www.post-track-lu.com Open in urlscan Pro
179.43.187.220 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.post-track-lu.com/
Effective URL:
https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e
Submission Tags: @phish_report
Submission: On September 29 via api (September 29th 2023, 8:12:18 am UTC) from FI — Scanned from CH

Summary HTTP 25 Redirects Links 120 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 179.43.187.220, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is www.post-track-lu.com.
TLS certificate: Issued by R3 on September 28th 2023. Valid for: 3 months.

This is the only time www.post-track-lu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Post Luxembourg (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 14	179.43.187.220 179.43.187.220	51852 (PLI-AS) (PLI-AS)
5	2606:4700:e0:... 2606:4700:e0::ac40:6818	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
4	2606:4700:e2:... 2606:4700:e2::ac40:8209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	5

14 179.43.187.220 (Zurich, Switzerland) 1 redirects

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com

www.post-track-lu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e0::ac40:6818 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8209 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	post-track-lu.com 1 redirects www.post-track-lu.com	251 KB
5	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 15411	130 KB
4	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 7091	30 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	30 KB
0	post.lu Failed cdn.post.lu Failed
25	5

	Domain	Requested by
14	www.post-track-lu.com	1 redirects www.post-track-lu.com
5	fonts.cdnfonts.com	www.post-track-lu.com fonts.cdnfonts.com
4	ka-f.fontawesome.com	www.post-track-lu.com
1	code.jquery.com	www.post-track-lu.com
0	cdn.post.lu Failed	www.post-track-lu.com
25	5

This site contains links to these domains. Also see Links.

Domain
postlu-suivi.com
www.post.lu
webmail.pt.lu
www.eboo.lu
www.mypost.lu
support.post.lu
business.post.lu
tv.post.lu
www.postphilately.lu
www.eservices.lu
careers.postgroup.lu
www.postgroup.lu
www.posttechnologies.lu
fr-fr.facebook.com
www.instagram.com
fr.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
post-track-lu.com R3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e
Frame ID: 96FF8A0800DE7D59B83E06542219F3A3
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track and Trace: Le suivi des envois, colis et recommandés - POST

Page URL History Show full URLs

https://www.post-track-lu.com/ HTTP 302
https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

440 kB
Transfer

2502 kB
Size

0
Cookies

120 Outgoing links

These are links going to different origins than the main page.

URL: https://postlu-suivi.com/app/
Title: Aller au menu principal

Source	Level	URL Text
network	error	URL: https://www.post-track-lu.com/assets/combo(1) Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Message: Access to font at 'https://cdn.post.lu/newpostlu/babel-theme/fonts/icomoon/icomoon.ttf?ivgh0p' from origin 'https://www.post-track-lu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.post.lu/newpostlu/babel-theme/fonts/icomoon/icomoon.ttf?ivgh0p Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Message: Access to font at 'https://cdn.post.lu/newpostlu/babel-theme/fonts/icomoon/icomoon.woff?ivgh0p' from origin 'https://www.post-track-lu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.post.lu/newpostlu/babel-theme/fonts/icomoon/icomoon.woff?ivgh0p Message: Failed to load resource: net::ERR_FAILED

