postgroup-lu.com Open in urlscan Pro
164.68.115.95  Malicious Activity! Public Scan

Submitted URL: http://postgroup-lu.com/facture
Effective URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Submission: On September 20 via automatic, source openphish — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 164.68.115.95, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is postgroup-lu.com.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.
This is the only time postgroup-lu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Post Luxembourg (Transportation)

Domain & IP information

IP Address AS Autonomous System
4 26 164.68.115.95 51167 (CONTABO)
1 104.18.192.52 13335 (CLOUDFLAR...)
25 3
Apex Domain
Subdomains
Transfer
26 postgroup-lu.com
postgroup-lu.com
429 KB
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 15583
352 B
0 post.lu Failed
cdn.post.lu Failed
25 3
Domain Requested by
26 postgroup-lu.com 4 redirects postgroup-lu.com
1 hello.myfonts.net postgroup-lu.com
0 cdn.post.lu Failed postgroup-lu.com
25 3

This site contains no links.

Subject Issuer Validity Valid
postgroup-lu.com
R3
2023-06-27 -
2023-09-25
3 months crt.sh
*.myfonts.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-09-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Frame ID: 81CE6E0EBA34E5B317ABC88C5B520A84
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Track and Trace: Le suivi des envois, colis et recommandés - POSTTrack and TraceSearch EngineBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://postgroup-lu.com/facture HTTP 301
    https://postgroup-lu.com/facture HTTP 301
    https://postgroup-lu.com/facture/ HTTP 302
    https://postgroup-lu.com/facture/LuFrais/ HTTP 302
    https://postgroup-lu.com/facture/LuFrais/LUX1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

25
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

429 kB
Transfer

1622 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://postgroup-lu.com/facture HTTP 301
    https://postgroup-lu.com/facture HTTP 301
    https://postgroup-lu.com/facture/ HTTP 302
    https://postgroup-lu.com/facture/LuFrais/ HTTP 302
    https://postgroup-lu.com/facture/LuFrais/LUX1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request LUX1.php
postgroup-lu.com/facture/LuFrais/
Redirect Chain
  • http://postgroup-lu.com/facture
  • https://postgroup-lu.com/facture
  • https://postgroup-lu.com/facture/
  • https://postgroup-lu.com/facture/LuFrais/
  • https://postgroup-lu.com/facture/LuFrais/LUX1.php
240 KB
31 KB
Document
General
Full URL
https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PHP/8.0.30 PleskLin
Resource Hash
828f39ee521b49bd545f3e7caa66abb7f4a6639c26a3e8598b938d956487ca3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 03:17:51 GMT
server
nginx
x-powered-by
PHP/8.0.30 PleskLin

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 03:17:51 GMT
location
./LUX1.php
server
nginx
x-powered-by
PHP/8.0.30 PleskLin
main.css
postgroup-lu.com/facture/LuFrais/asx/
49 KB
9 KB
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/main.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
33f7ba54e91e5047a99b33bfa13829b80bf60621f13b37a903ab7ecfd97e3c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-c589"
x-powered-by
PleskLin
content-type
text/css
clay.css
postgroup-lu.com/facture/LuFrais/asx/
559 KB
59 KB
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/clay.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
53dd9472c339b9339490fbd27130189810390f1bf55b57f6aee08263e66a8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-8bb23"
x-powered-by
PleskLin
content-type
text/css
main(1).css
postgroup-lu.com/facture/LuFrais/asx/
79 KB
13 KB
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/main(1).css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
6efbf42b8df2e7d656c9f38b1951be1ec0b29e96cde928235fab2eb0f85bd903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-13d23"
x-powered-by
PleskLin
content-type
text/css
main(2).css
postgroup-lu.com/facture/LuFrais/asx/
82 KB
15 KB
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/main(2).css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
b1309e6083d9ca05b3817f7d2e2e6f81fdb8449a6c5bef26acba31e3e58af02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-14831"
x-powered-by
PleskLin
content-type
text/css
custom_post.css
postgroup-lu.com/facture/LuFrais/asx/
327 KB
37 KB
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/custom_post.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
25a985b09e65643f16e8f1647b63894af8bee9f0de0dce595f7efe0ba9e61474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-51a4e"
x-powered-by
PleskLin
content-type
text/css
fix_portal.css
postgroup-lu.com/facture/LuFrais/asx/
3 KB
838 B
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/fix_portal.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
bde904d5655730923c9f2e695d23e31ef49b14a3076bfa57445b633d62dfb899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-ab2"
x-powered-by
PleskLin
content-type
text/css
onetrust.css
postgroup-lu.com/facture/LuFrais/asx/
23 KB
3 KB
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/onetrust.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
41cf1c32876ab908fd4460abaaab8657f444c4d3e32c53ddbcff54dfac83ff9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-5c9c"
x-powered-by
PleskLin
content-type
text/css
logo-post.svg
postgroup-lu.com/facture/LuFrais/asx/
9 KB
10 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/logo-post.svg
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-25e4"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
9700
styles.ac9f89177784e2371ba7.css
postgroup-lu.com/facture/LuFrais/asx/
1 KB
530 B
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/styles.ac9f89177784e2371ba7.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
04526caad48ebb27b8dd9bad6be02ae8c92cd19ccd00bdbc3697972e6f4553a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
W/"649d7447-5c8"
x-powered-by
PleskLin
content-type
text/css
package.png
postgroup-lu.com/facture/LuFrais/asx/
1 KB
1 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/package.png
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
bc379cec5907e4de7326f5e1674de814b4a49de9bcd0d280345a63b3f1302012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-462"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
1122
logo-post-circle.png
postgroup-lu.com/facture/LuFrais/asx/
5 KB
5 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/logo-post-circle.png
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
d8438feb7fb87f27e3f7356aa480223779610764372e434b99e67a8b0976bd5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-1432"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
5170
styles.a77d7d7e77b32ba817c1.css
postgroup-lu.com/facture/LuFrais/asx/
255 B
260 B
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/styles.a77d7d7e77b32ba817c1.css
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
426d75e12884778fdeed19f879ffe83f6d916bcec034e31fc441149791318518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
x-accel-version
0.01
server
nginx
etag
W/"ff-5ff438f8e4c96"
x-powered-by
PleskLin
content-type
text/css
logo-post(1).svg
postgroup-lu.com/facture/LuFrais/asx/
9 KB
10 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/logo-post(1).svg
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-25e4"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
9700
agregation_compte_moteur_recherche.jpg
postgroup-lu.com/facture/LuFrais/asx/
35 KB
35 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/agregation_compte_moteur_recherche.jpg
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
515a3a00a375dab334e6c8c9c26beffd3b81ceac2f4451bfd9183321cb789e13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-8bf1"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
35825
packup_img.jpg
postgroup-lu.com/facture/LuFrais/asx/
14 KB
14 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/packup_img.jpg
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
c54f4fe18dbc658d293686cc5c32d477c929c1dfc058c383579b847982c0dfe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-3601"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
13825
bamboo.jpg
postgroup-lu.com/facture/LuFrais/asx/
49 KB
49 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/bamboo.jpg
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
1d0ce22c09af9702c61733a7fe8b6e91b3126d968df8dfb7923ccb697fa215ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-c4e6"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
50406
facture_client.jpg
postgroup-lu.com/facture/LuFrais/asx/
22 KB
23 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/facture_client.jpg
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
d33ae1cc6cced5a19f7e11f432b59aad8cf8da0cfe7455e52f154b21c2f61338

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-59a4"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
22948
aui_deprecated.css
postgroup-lu.com/facture/LuFrais/asx/portal/
0
0
Stylesheet
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/portal/aui_deprecated.css?t=1598461760344
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/asx/main(1).css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/asx/main(1).css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:51 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:50:09 GMT
server
nginx
etag
W/"328-5ff1a3b20f71b"
content-type
text/html
3d702d
hello.myfonts.net/count/
0
352 B
Stylesheet
General
Full URL
https://hello.myfonts.net/count/3d702d
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/asx/custom_post.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.192.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:52 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
8096eaf8880f4db5-FRA
content-length
0
expires
Thu, 19 Sep 2024 03:17:52 GMT
package.png
postgroup-lu.com/facture/LuFrais/asx/
1 KB
1 KB
Image
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/package.png
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
bc379cec5907e4de7326f5e1674de814b4a49de9bcd0d280345a63b3f1302012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://postgroup-lu.com/facture/LuFrais/LUX1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:52 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-462"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
1122
font.woff2
postgroup-lu.com/facture/LuFrais/asx/
26 KB
26 KB
Font
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/font.woff2
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/asx/custom_post.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
d705e7b8df406db8a9c85bd139805f9c229810f3326b18089567a731fa0c7005

