haosijia168.com Open in urlscan Pro
154.216.123.75 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f
Effective URL:
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/envoi-colissimo.html?colis=6Q02864XXX33?require=paiement
Submission: On December 21 via api (December 21st 2021, 5:04:06 am UTC) from JP — Scanned from JP

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 61 HTTP transactions. The main IP is 154.216.123.75, located in Hong Kong and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is haosijia168.com.

This is the only time haosijia168.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: La Poste (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 55	154.216.123.75 154.216.123.75	132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
2	2404:6800:400... 2404:6800:4004:819::200a	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:812::2003	15169 (GOOGLE) (GOOGLE)
61	3

55 154.216.123.75 (Hong Kong) 1 redirects

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

haosijia168.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:819::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:812::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	haosijia168.com 1 redirects haosijia168.com	642 KB
5	gstatic.com fonts.gstatic.com	86 KB
2	googleapis.com fonts.googleapis.com	2 KB
61	3

	Domain	Requested by
55	haosijia168.com	1 redirects haosijia168.com
5	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	haosijia168.com
61	3

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/envoi-colissimo.html?colis=6Q02864XXX33?require=paiement
Frame ID: C6B90C7D06AD082DB5EBD061BA74F088
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Envoyer mon Colissimo depuis ma boîte aux lettres – La Poste

Page URL History Show full URLs

http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f HTTP 301
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/ Page URL
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/envoi-colissimo.html?colis=6Q02864XXX... Page URL

Detected technologies

AddThis (Widgets) Expand

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

Page Statistics

61
Requests

11 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

730 kB
Transfer

2050 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/fr/app/id1439057093
Title: Application mobile la Poste Pro (Apple Store)

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.laposte.lapostepro
Title: Application mobile la Poste Pro (Google Store)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f HTTP 301
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/ Page URL
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/envoi-colissimo.html?colis=6Q02864XXX33?require=paiement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f HTTP 301
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/
Redirect Chain

http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f
http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/

120 B
350 B

75ms
74ms

Document
text/html

154.216.123.75
POWERLINE-AS-AP P...

General

Source	Level	URL Text
network	error	URL: http://haosijia168.com/bundles/pvrezcomment/js/yui/3.11.0/build/yui/yui-min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56a2543ab3f50232 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/envoyer/envoyer-un-courrier/16109-58-fre-FR/envoyer-un-courrier.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/envoyer/envoyer-un-colis/3156666-3-fre-FR/envoyer-un-colis.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/tous-les-services/push-code-la-route/3163305-1-fre-FR/push-code-la-route.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/tous-les-services/push-laposte-mobile/3163393-1-fre-FR/push-laposte-mobile.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/tous-les-services/push-courrier-colis/3163349-1-fre-FR/push-courrier-colis.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/bundles/pvrezcomment/js/yui/3.11.0/build/yui/yui-min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/envoyer-un-colis-ou-un-courrier/3819130-6-fre-FR/envoyer-un-colis-ou-un-courrier.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/services-vie-quotidienne/passer-le-code-de-la-route-pour-30/3822615-6-fre-FR/passer-le-code-de-la-route-pour-30.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/services-vie-quotidienne/veiller-sur-mes-parents/3822533-7-fre-FR/veiller-sur-mes-parents.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/demenagement-reexpedition/3819171-7-fre-FR/demenagement-reexpedition.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/services-vie-quotidienne/donner-procuration-a-un-proche/3822574-5-fre-FR/donner-procuration-a-un-proche.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/services-numeriques/simplifiez-vous-la-vie-administrative-avec-digiposte/3874337-3-fre-FR/simplifiez-vous-la-vie-administrative-avec-digiposte.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/colis/b72c6682eb679d2fc408336525dc5b1f/images/images/common/form-radio.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56a2543ab3f50232 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/services-numeriques/votre-identite-numerique-avec-la-poste/3874290-3-fre-FR/votre-identite-numerique-avec-la-poste.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/var/laposte/storage/images/particulier/sidebar/services-numeriques/votre-messagerie-la-poste.net/3874243-2-fre-FR/votre-messagerie-la-poste.net.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://haosijia168.com/ads.adverline.com/richmedias/tools/adnext_iframe.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

haosijia168.com Open in urlscan Pro 154.216.123.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

11 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

730 kBTransfer

2050 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

haosijia168.com Open in urlscan Pro
154.216.123.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

11 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

730 kB
Transfer

2050 kB
Size

0
Cookies

61 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!