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response www.post-track-lu.com/suivi/ Redirect Chain https://www.post-track-lu.com/ https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e	445 KB 59 KB	58ms 57ms	Document text/html	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PHP/8.1.23 PleskLin Resource Hash `f382384a4892db5c1dda1b913ec771fc24c2aa20bcd897d03d1d6059c60bf8db` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 29 Sep 2023 08:12:14 GMT server nginx vary Accept-Encoding x-powered-by PHP/8.1.23 PleskLin Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Fri, 29 Sep 2023 08:12:14 GMT location suivi/index.php?session=417494156ab7b855a836bd62ac135d1e server nginx x-powered-by PHP/8.1.23 PleskLin
GET H2	200	2b0499d3bf.js.t%C3%A9l%C3%A9chargement Show response www.post-track-lu.com/assets/	11 KB 4 KB	49ms 49ms	Script application/javascript	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/2b0499d3bf.js.t%C3%A9l%C3%A9chargement Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `591075ee09de7ed31cf42545d151d19d0339ee05e12c1c277f7731ccfe5fcd6b` Request headers Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Origin https://www.post-track-lu.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Mon, 02 Jan 2023 18:23:44 GMT server nginx etag W/"63b32130-2b10" x-powered-by PleskLin content-type application/javascript
GET H2	200	main.css www.post-track-lu.com/assets/	0 155 B	51ms 49ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/main.css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT last-modified Mon, 02 Jan 2023 18:23:44 GMT server nginx x-accel-version 0.01 etag "0-5f14c0d26ac00" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 0
GET H2	200	clay.css www.post-track-lu.com/assets/	675 KB 64 KB	60ms 59ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/clay.css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `bac1ecc1b317a55426c42183d7fc5e737857b26a4b32d17f0b5beb0fd5462dc9` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Mon, 02 Jan 2023 18:23:44 GMT server nginx etag W/"63b32130-a8a93" x-powered-by PleskLin content-type text/css
GET H2	200	main(1).css www.post-track-lu.com/assets/	127 KB 19 KB	85ms 84ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/main(1).css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `1c6f7342459fdb67a4922eb48f84170c365d9bfd27753e4f098bba11f043d121` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Thu, 05 Jan 2023 08:09:52 GMT server nginx etag W/"63b685d0-1fa81" x-powered-by PleskLin content-type text/css
GET H2	404	combo(1) www.post-track-lu.com/assets/	0 0	85ms 84ms	Stylesheet text/html	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/combo(1) Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / Resource Hash Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Thu, 28 Sep 2023 10:46:16 GMT server nginx etag W/"328-6066904772edd" content-type text/html
GET H2	200	main(2).css www.post-track-lu.com/assets/	97 KB 16 KB	86ms 85ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/main(2).css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `17183913c9e9aa9a2aa651aedabadddeb9ddb7ebfec964963258c842900f68c0` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Thu, 05 Jan 2023 08:11:06 GMT server nginx etag W/"63b6861a-184f0" x-powered-by PleskLin content-type text/css
GET H2	200	custom_post.css www.post-track-lu.com/assets/	755 KB 70 KB	86ms 85ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/custom_post.css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `d13ed1c2153bc5bfd6d8c8e9be716cb6a38cc45422fd69899c2b1fc9d7353ba7` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Thu, 05 Jan 2023 08:13:18 GMT server nginx etag W/"63b6869e-bca13" x-powered-by PleskLin content-type text/css
GET H2	200	fix_portal.css www.post-track-lu.com/assets/	5 KB 1 KB	87ms 86ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/fix_portal.css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `64903d815aec2c154d7f46688a8d58059a859b9a92bc4c2dc461b11078567233` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Mon, 02 Jan 2023 18:23:46 GMT server nginx etag W/"63b32132-12e8" x-powered-by PleskLin content-type text/css