Request headers

Referer
https://postgroup-lu.com/facture/LuFrais/asx/custom_post.css
Origin
https://postgroup-lu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:52 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-6910"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
26896
icomoon.ttf
postgroup-lu.com/facture/LuFrais/asx/
86 KB
86 KB
Font
General
Full URL
https://postgroup-lu.com/facture/LuFrais/asx/icomoon.ttf?3oo126
Requested by
Host: postgroup-lu.com
URL: https://postgroup-lu.com/facture/LuFrais/asx/custom_post.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.68.115.95 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
wrld.alojatudo.online
Software
nginx / PleskLin
Resource Hash
1941d69eb1c8e8277dd0d85545281506041aa524ae55577a364017c780d0df9f

Request headers

Referer
https://postgroup-lu.com/facture/LuFrais/asx/custom_post.css
Origin
https://postgroup-lu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:17:52 GMT
last-modified
Thu, 29 Jun 2023 12:08:39 GMT
server
nginx
etag
"649d7447-156dc"
x-powered-by
PleskLin
content-type
application/font-sfnt
accept-ranges
bytes
content-length
87772
font.woff2
cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/
0
0

font.woff
cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.post.lu
URL
https://cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/font.woff2
Domain
cdn.post.lu
URL
https://cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/font.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Post Luxembourg (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
.myfonts.net/ Name: __cf_bm
Value: VTYfohBMi8jy.Xo2uxMfwd1GfPLIHyxC0DtkgXolnRg-1695179872-0-AYC82StaHz5icc5nA6ZXEFuQ6FbdDPUEpUWvRO7UTN3SIMkr9zdDTp45IWrEx0qp9oUl8ryEgCte9DPaEMzg/3k=

5 Console Messages

Source Level URL
Text
network error URL: https://postgroup-lu.com/facture/LuFrais/asx/portal/aui_deprecated.css?t=1598461760344
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Message:
Access to font at 'https://cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/font.woff2' from origin 'https://postgroup-lu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/font.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://postgroup-lu.com/facture/LuFrais/LUX1.php
Message:
Access to font at 'https://cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/font.woff' from origin 'https://postgroup-lu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.post.lu/newpostlu/babel-theme/fonts/museo/MuseoSansRounded300/font.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.post.lu
hello.myfonts.net
postgroup-lu.com
cdn.post.lu
104.18.192.52
164.68.115.95
04526caad48ebb27b8dd9bad6be02ae8c92cd19ccd00bdbc3697972e6f4553a1
1941d69eb1c8e8277dd0d85545281506041aa524ae55577a364017c780d0df9f
1d0ce22c09af9702c61733a7fe8b6e91b3126d968df8dfb7923ccb697fa215ac
25a985b09e65643f16e8f1647b63894af8bee9f0de0dce595f7efe0ba9e61474
33f7ba54e91e5047a99b33bfa13829b80bf60621f13b37a903ab7ecfd97e3c0f
41cf1c32876ab908fd4460abaaab8657f444c4d3e32c53ddbcff54dfac83ff9d
426d75e12884778fdeed19f879ffe83f6d916bcec034e31fc441149791318518
515a3a00a375dab334e6c8c9c26beffd3b81ceac2f4451bfd9183321cb789e13
53dd9472c339b9339490fbd27130189810390f1bf55b57f6aee08263e66a8159
59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc
6efbf42b8df2e7d656c9f38b1951be1ec0b29e96cde928235fab2eb0f85bd903
828f39ee521b49bd545f3e7caa66abb7f4a6639c26a3e8598b938d956487ca3e
b1309e6083d9ca05b3817f7d2e2e6f81fdb8449a6c5bef26acba31e3e58af02e
bc379cec5907e4de7326f5e1674de814b4a49de9bcd0d280345a63b3f1302012
bde904d5655730923c9f2e695d23e31ef49b14a3076bfa57445b633d62dfb899
c54f4fe18dbc658d293686cc5c32d477c929c1dfc058c383579b847982c0dfe9
d33ae1cc6cced5a19f7e11f432b59aad8cf8da0cfe7455e52f154b21c2f61338
d705e7b8df406db8a9c85bd139805f9c229810f3326b18089567a731fa0c7005
d8438feb7fb87f27e3f7356aa480223779610764372e434b99e67a8b0976bd5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855