soltis.be Open in urlscan Pro
2001:4b98:dc5:253::9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://soltis.be/pack-id-2af543a/payment.php/
Submission: On December 23 via api (December 23rd 2024, 8:25:36 am UTC) from IE — Scanned from FR

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 2001:4b98:dc5:253::9, located in France and belongs to GANDI-AS-2 GANDI SAS, FR. The main domain is soltis.be.
TLS certificate: Issued by Gandi RSA Domain Validation Secure Se... on October 22nd 2024. Valid for: a year.

This is the only time soltis.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
14	2001:4b98:dc5... 2001:4b98:dc5:253::9	203476 (GANDI-AS-...) (GANDI-AS-2 GANDI SAS)
3	2a02:26f0:b70... 2a02:26f0:b700:59e::1dc5	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
30	3

14 2001:4b98:dc5:253::9 (France)

ASN203476 (GANDI-AS-2 GANDI SAS, FR)

soltis.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:b700:59e::1dc5 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

www.canadapost-postescanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	soltis.be soltis.be	127 KB
3	canadapost-postescanada.ca www.canadapost-postescanada.ca — Cisco Umbrella Rank: 146454	13 KB
0	auspost.com.au Failed auspost.com.au Failed
30	3

	Domain	Requested by
14	soltis.be	soltis.be
3	www.canadapost-postescanada.ca	soltis.be
0	auspost.com.au Failed	soltis.be
30	3

This site contains no links.

Subject Issuer	Validity	Valid
soltis.be Gandi RSA Domain Validation Secure Server CA 3	`2024-10-22` - `2025-11-21`	a year	crt.sh
www.canadapost.ca GeoTrust RSA CA 2018	`2024-03-19` - `2025-03-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://soltis.be/pack-id-2af543a/payment.php/
Frame ID: 777D192700C401E2E4C4FABBBED27743
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout Address

Page Statistics

30
Requests

57 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

140 kB
Transfer

476 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
soltis.be/pack-id-2af543a/payment.php/ 34 KB
9 KB 112ms
23ms Document
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 117
content-encoding: gzip
content-length: 9269
content-type: text/html; charset=UTF-8
date: Mon, 23 Dec 2024 08:23:01 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-powered-by: PHP/7.4.25
x-xss-protection: 1; mode=block

GET
H2 200 ap-letter-regular-webfont.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 26ms
23ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/ap-letter-regular-webfont.woff

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 ap-letter-medium-webfont.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 26ms
23ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/ap-letter-medium-webfont.woff

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 ap-letter-bold-webfont.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 25ms
23ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/ap-letter-bold-webfont.woff

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 APTypeText-Regular.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 25ms
23ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/APTypeText-Regular.woff

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 APTypeText-Medium.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 46ms
44ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/APTypeText-Medium.woff

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 APTypeText-Bold.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 29ms
26ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/APTypeText-Bold.woff

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 apicons.woff
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 29ms
27ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/apicons.woff?zejaon

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET theme.min.css
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/css/ 0
0

GET
H2 200 roboto-bold-webfont.woff2
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 28ms
26ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/roboto-bold-webfont.woff2

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 robotocondensed-bold-webfont.woff2
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 28ms
27ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/robotocondensed-bold-webfont.woff2

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 robotocondensed-regular-webfont.woff2
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 45ms
43ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/robotocondensed-regular-webfont.woff2

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 roboto-regular-webfont.woff2
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 68ms
67ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/roboto-regular-webfont.woff2

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 glyphicons-halflings-regular.woff2
soltis.be/pack-id-2af543a/payment.php/files/ 34 KB
9 KB 68ms
66ms Font
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/glyphicons-halflings-regular.woff2

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://soltis.be
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET jquery.iviewer.css
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/css/ 0
0

GET footer.css
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/auspost/ 0
0

GET FancyProductDesigner-all.min.css
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/js/vendor/fancyproductdesigner/source/css/ 0
0

GET
H/1.1 200
OK cpc-main-logo.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/ 12 KB
4 KB 293ms
47ms Image
image/svg+xml 2a02:26f0:b700:59e::1dc5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:b700:59e::1dc5 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://soltis.be/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
Cache-Control: max-age=86400, private
Content-Encoding: gzip
ETag: "591a0e84-3037"
Connection: keep-alive
Expires: Wed, 13 Nov 2024 13:55:51 GMT
Accept-Ranges: bytes
p3p: CP="NON CUR OTPi OUR NOR UNI"
Content-Length: 3967
Date: Mon, 23 Dec 2024 08:25:06 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 15 May 2017 20:24:36 GMT
Vary: Accept-Encoding