GET H2	200	onetrust.css www.post-track-lu.com/assets/	23 KB 3 KB	87ms 86ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/onetrust.css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `8990d495123fb640e02c74a0583360c5f266a82eb531e1f94e1871cbdfa3a824` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Mon, 02 Jan 2023 18:23:46 GMT server nginx etag W/"63b32132-5c13" x-powered-by PleskLin content-type text/css
GET H2	200	museo-sans-rounded fonts.cdnfonts.com/css/	1 KB 710 B	163ms 41ms	Stylesheet text/css	2606:4700:e0::ac40:6818 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/css/museo-sans-rounded Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6818 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3c72994023b8a78762e377f0fa756f8632e5e89cf6454369cf054be06760b2f` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 24507353 cf-polished origSize=1329 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 19 Dec 2022 16:36:21 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la1hVLDfA2R2k%2FnXo2FVAjmtvUr48fazroRKY8Nv0vfaxpYKFjFJIqbsveJz5sGo6IYtLH7yC6FTE7QJGJammH7HUNIxQGuPuXvChJTeYjAmODYkzM0t3ic0nBZblOuYTN%2F2bihrId2leWB5ubDbxdk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 80e2c28d3db61cc5-FRA
GET H2	200	logo-post.svg www.post-track-lu.com/assets/	9 KB 10 KB	49ms 49ms	Image image/svg+xml	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.post-track-lu.com/assets/logo-post.svg Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT last-modified Mon, 02 Jan 2023 18:23:46 GMT server nginx etag "63b32132-25e4" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 9700
GET H2	200	styles.db47ce26ad85af70e928.css www.post-track-lu.com/assets/	7 KB 1 KB	49ms 48ms	Stylesheet text/css	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://www.post-track-lu.com/assets/styles.db47ce26ad85af70e928.css Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `d7123079a3b27fd1c072ca5c507f2ee895211311c046ed4aa6d18ff285ac5ac0` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding br last-modified Mon, 02 Jan 2023 18:23:08 GMT server nginx etag W/"63b3210c-1a14" x-powered-by PleskLin content-type text/css
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	76ms 22ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer https://www.post-track-lu.com/ Origin https://www.post-track-lu.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1174533 x-cache HIT, HIT content-length 30638 x-served-by cache-lga21965-LGA, cache-fra-eddf8230045-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1695975134.380042,VS0,VE0 etag W/"28feccc0-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 454, 634661
GET H2	200	logo-post-circle.png www.post-track-lu.com/assets/	5 KB 5 KB	50ms 50ms	Image image/png	179.43.187.220 PLI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.post-track-lu.com/assets/logo-post-circle.png Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.220 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS hostedby.privatelayer.com Software nginx / PleskLin Resource Hash `d8438feb7fb87f27e3f7356aa480223779610764372e434b99e67a8b0976bd5b` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/suivi/index.php?session=417494156ab7b855a836bd62ac135d1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT last-modified Mon, 02 Jan 2023 18:23:46 GMT server nginx etag "63b32132-1432" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 5170
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	100 KB 23 KB	115ms 67ms	Fetch text/css	2606:4700:e2::ac40:8209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=2b0499d3bf Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/assets/2b0499d3bf.js.t%C3%A9l%C3%A9chargement Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT via 1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop HAM50-C3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:08 GMT server cloudflare etag W/"2dbe34367e935e2684b01124b0860d71" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xiD9OKUAiQPmVpEp1QzzYuYsozBzQyFFB6GkheuxW%2FrkNGEe3%2FoE%2FC10Lpl%2FPaeKeyfXpN%2BNUSG%2Fhtg94W4jZmABAxjcMVgN7gPxg40frBzeYXLM19SNWX8KJJbzBUEL5fy9YhYDCqhb69fmEoCk2qoCw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 80e2c28dad7ebb86-FRA access-control-allow-headers fa-kit-token x-amz-cf-id b3HjmzDZqpQtmXY5onOvbaoRFPTFYiBclGhF0NmkPBdRtwDMDmuzNA==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	27 KB 5 KB	84ms 37ms	Fetch text/css	