urlscan.io logo urlscan.io
SecurityTrails logo

muslimtrail.com Open in urlscan Pro
192.185.76.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk
Effective URL: https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/?signin=d41d8cd98f00b204e9800998ecf8427e&...
Submission: On November 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 192.185.76.28, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is muslimtrail.com.
TLS certificate: Issued by R3 on November 29th 2021. Valid for: 3 months.
This is the only time muslimtrail.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 4 192.185.76.28 46606 (UNIFIEDLA...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:3c01::f0... 63949 (LINODE-AP...)
4 4
Apex Domain
Subdomains		 Transfer
4 muslimtrail.com
muslimtrail.com
31 KB
1 jsonip.com
jsonip.com
452 B
1 cloudflare.com
cdnjs.cloudflare.com
64 KB
4 3
Domain Requested by
4 muslimtrail.com 2 redirects
1 jsonip.com cdnjs.cloudflare.com
1 cdnjs.cloudflare.com muslimtrail.com
4 3

This site contains no links.

Subject Issuer Validity Valid
www.muslimtrail.com
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
jsonip.com
R3		 2021-09-24 -
2021-12-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05
Frame ID: FB887B0DB274A7D128211F7DCC3E49DD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in

Page URL History Show full URLs

  1. https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk HTTP 301
    https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/ HTTP 303
    https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/r.php?signin=d41d8cd98f... Page URL
  2. https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/?signin=d41d8cd98f00b... Page URL

Page Statistics

4
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

95 kB
Transfer

349 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk HTTP 301
    https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/ HTTP 303
    https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/r.php?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05 Page URL
  2. https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk HTTP 301
  • https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/ HTTP 303
  • https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/r.php?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r.php
muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/
Redirect Chain
  • https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk
  • https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/
  • https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/r.php?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05
222 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/r.php?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.76.28 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.stardust.com.ng
Software
Apache /
Resource Hash
fa2e3075679329494d52bffa097e19db82a8654facdd8bdc3aee13bb3d49ba9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-length
207
content-type
text/html; charset=UTF-8
date
Mon, 29 Nov 2021 20:03:52 GMT
server
Apache

Redirect headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
./r.php?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05
content-security-policy
upgrade-insecure-requests
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 29 Nov 2021 20:03:51 GMT
server
Apache
Primary Request /
muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/ 		54 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.76.28 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.stardust.com.ng
Software
Apache /
Resource Hash
445f2365abbc34683c421710dd50b77d17960589779a2fb2ebe11bf569611c40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/r.php?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 29 Nov 2021 20:03:53 GMT
server
Apache
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/ 		257 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.js
Requested by
Host: muslimtrail.com
URL: https://muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=fab8dd7c4bc1d3899eac6124980407c3a5e51405fd1d2f4c5ee44c2134adb24fee488d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb3cb67ef2f0f1b76167135cef6570a409c79b23f0bc0ede71c9a4018f1408a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://muslimtrail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 20:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14241900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64997
cf-request-id
0abe02e6650000dfc74d27b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-40464"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUG8S6Mv2SRr2x1JWoTBzz%2FB7Pd39aRE4az564sWWGGUhZA1LAsCR%2BtPHQeU84kqJz%2BBxRiTSzY7hKHjpdCP7Cqmd6vImvjmthSP19WszsBQ9oDxxSRSORD5Vr8zs03skRmkYEzkdLyvQqAGSr4WcXVG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b5e7128c82d4401-FRA
expires
Sat, 19 Nov 2022 20:03:54 GMT
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6c537d73cec0ac215933641e514f7f9ee31a33b5262ae84526d94a3204800f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
/
jsonip.com/ 		151 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/?callback=jQuery30004479975027326577_1638216234403&_=1638216234404
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
666dc7630eae0d512ffd88043c52c927c1a9ca3e71a079892b84c9cf32796f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://muslimtrail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 20:03:54 GMT
Server
nginx/1.20.1
Strict-Transport-Security
max-age=31536000;
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d609dbe15ef51e8b9c4ff3d518eb50fe95f3b4c829b8ec5a5d07e2ebad6be46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45c8d2623c428695d029940c43f4782330ad857cf697241b8e404d5ae7f93f2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab53630832444a1be393e9f5ed7cc967f0ce020705a7ca2c7739a80ddd8d7c51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| getIPAddress string| x

2 Cookies

Domain/Path Name / Value
muslimtrail.com/systems/PdJWsG3uqkjoNs8dqd39MCGCiJ4vbnG63yAsCCPUg6wk/s Name: ip11
Value: 2a0f:9441:5:0:e5::1
muslimtrail.com/ Name: PHPSESSID
Value: 20432211e1e037a12e5e33c42f2ccd1e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests