mon-colis-colissimo.org Open in urlscan Pro
45.131.187.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mon-colis-colissimo.org/
Effective URL:
https://mon-colis-colissimo.org/
Submission: On August 11 via manual (August 11th 2022, 7:39:27 am UTC) from FR — Scanned from FR

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 45.131.187.252, located in Zug, Switzerland and belongs to UP-NETWORK, CH. The main domain is mon-colis-colissimo.org.
TLS certificate: Issued by R3 on August 10th 2022. Valid for: 3 months.

This is the only time mon-colis-colissimo.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: La Poste (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 14	45.131.187.252 45.131.187.252	203790 (UP-NETWORK) (UP-NETWORK)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
16	4

14 45.131.187.252 (Zug, Switzerland) 1 redirects

ASN203790 (UP-NETWORK, CH)
PTR: myrdp.gg

mon-colis-colissimo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mon-colis-colissimo.org 1 redirects mon-colis-colissimo.org	145 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 ajax.googleapis.com — Cisco Umbrella Rank: 267	32 KB
1	gstatic.com fonts.gstatic.com	31 KB
16	3

	Domain	Requested by
14	mon-colis-colissimo.org	1 redirects mon-colis-colissimo.org
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	mon-colis-colissimo.org
1	fonts.googleapis.com	mon-colis-colissimo.org
16	4

This site contains no links.

Subject Issuer	Validity	Valid
mon-colis-colissimo.org R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mon-colis-colissimo.org/
Frame ID: 6C6958FB38B8BFCE39DA3BD1B700B380
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Colissimo

Page URL History Show full URLs

http://mon-colis-colissimo.org/ HTTP 301
https://mon-colis-colissimo.org/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

208 kB
Transfer

282 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mon-colis-colissimo.org/ HTTP 301
https://mon-colis-colissimo.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mon-colis-colissimo.org/
Redirect Chain

http://mon-colis-colissimo.org/
https://mon-colis-colissimo.org/

16 KB
6 KB

936ms
845ms

Document
text/html

45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PHP/8.0.22 PleskLin
Resource Hash: 2794924149329739e241d2595f8489883036ea5298df97af804893225c2388d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-length: 5540
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 07:39:23 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.22 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 11 Aug 2022 07:39:22 GMT
Location: https://mon-colis-colissimo.org/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 91ms
34ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&display=swap

Requested by

Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9acf8fa50b64116f1df2c21d59c38b21c9c71ede0b1cf467e974dbff0efd4f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 07:39:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 07:39:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 07:39:23 GMT

GET
H2 200 index.css
mon-colis-colissimo.org/css/ 5 KB
1 KB 45ms
44ms Stylesheet
text/css 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-colis-colissimo.org/css/index.css
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: de61fe1908040309ed6a238f4e12013f1125522a482cf8ab10efa2c517e9fa2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
content-encoding: br
etag: W/"62dd4f96-13c9"
last-modified: Sun, 24 Jul 2022 13:56:38 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 14:11:10 GMT

GET
H2 200 left.png
mon-colis-colissimo.org/img/ 474 B
643 B 46ms
46ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/left.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: c6c1246c4c8f77952f10e5af67b66299d8e9acdb9ec5ad945719b7c58fdc347d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
etag: "1da-5e48d6fc11600"
last-modified: Sun, 24 Jul 2022 13:56:40 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 474

GET
H2 200 logo.svg
mon-colis-colissimo.org/img/ 96 KB
97 KB 88ms
88ms Image
image/svg+xml 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/logo.svg
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 0058beaf9b33619a529ca466f7cf5f0bcda43d013751bdcfaf2b2c6ad0ab8e41

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:41 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f99-1816f"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 98671

GET
H2 200 pre.png
mon-colis-colissimo.org/img/ 150 B
319 B 123ms
121ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/pre.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 9e37241f29f50a62bf558727503c9213212f500469d2ee6b92c76ef9c1e2bebd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
etag: "96-5e48d6fd05840"
last-modified: Sun, 24 Jul 2022 13:56:41 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 150

GET
H2 200 1.png
mon-colis-colissimo.org/img/ 6 KB
6 KB 122ms
120ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/1.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 721b8147ef5959f4f934973e187ec60a8a7916c1357e436afdd686cd37e0e45f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:39 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f97-18f9"
content-type: image/png
accept-ranges: bytes
content-length: 6393

GET
H2 200 2.png
mon-colis-colissimo.org/img/ 8 KB
8 KB 121ms
119ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/2.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 44d5e0ea9c0c32bd4bfd233827e6be3503c8a7688ffaebde05676a1398889d2c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:39 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f97-1ef2"
content-type: image/png
accept-ranges: bytes
content-length: 7922

GET
H2 200 3.png
mon-colis-colissimo.org/img/ 4 KB
4 KB 121ms
120ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/3.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 7b7c8d7abe410c5784bb2422912d5c6ad2221c5c5216d4567273dff762610910

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:39 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f97-f07"
content-type: image/png
accept-ranges: bytes
content-length: 3847

GET
H2 200 4.jpg
mon-colis-colissimo.org/img/ 14 KB
14 KB 122ms
120ms Image
image/jpeg 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/4.jpg
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 8de21b69a9e78897c0dad5179ad15b01e4c8d4eb09bce2bb133e72f08c6ba99b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:39 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f97-392e"
content-type: image/jpeg
accept-ranges: bytes
content-length: 14638

GET
H2 200 one.jpg
mon-colis-colissimo.org/img/ 2 KB
2 KB 122ms
121ms Image
image/jpeg 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/one.jpg
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 22cb66ab44935ab8a8744839fcd731485d1ce299b0ae68f4041d36aa952c7a2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:41 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f99-70f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1807

GET
H2 200 two.png
mon-colis-colissimo.org/img/ 2 KB
2 KB 122ms
121ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/two.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 8cc9f24a87369c6091fd51d359f9d66a7119a92445d961e4f22d76b9ce8fd110

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:42 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f9a-6fb"
content-type: image/png
accept-ranges: bytes
content-length: 1787

GET
H2 200 three.png
mon-colis-colissimo.org/img/ 2 KB
2 KB 122ms
121ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/three.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 2e81165423114927baae6bdad54a00f510347eff0e1680d5a164dff3a21fb765

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:42 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f9a-72e"
content-type: image/png
accept-ranges: bytes
content-length: 1838

GET
H2 200 fourth.png
mon-colis-colissimo.org/img/ 2 KB
2 KB 122ms
122ms Image
image/png 45.131.187.252
UP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mon-colis-colissimo.org/img/fourth.png
Requested by: Host: mon-colis-colissimo.org
URL: https://mon-colis-colissimo.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.131.187.252 Zug, Switzerland, ASN203790 (UP-NETWORK, CH),
Reverse DNS: myrdp.gg
Software: nginx / PleskLin
Resource Hash: 23533e1ab495bb9fee2449aff3d675b79434d8816df7bb0d8a2b8fd5e595ee38

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://mon-colis-colissimo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:39:23 GMT
last-modified: Sun, 24 Jul 2022 13:56:40 GMT
server: nginx
x-powered-by: PleskLin
etag: "62dd4f98-7d4"
content-type: image/png
accept-ranges: bytes
content-length: 2004

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 83ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mon-colis-colissimo.org
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 15303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:24:20 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: La Poste (Transportation)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
mon-colis-colissimo.org
2a00:1450:4001:80e::200a
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
45.131.187.252
0058beaf9b33619a529ca466f7cf5f0bcda43d013751bdcfaf2b2c6ad0ab8e41
22cb66ab44935ab8a8744839fcd731485d1ce299b0ae68f4041d36aa952c7a2a
23533e1ab495bb9fee2449aff3d675b79434d8816df7bb0d8a2b8fd5e595ee38
2794924149329739e241d2595f8489883036ea5298df97af804893225c2388d6
2e81165423114927baae6bdad54a00f510347eff0e1680d5a164dff3a21fb765
44d5e0ea9c0c32bd4bfd233827e6be3503c8a7688ffaebde05676a1398889d2c
721b8147ef5959f4f934973e187ec60a8a7916c1357e436afdd686cd37e0e45f
7b7c8d7abe410c5784bb2422912d5c6ad2221c5c5216d4567273dff762610910
8cc9f24a87369c6091fd51d359f9d66a7119a92445d961e4f22d76b9ce8fd110
8de21b69a9e78897c0dad5179ad15b01e4c8d4eb09bce2bb133e72f08c6ba99b
9acf8fa50b64116f1df2c21d59c38b21c9c71ede0b1cf467e974dbff0efd4f5f
9e37241f29f50a62bf558727503c9213212f500469d2ee6b92c76ef9c1e2bebd
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
c6c1246c4c8f77952f10e5af67b66299d8e9acdb9ec5ad945719b7c58fdc347d
de61fe1908040309ed6a238f4e12013f1125522a482cf8ab10efa2c517e9fa2e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

mon-colis-colissimo.org Open in urlscan Pro 45.131.187.252 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

208 kBTransfer

282 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

mon-colis-colissimo.org Open in urlscan Pro
45.131.187.252 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

208 kB
Transfer

282 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!