urlscan.io logo urlscan.io
SecurityTrails logo

rgjeweller.mu Open in urlscan Pro
23.235.193.45  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Submission: On March 03 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 23.235.193.45, located in United States and belongs to IMH-IAD, US. The main domain is rgjeweller.mu.
This is the only time rgjeweller.mu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
8 23.235.193.45 54641 (IMH-IAD)
8 1
Apex Domain
Subdomains		 Transfer
8 rgjeweller.mu
rgjeweller.mu
616 KB
8 1
Domain Requested by
8 rgjeweller.mu rgjeweller.mu
8 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Frame ID: 5E911F1597A4B6AAE02C17FB5E400331
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

616 kB
Transfer

613 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
1d4638ca4049f377b955c200ae3dd7c7abf17f16bcdec330ebaaf5630679cafc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Date
Thu, 03 Mar 2022 09:02:23 GMT
Server
Apache
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
conv.min.css
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/css/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/css/conv.min.css
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
c2d5ac2e5a041d4925fd77de1880a678ad3638186f57e0970e0e081c6c8812d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 17:43:54 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18000
lofo.png
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/lofo.png
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
0371df3a9e4258155ee42f858fa1103eea2771ee8f5186622afe3adfc26b8100
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 17:43:54 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
24054
continue.png
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/ 		495 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/continue.png
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
97a4488434a10d406081498268d1c4452209922cf1c5802134ad9d3693c41112
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 17:43:54 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
495
m7.png
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/ 		500 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/m7.png
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
0b0e8860dc323f2d3431b407330217eaa8ed3a0c022a6949fb0ba9008a5a0cff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 17:43:54 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
500
small.jpg
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/ 		5 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/small.jpg?x=12f4b8b543125cc986c79cd85320812f
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:24 GMT
X-Content-Type-Options
nosniff
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
t1.jpg
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/ 		566 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/t1.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
7764c38d71f5ee52d39f237f08b4e82b4715c73bfa0afbaee30a60b0dfd058ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 17:43:54 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
579468
continue.png
rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/ 		495 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/continue.png
Requested by
Host: rgjeweller.mu
URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
Protocol
HTTP/1.1
Server
23.235.193.45 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
server.sprintas.com
Software
Apache /
Resource Hash
97a4488434a10d406081498268d1c4452209922cf1c5802134ad9d3693c41112
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 09:02:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 17:43:54 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
495

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Domain/Path Name / Value
rgjeweller.mu/ Name: 9d8d4aba8f4f217c6f8a0359656d3171
Value: 7f532ae8f235d9550b3610b2a78c7c48

1 Console Messages

Source Level URL
Text
network error URL: http://rgjeweller.mu/modules/mod_simplefileuploadv1.3/elements/Upgrade/Office365/images/small.jpg?x=12f4b8b543125cc986c79cd85320812f
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff