www.vttlivraison.com Open in urlscan Pro
185.98.131.196 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vttlivraison.com/
Submission: On January 27 via automatic, source certstream-suspicious (January 27th 2022, 7:48:18 am UTC) — Scanned from FR

Summary HTTP 17 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 185.98.131.196, located in France and belongs to RMI-FITECH, FR. The main domain is www.vttlivraison.com.
TLS certificate: Issued by webdb95.lwspanel.com on August 14th 2020. Valid for: 10 years.

This is the only time www.vttlivraison.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fedex (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
17	185.98.131.196 185.98.131.196		16347 (RMI-FITECH) (RMI-FITECH)
17	1

17 185.98.131.196 (France)

ASN16347 (RMI-FITECH, FR)

www.vttlivraison.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	vttlivraison.com www.vttlivraison.com	393 KB
17	1

	Domain	Requested by
17	www.vttlivraison.com	www.vttlivraison.com
17	1

This site contains links to these domains. Also see Links.

Domain
www.fedex.com
france.fedex.com
assets.kampyle.com
developer.fedex.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
webdb95.lwspanel.com webdb95.lwspanel.com	`2020-08-14` - `2030-08-12`	10 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.vttlivraison.com/
Frame ID: 62C0FB5D84C9EC74C7E7E2D2197E9941
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Livraison

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

393 kB
Transfer

652 kB
Size

0
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fedex.com/en-us/home.html

Search URL Search Domain Scan URL

URL: https://www.fedex.com/en-fr/shipping.html#domestic
Title: Expedier (current)

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/tracking.html
Title: Suivi

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/customer-support.html
Title: Support

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/open-account.html
Title: Compte

Search URL Search Domain Scan URL

URL: https://france.fedex.com/tesow/webapp25?trans=tesow510&pgm=ACCOUNT
Title: Espace client

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/home.html

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/home.html

Search URL Search Domain Scan URL

URL: https://www.fedex.com/lite/lite-ship.html?locale=fr_fr&cntry_code=fr_english#address

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/about.html
Title: À propos de FedEx

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/about/careers.html
Title: Carrières

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/gender-equality-index.html
Title: Index de l'égalité femmes-hommes

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/about/holiday-schedule.html#fr_fr
Title: Liste des jours fériés dans le monde

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/conditions-of-carriage.html
Title: Conditions de Transport

Search URL Search Domain Scan URL

URL: https://assets.kampyle.com/clients/nebula/FedEx/FedEx/form.html?region=digital-cloud-eu-prem&websiteId=10189&formId=2068&cntry_code=fr&language=fr&env=prod
Title: Donnez votre avis

Search URL Search Domain Scan URL

URL: https://www.fedex.com/content/dam/fedex-com/legal/Customer_BCRs_Extract.pdf
Title: Règles d'entreprise contraignantes

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fcl/web/jsp/contactInfo.jsp?appName=fclfsm&locale=fr_fr&step3URL=https%3A%2F%2Fwww.fedex.com%2Fship%2FshipEntryAction.do%3Fmethod%3DdoRegistration%26link%3D1%26locale%3Dfr_fr%26urlparams%3Dfr%26sType%3DF&afterwardsURL=https%3A%2F%2Fwww.fedex.com%2Fship%2FshipEntryAction.do%3Fmethod%3DdoEntry%26link%3D1%26locale%3Dfr_fr%26urlparams%3Dfr%26sType%3DF&programIndicator=0
Title: Créer un identifiant fedex.com

Search URL Search Domain Scan URL

URL: http://www.fedex.com/fr/learn/
Title: Conseils

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/shipping/surcharges.html
Title: Surcharge carburant

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/shipping/rates.html
Title: Tarifs et suppléments

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/about/resources.html
Title: Espace de téléchargement

Search URL Search Domain Scan URL

URL: http://www.fedex.com/locate/?locale=fr_fr
Title: Points de dépôts FedEx

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/shipping/mobile.html
Title: Application FedEx Mobile

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/logistics.html
Title: FedEx Logistics

Search URL Search Domain Scan URL

URL: https://developer.fedex.com/
Title: FedEx Developer Portal

Search URL Search Domain Scan URL

URL: http://www.fedex.com/?location=home
Title: Belgium

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FedExEurope

Search URL Search Domain Scan URL

URL: https://twitter.com/FedExEurope

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCDsqnZfgEFgu7Fqx2zZAr3g

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fedex

Search URL Search Domain Scan URL

URL: http://www.fedex.com/fr/search/
Title: Plan du site

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/terms-of-use.html
Title: Conditions d'utilisation

Search URL Search Domain Scan URL

URL: https://www.fedex.com/fr-fr/privacy-policy.html
Title: Politique relative à la protection de la vie privée

