retourcolis-laposte.info Open in urlscan Pro
45.139.104.132 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://retourcolis-laposte.info/
Effective URL:
https://retourcolis-laposte.info/steps/index.php
Submission: On December 30 via api (December 30th 2024, 11:43:57 pm UTC) from US — Scanned from ES

Summary HTTP 3 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 45.139.104.132, located in Bulgaria and belongs to AS-493NETWORKING, US. The main domain is retourcolis-laposte.info.
TLS certificate: Issued by R11 on December 30th 2024. Valid for: 3 months.

This is the only time retourcolis-laposte.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: La Poste (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.139.104.132 45.139.104.132	399979 (AS-493NET...) (AS-493NETWORKING)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

2 45.139.104.132 (Bulgaria) 1 redirects

ASN399979 (AS-493NETWORKING, US)

retourcolis-laposte.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	retourcolis-laposte.info 1 redirects retourcolis-laposte.info	431 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	14 KB
0	Failed function sub() { [native code] }. Failed
3	3

	Domain	Requested by
2	retourcolis-laposte.info	1 redirects
1	cdnjs.cloudflare.com	retourcolis-laposte.info
0	Failed	retourcolis-laposte.info
3	3

This site contains links to these domains. Also see Links.

Domain
www.laposte.fr
laposte.net
localiser.laposte.fr
aide.laposte.fr
play.google.com
apps.apple.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
laposte.deafiline.net
www.laposterecrute.fr

Subject Issuer	Validity	Valid
retourcolis-laposte.info R11	`2024-12-30` - `2025-03-30`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://retourcolis-laposte.info/steps/index.php
Frame ID: 7093073BBBD8814850FBCA5EFB17DE57
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Suivre une lettre, un Colissimo ou un Chronopost - La Poste

Page URL History Show full URLs

https://retourcolis-laposte.info/ HTTP 302
https://retourcolis-laposte.info/steps/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

589 kB
Transfer

1662 kB
Size

1
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://www.laposte.fr/paris-2024
Title: Collection Paris 2024

Search URL Search Domain Scan URL

URL: https://laposte.net/accueil
Title: Laposte.net

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/mascotte-tennis-monnaie-de-10-argent/p/mp-600105749
Title: Mascotte - Tennis - Monnaie de 10€ Argent

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/mascotte-judo-monnaie-de-10-argent/p/mp-600105751
Title: Mascotte - Judo - Monnaie de 10€ Argent

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/monnaie-de-10-en-argent-mascotte-jeux-olympiques-2024-skateboard-millesime-2023/p/mp-600029841
Title: Monnaie de 10€ en argent - Mascotte - Jeux Olympiques 2024 Skateboard - Millésime 2023

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/boite-de-100-liasses-recommandees-sgr2-avec-accuse-reception/p/mp-500511192
Title: Boîte de 100 liasses recommandées SGR2 avec accusé réception

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/paquet-de-40-enveloppes-extra-blanches-100-recyclees-dl-110x220-80g-gpv/p/mp-500011581
Title: Paquet de 40 enveloppes extra blanches 100% recyclées dl 110x220 80g gpv

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/lot-de-5-enveloppes-a-bulles-matelassees-26-x-18-cm/p/mp-500079408
Title: Lot de 5 Enveloppes à bulles matelassées 26 x 18 cm

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/boite-aux-lettres-probat-demi-profondeur-gris-7016-visuel-non-contractuel/p/mp-600023480
Title: Boite aux lettres probat - demi profondeur- gris 7016 - visuel non contractuel

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/boite-aux-lettres-normalisee-burg-wachter-favor-beige-clair-2-portes/p/mp-500160481
Title: Boîte Aux Lettres normalisée - BURG-WÄCHTER FAVOR Beige Clair 2 portes

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/pack-de-2-boites-aux-lettres-1-porte-globe-trotter-blanc-ivoire/p/mp-600043083
Title: Pack de 2 boîtes aux lettres 1 porte - "Globe-trotter" - "Blanc ivoire"

Search URL Search Domain Scan URL

URL: https://localiser.laposte.fr/
Title: Proche de vous

Search URL Search Domain Scan URL

URL: https://aide.laposte.fr/contenu/quels-sont-les-modes-de-paiement-sur-le-site-la-poste?t=r
Title: Paiements 100% sécurisés

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/livraison
Title: Livraison offerte dès 25€ d'achat

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.laposte.lapostemobile

Search URL Search Domain Scan URL

URL: https://apps.apple.com/fr/app/la-poste-colis-courrier/id431602927

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/apps-mobiles
Title: Toutes nos applications

Search URL Search Domain Scan URL

URL: https://www.facebook.com/laposte
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/lisalaposte
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/laposte/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/laposte
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/envoi-courrier-en-ligne
Title: Envoyer sans vous déplacer

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/envois-importants-lettres-recommandees
Title: Envois importants

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/demenagement-absence
Title: Déménagement, Absence

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/veiller-sur-mes-parents
Title: Solutions Seniors

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/digiposte/tous-mes-documents-partout-et-tout-le-temps
Title: Digiposte

