aksu.edu.ng
- Bitdefender https://trafficlight.bitdefender.com/info/?url=https%3A%2F%2Faksu.edu.ng
- FortiGuard https://www.fortiguard.com/webfilter?q=aksu.edu.ng
- Kaspersky https://opentip.kaspersky.com/aksu.edu.ng?tab=web
- McAfee https://siteadvisor.com/sitereport.html?url=aksu.edu.ng
- Norton https://safeweb.norton.com/report/show?url=aksu.edu.ng
- OpenDNS https://domain.opendns.com/aksu.edu.ng
- URLVoid https://www.urlvoid.com/scan/aksu.edu.ng/
- Yandex https://yandex.com/safety/?l10n=en&url=aksu.edu.ng
This website is probably compromised, still functioning as a redirect for a phishing campaign. The destination is disabled, but the redirect works.
http://www.aksu[.]edu[.]ng/resultsheet/includes/Online.html
It has been compromised since at least October 3: https://urlscan.io/result/f9d6dc99-f522-4a6d-93c7-ff115da2cdec/
Also in January it was hosting a phishing site:
http://www.aksu[.]edu[.]ng/resultsheet/includes/NavyFederalCredit.Union.HTML
Source:
If @sr093906 manage this website he can fix the problems and then we can request PhishTank and other lists to remove such urls from the blocking lists.
Please keep the issue open in case the issue is fixed one day.
Many thanks @drego85
aksu.edu.ng/resultsheet/includes/Online.html
redirected to bevel-invincible-pocket.glitch.me/NavyFederalCreditUnion-Logon.HTML
bevel-invincible-pocket.glitch.me/NavyFederalCreditUnion-Logon.HTML
got suspended by "Glitch" for violation of terms of service
aksu.edu.ng
is likely to be still compromised
Not necessary to keep the issue open, if the domain is removed from the phishing lists, it will be removed from my lists as well.
Akwa Ibom State University – AKSU
https://aksu.edu.ng/newsite/
https://rethinkdns.com/search?q=aksu.edu.ng https://www.virustotal.com/gui/url/3d2357c98a7d658ba383bccfcb8952bd0741aee29d4b8698bde722842db05b37/detection