GET
H/1.1 200
OK cpc-logo.svg
www.canadapost-postescanada.ca/scp/assets/cpc/img/logos/ 938 B
4 KB 617ms
369ms Image
image/svg+xml 2a02:26f0:b700:59e::1dc5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/scp/assets/cpc/img/logos/cpc-logo.svg

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:b700:59e::1dc5 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://soltis.be/

Response headers

Content-Encoding: gzip
ETag: "61264d50-3aa"
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
Expires: Thu, 12 Dec 2024 11:04:42 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
Date: Mon, 23 Dec 2024 08:25:06 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 25 Aug 2021 14:01:52 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=86400, private
Connection: keep-alive
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://px.ads.linkedin.com https://google.com https://www.google.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
referrer-policy: no-referrer-when-downgrade
Accept-Ranges: bytes
Content-Length: 596
x-xss-protection: 1; mode=block

GET
H2 200 vma.svg
soltis.be/pack-id-2af543a/payment.php/files/ 6 KB
6 KB 68ms
67ms Image
text/html 2001:4b98:dc5:253::9
GANDI-AS-2 GANDI SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://soltis.be/pack-id-2af543a/payment.php/files/vma.svg

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4b98:dc5:253::9 , France, ASN203476 (GANDI-AS-2 GANDI SAS, FR),

Reverse DNS

Software

Apache / PHP/7.4.25

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://soltis.be/pack-id-2af543a/payment.php/

Response headers

content-encoding: gzip
age: 86
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
accept-ranges: bytes
x-cache: HIT
content-length: 9269
date: Mon, 23 Dec 2024 08:23:25 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
server: Apache
x-cache-hits: 1
vary: Accept-Encoding

GET loading-spinner.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/ 0
0

GET visa-card-coloured.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/ 0
0

GET master-card-coloured.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/ 0
0

GET amex-card-coloured.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/ 0
0

GET Visa.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/ 0
0

GET master-card.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/ 0
0

GET amex.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/ 0
0

GET help_support.svg
auspost.com.au/shop/static/WFS/AusPost-Site/Shop-auspost-B2CWebShop/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/ 0
0

GET
H/1.1 200
OK gov-canada-logo.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/ 9 KB
4 KB 296ms
48ms Image
image/svg+xml 2a02:26f0:b700:59e::1dc5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Requested by

Host: soltis.be
URL: https://soltis.be/pack-id-2af543a/payment.php/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:b700:59e::1dc5 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

6d2ffdcab7eca2ee69aac8b36b4b3fb662e1c0f556ec59c00491d11e1e4b74cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://soltis.be/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
Cache-Control: max-age=86400, private
Content-Encoding: gzip
ETag: "658387fc-24fa"
Connection: keep-alive
Expires: Sun, 01 Dec 2024 21:54:08 GMT
Accept-Ranges: bytes
p3p: CP="NON CUR OTPi OUR NOR UNI"
Content-Length: 4063
Date: Mon, 23 Dec 2024 08:25:06 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 21 Dec 2023 00:34:04 GMT
Vary: Accept-Encoding

GET feedback_icon.svg
auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/css/theme.min.css?lastModified=1632738603000

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/css/jquery.iviewer.css

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/auspost/footer.css

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/js/vendor/fancyproductdesigner/source/css/FancyProductDesigner-all.min.css

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/loading-spinner.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/visa-card-coloured.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/master-card-coloured.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/amex-card-coloured.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/Visa.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/master-card.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/amex.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Site/Shop-auspost-B2CWebShop/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/help_support.svg?isfile://AusPost-Site/Shop-auspost-B2CWebShop/AusPost-Shop-auspost-B2CWebShop/en_AU/ap-icons/help_support.svg

Domain: auspost.com.au
URL: https://auspost.com.au/shop/static/WFS/AusPost-Shop-Site/-/-/en_AU/img/svg-icon/feedback_icon.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auspost.com.au
soltis.be
www.canadapost-postescanada.ca
auspost.com.au
2001:4b98:dc5:253::9
2a02:26f0:b700:59e::1dc5
39c815579984d188480299abfcd6e6be6e646552fcf442922f7f873e283c1c3f
52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f
6d2ffdcab7eca2ee69aac8b36b4b3fb662e1c0f556ec59c00491d11e1e4b74cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

soltis.be Open in urlscan Pro 2001:4b98:dc5:253::9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

30 Requests

57 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

140 kBTransfer

476 kBSize

0 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

soltis.be Open in urlscan Pro
2001:4b98:dc5:253::9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

57 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

140 kB
Transfer

476 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!