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/produits/presentation/comment-creer-votre-identite-numerique
Title: L'identité Numérique

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/recrutement-marketplace
Title: Vendre sur la Marketplace La Poste

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/marketplace
Title: Découvrir la Marketplace La Poste

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/activation-de-services
Title: Activer mes Services Plus pour envoyer mon courrier

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/acheter-enveloppes
Title: Enveloppes

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/timbres-enveloppes-emballages-cartes-postales
Title: Timbres

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/acheter-emballage
Title: Emballages

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/u/produits-collectionneurs
Title: Collectionneurs

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/boutique/acheter-cartes-de-voeux
Title: Cartes de voeux

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/produits/article/tarifs-consulter-le-catalogue-integral
Title: Tarifs postaux | Catalogue intégral

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/tarifs-postaux-courrier-lettres-timbres
Title: Grille de tarifs Courrier

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/tarifs-postaux-colis
Title: Grille de tarifs Colis

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/ecom/occ/smartedit/medias/sys_master/images/h50/hf6/12765875503134/Affiche%20tarifaire%20m%C3%A9tropole%20paysage%202024-23-11-08-web/Affiche-tarifaire-m-tropole-paysage-2024-23-11-08-web.pdf
Title: Affiche tarifaire courrier-colis

Search URL Search Domain Scan URL

URL: https://aide.laposte.fr/
Title: Aides et contact

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/moncompte-laposte-avantages
Title: Les avantages de Mon Compte La Poste

Search URL Search Domain Scan URL

URL: https://laposte.deafiline.net/connect/service/laposte
Title: Espace sourds et malentendants

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/avis-clients
Title: Votre avis est essentiel

Search URL Search Domain Scan URL

URL: https://www.laposterecrute.fr/recherche-offres?mot_cle=conseiller%20bancaire&
Title: Emplois et carrières des métiers bancaires

Search URL Search Domain Scan URL

URL: https://www.laposterecrute.fr/recherche-offres
Title: Emplois et carrières autres métiers

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/professionnel
Title: Professionnels

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/entreprise-collectivites
Title: Entreprises et Collectivités

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/le-groupe
Title: La Poste Groupe

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/plan-du-site
Title: Plan du site

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/accessibilite-particuliers
Title: Accessibilité : non conforme

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/conditions-contractuelles
Title: Conditions contractuelles

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/mentions-legales
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.laposte.fr/politique-de-protection-des-donnees
Title: Données personnelles et cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://retourcolis-laposte.info/ HTTP 302
https://retourcolis-laposte.info/steps/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
retourcolis-laposte.info/steps/
Redirect Chain

https://retourcolis-laposte.info/
https://retourcolis-laposte.info/steps/index.php

1 MB
431 KB

184ms
183ms

Document
text/html

45.139.104.132
AS-493NETWORKING

General

Check archive.org

Show headers Download Go to

Full URL: https://retourcolis-laposte.info/steps/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.139.104.132 , Bulgaria, ASN399979 (AS-493NETWORKING, US),
Reverse DNS
Software: nginx / PHP/8.2.22 PleskLin
Resource Hash: 776b9fcafa8bfc22514540dbf9f4ec3d9d8bb8282126b2e3514b2ab015090bc8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 23:43:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.22 PleskLin

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 23:43:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: steps/index.php
pragma: no-cache
server: nginx
x-powered-by: PHP/8.2.22 PleskLin

GET style.css
/C:/Users/chain/Downloads/ 0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5485289561b5f86fd5b50841a746d24fed07c5040dfc72056a2063dcf0a4871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f112e8820982bf63f77aeff1f4e4db06695cb97f4e9bfc9aea22a14991803051

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f28fc27c27c035737ad98e47dc87466317f62f6fa691e318ddaa8431c5b55bc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de1647e286b40e20beed25cd039ba7a5d047f8d45bca28e1a503345f49dca5a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da05e6bb043f9aa390092d99aad5d82a0aade1e3fe9fc46e480873203240e646

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b3da25d511f9b2ea7f067ffb40b87381ef71e5922d8f2d1cec5a6d36b5f599

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3924e1a8f4da817f7827317c1a28fc0aefc61a8a647a2644824524fb68e17c1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 47 KB
14 KB 97ms
51ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js

Requested by

Host: retourcolis-laposte.info
URL: https://retourcolis-laposte.info/steps/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e2d-bb78"
age: 593513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ze1ZExts9IZWA4GkPouVzZoUcM13BpjWJaJ4w%2FRa103UJbpTueSYpwdbuVJJB7TV8oKoYGPa60X%2BSQbRljniTQWwydkidYaVkdWUMEIxIbAAu0uCMy3Ml7%2B0kVCqUYfN5LoUMALW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 23:43:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 23:43:53 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:09:17 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8fa5e506085f60ca-MAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14107
server: cloudflare