2606:4700:e2::ac40:8209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=2b0499d3bf Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/assets/2b0499d3bf.js.t%C3%A9l%C3%A9chargement Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT via 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 76280 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:08 GMT server cloudflare etag W/"0d00741459c51dd7330d97cd19326a7b" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyYYvU6loNoF5OqxB9oNPq4V1og%2F3x3r8Sbqr%2BfXJbS9%2F1gytMYgX4ZSvnaZ6VnmwI2%2FE%2BlItRTiaqdudDTta2UZwwff6Nd3oSFYm8aVOGa51qn1zxatZYkFDXh6Nx9egk4AEYgGaKCZTBH612RSwfmZyw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 80e2c28dad7fbb86-FRA access-control-allow-headers fa-kit-token x-amz-cf-id U5xg3BGCdsQNyc0RfhkZKQh4cfi84jTKBbmwm9fK2JWxLN5J-saGKA==
GET H2	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	823 B 720 B	82ms 35ms	Fetch text/css	2606:4700:e2::ac40:8209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=2b0499d3bf Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/assets/2b0499d3bf.js.t%C3%A9l%C3%A9chargement Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT via 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 76280 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:07 GMT server cloudflare etag W/"15e2713dff942747406520edde3fd0bf" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vVzdq2kiVQoxCFAJgGvLsm6LT1bR5xaGoCQxQtHMcy0u1hU0SJDs7qtwvByRC%2BM3dGq6lPEjcbQqK%2FrPZUFrxz0vpFJK%2FHKBWD3NMWDOptW3u7qPzPXCIJ3P%2FfS0eIncXn9F3DDR82AFwQtLH156AckXw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 80e2c28dad82bb86-FRA access-control-allow-headers fa-kit-token x-amz-cf-id XCkVosV-qU-ULv_hoqGrmOsZCTqZCp-gOIgg4fvBvz5dkzMSycYGBw==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	2 KB 1 KB	78ms 30ms	Fetch text/css	2606:4700:e2::ac40:8209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=2b0499d3bf Requested by Host: www.post-track-lu.com URL: https://www.post-track-lu.com/assets/2b0499d3bf.js.t%C3%A9l%C3%A9chargement Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210` Request headers accept-language de-CH,de;q=0.9 Referer https://www.post-track-lu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT via 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 76280 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:07 GMT server cloudflare etag W/"075b2106ba08d32bc88fff3724503b1e" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnEu%2BePMqrKzyL%2F4syy6wyIDqAcsHEitPSGWxlTOkX06noEeCAA%2FxDO69X7nLJMUtftaC3w8OSeGVNueFg3qOrKcL4SBU6NwaKbFpqldcQMij5CyGkAIbojBdQZezvvchzjl0PUcNIWRuNXTeKyMTM95Bg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 80e2c28dad80bb86-FRA access-control-allow-headers fa-kit-token x-amz-cf-id o0qoluwzRYRWKstpJBNZwexgHRI9fAMiIeVw9AOzREVak_rl01UCCw==
GET H2	200	MuseoSansRounded900.woff fonts.cdnfonts.com/s/27145/	31 KB 32 KB	112ms 45ms	Font font/woff	2606:4700:e0::ac40:6818 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/27145/MuseoSansRounded900.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/museo-sans-rounded Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6818 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef765e5e121d112ba8fccc72ba8671e33c78821dfa29db9eb92f19ab3de9069b` Request headers Referer https://fonts.cdnfonts.com/css/museo-sans-rounded Origin https://www.post-track-lu.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 08:12:14 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 76688 alt-svc h3=":443"; ma=86400 content-length 32080 last-modified Sat, 05 Feb 2022 02:00:43 GMT server cloudflare etag "7d50-5d73bbc2e0cbe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xm8HRzgBBanHxTa%2BLLTJbtXzcnocDTJBEZ6DARszvrOsMaYqrUSVqLRLatUl6tC51PAP0zOnN%2FO1I5mAS7Z6v%2FrLa3Zqsl9qI3mB6vaHZ6nF45kGjv4RW9O1jTe2CJ3NJ694Hb1qwMzpwHxmikTYUE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 80e2c28e791330ed-FRA

www.post-track-lu.com Open in urlscan Pro 179.43.187.220 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

75 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

440 kBTransfer

2502 kBSize

0 Cookies

120 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

www.post-track-lu.com Open in urlscan Pro
179.43.187.220 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

440 kB
Transfer

2502 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!