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f4b3e2b8a84137549cf0eb665cf92ecc22826e7f45063a92c4888ed6fd14c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0905301ef7508be677a7df133728fa6e72a53f8739cf009c9130e8c50b6d1bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 323f034092ed4753e98a6d32d704115604ad6f7a5f662477d3a2c5b3d3b4f660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ad6163c31135249957d561cd088dd9ee07f45471e008ae608532e49834c2653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44b61850569339fba1bcb57366caf90e87629c64aab8b22d8bf8effbc40ff0ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866c7462b1487e4f0d6f05a4b57adb72bb850ef1ff63f01f2a1176fdb6e3ce1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e6c0859199f2645292d96c1fdd768c52ba83c4850026b070c99e2e442d9c92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6320df99811daa9399bb6a01b4070f02edfc35d72f35c9eafb27599af27c9880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6232154d26180769da3eceb9c4fc9b26e2796d7d8b55d96135b4d24e212d3336

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b6e223722f060ec8882fe2419692791b48a554881046938dafb4721e8771a71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ca13eb53da575260a378139a1084986133940babde2baf73e7cc7deb2ca9904

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 356e21f2dec6f862664b381de2fea8ca4187f370f53c8e0633df247382a3f6c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 420354082fe191f2092e7533d1e16a30b4402b7954980a610428d08fb45dbfc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 932 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2818e4d3b972dee4cc124a3dc56c7866de47ef13b1a2d8e58bb4c5a2194584f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13309b39ed792a0cae3932603af7ec4ff64284acf28563512e6707e4e6805065

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31c109bcd5c14db061434e0c844b4ea47a009534a57d6c6a4821042a7526fd96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd68a8f620d828589d23f9ef52ab83a26a5069924d496af2016c885be0698ca6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://retourcolis-laposte.info
Referer

Response headers

Content-Type: font/woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: file:///C:/Users/chain/Downloads/style.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: La Poste (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CryptoJS function| md5 function| sha1

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			retourcolis-laposte.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: ejqvgmfidc4vqojl2d9vuhdf05

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://retourcolis-laposte.info/steps/index.php(Line 11) Message: Not allowed to load local resource: file:///C:/Users/chain/Downloads/style.css

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


cdnjs.cloudflare.com
retourcolis-laposte.info

104.17.24.14
45.139.104.132
0ca13eb53da575260a378139a1084986133940babde2baf73e7cc7deb2ca9904
10e6c0859199f2645292d96c1fdd768c52ba83c4850026b070c99e2e442d9c92
13309b39ed792a0cae3932603af7ec4ff64284acf28563512e6707e4e6805065
2818e4d3b972dee4cc124a3dc56c7866de47ef13b1a2d8e58bb4c5a2194584f7
31c109bcd5c14db061434e0c844b4ea47a009534a57d6c6a4821042a7526fd96
323f034092ed4753e98a6d32d704115604ad6f7a5f662477d3a2c5b3d3b4f660
356e21f2dec6f862664b381de2fea8ca4187f370f53c8e0633df247382a3f6c8
3924e1a8f4da817f7827317c1a28fc0aefc61a8a647a2644824524fb68e17c1b
3b6e223722f060ec8882fe2419692791b48a554881046938dafb4721e8771a71
41b3da25d511f9b2ea7f067ffb40b87381ef71e5922d8f2d1cec5a6d36b5f599
420354082fe191f2092e7533d1e16a30b4402b7954980a610428d08fb45dbfc7
44b61850569339fba1bcb57366caf90e87629c64aab8b22d8bf8effbc40ff0ef
4ad6163c31135249957d561cd088dd9ee07f45471e008ae608532e49834c2653
56f4b3e2b8a84137549cf0eb665cf92ecc22826e7f45063a92c4888ed6fd14c7
6232154d26180769da3eceb9c4fc9b26e2796d7d8b55d96135b4d24e212d3336
6320df99811daa9399bb6a01b4070f02edfc35d72f35c9eafb27599af27c9880
776b9fcafa8bfc22514540dbf9f4ec3d9d8bb8282126b2e3514b2ab015090bc8
866c7462b1487e4f0d6f05a4b57adb72bb850ef1ff63f01f2a1176fdb6e3ce1a
c5485289561b5f86fd5b50841a746d24fed07c5040dfc72056a2063dcf0a4871
da05e6bb043f9aa390092d99aad5d82a0aade1e3fe9fc46e480873203240e646
dd68a8f620d828589d23f9ef52ab83a26a5069924d496af2016c885be0698ca6
de1647e286b40e20beed25cd039ba7a5d047f8d45bca28e1a503345f49dca5a3
e0905301ef7508be677a7df133728fa6e72a53f8739cf009c9130e8c50b6d1bb
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
f112e8820982bf63f77aeff1f4e4db06695cb97f4e9bfc9aea22a14991803051
f28fc27c27c035737ad98e47dc87466317f62f6fa691e318ddaa8431c5b55bc4

retourcolis-laposte.info Open in urlscan Pro 45.139.104.132 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

589 kBTransfer

1662 kBSize

1 Cookies

53 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

retourcolis-laposte.info Open in urlscan Pro
45.139.104.132 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

589 kB
Transfer

1662 kB
Size

1
Cookies

3 HTTP transactions
24 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!