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.vttlivraison.com/	22 KB 4 KB	538ms 50ms	Document text/html	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Full URL https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / PHP/8.0.14 Resource Hash `005c17430a3c15674f3e526960e54838d8be8f80e2bd1c13c977c94e840525fe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers server nginx date Thu, 27 Jan 2022 07:48:13 GMT content-type text/html; charset=UTF-8 content-length 3951 x-powered-by PHP/8.0.14 vary Host,Accept-Encoding content-encoding gzip
GET H2	200	bootstrap.min.css www.vttlivraison.com/assets/css/	170 KB 25 KB	79ms 79ms	Stylesheet text/css	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Full URL https://www.vttlivraison.com/assets/css/bootstrap.min.css Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `6e2a2832cb5d99f69efc8aefe7c48e07350c7a5d69e4cb7392444c353a5c1941` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT content-encoding gzip last-modified Wed, 26 Jan 2022 23:17:00 GMT server nginx etag "2a954-5d68466124c65-gzip" vary Host,Accept-Encoding content-type text/css accept-ranges bytes content-length 24873
GET H2	200	app.css www.vttlivraison.com/assets/css/	366 B 385 B	62ms 62ms	Stylesheet text/css	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Full URL https://www.vttlivraison.com/assets/css/app.css Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `fc52c1e86143c03b53b84ae68df027887582c3796937da02b186ea0b4a7c3473` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT content-encoding gzip last-modified Wed, 26 Jan 2022 23:16:59 GMT server nginx etag "16e-5d6846607ada3-gzip" vary Host,Accept-Encoding content-type text/css accept-ranges bytes content-length 209
GET H2	200	logo.png www.vttlivraison.com/assets/img/	18 KB 18 KB	134ms 131ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/logo.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:07 GMT server nginx etag "462c-5d6846686c0fe" vary Host content-type image/png accept-ranges bytes content-length 17964
GET H2	200	user.png www.vttlivraison.com/assets/img/	17 KB 17 KB	183ms 180ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/user.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `61a66fd63daf784b720989bac158628808ddc5a4c0fe7db05b5bed67f930f5e9` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:12 GMT server nginx etag "4517-5d68466cafdcd" vary Host content-type image/png accept-ranges bytes content-length 17687
GET H2	200	search.png www.vttlivraison.com/assets/img/	12 KB 12 KB	150ms 147ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/search.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `4a107393784dde95db9d00ff810eab1c9c67e4b509d46ffa757af4a24f18b00b` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:08 GMT server nginx etag "2e81-5d6846697b8c2" vary Host content-type image/png accept-ranges bytes content-length 11905
GET H2	200	1G.PNG www.vttlivraison.com/assets/img/	12 KB 12 KB	183ms 181ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/1G.PNG Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `870fa3c873b18e06dbf8b8ae52e840912d09d98adbaab4b70a083adae396c325` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:02 GMT server nginx etag "30d9-5d6846630250b" vary Host content-type image/png accept-ranges bytes content-length 12505
GET H2	200	sui1.PNG www.vttlivraison.com/assets/img/	11 KB 11 KB	183ms 180ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/sui1.PNG Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `3fdc6cab61ef5cd438326561c3daea5757d49ad041ae11392b11a6968ffcb280` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:09 GMT server nginx etag "2c3d-5d684669dd343" vary Host content-type image/png accept-ranges bytes content-length 11325
GET H2	200	2G.PNG www.vttlivraison.com/assets/img/	8 KB 8 KB	183ms 180ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/2G.PNG Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `16fc774dd51f7250601b15a8d787156c65d8f051d9c8974d25d68c7245689bea` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:02 GMT server nginx etag "2064-5d6846630250b" vary Host content-type image/png accept-ranges bytes content-length 8292
GET H2	200	thermo.jpg www.vttlivraison.com/assets/img/	105 KB 105 KB	184ms 182ms	Image image/jpeg	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/thermo.jpg Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `c8b0ce97b61e5edd4fb7cc5af9c531676b4453007f4366c10ce8df3c22a99b0a` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:10 GMT server nginx etag "1a260-5d68466b32067" vary Host content-type image/jpeg accept-ranges bytes content-length 107104
GET H2	200	mnd.png www.vttlivraison.com/assets/img/	19 KB 19 KB	184ms 182ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/mnd.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `19005f9ff9b6f522cc43c03e3bd094ebdba066a050a3642aec9adb68551dff3e` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:08 GMT server nginx etag "4b5d-5d68466904680" vary Host content-type image/png accept-ranges bytes content-length 19293
GET H2	200	fit.png www.vttlivraison.com/assets/img/	31 KB 32 KB	184ms 182ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/fit.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `fac788f811226f9c3a146bd0f7857877ed35c70dcb8f930be304d19542610df8` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:05 GMT server nginx etag "7dab-5d6846664c1d7" vary Host content-type image/png accept-ranges bytes content-length 32171
GET H2	200	twi.png www.vttlivraison.com/assets/img/	6 KB 6 KB	184ms 182ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/twi.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `74be0af5fcf5445bfd568f2afa86a4c0d77cbd8700346262e0b7345f2edc7308` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:11 GMT server nginx etag "18af-5d68466c233cb" vary Host content-type image/png accept-ranges bytes content-length 6319
GET H2	200	yo.png www.vttlivraison.com/assets/img/	3 KB 3 KB	183ms 181ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/yo.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `e2ff246c23ca6ca7424689df483b9553d1a069aaf4ae1a6ccc64cd89a2abdb89` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:12 GMT server nginx etag "b13-5d68466d127ee" vary Host content-type image/png accept-ranges bytes content-length 2835
GET H2	200	lin.png www.vttlivraison.com/assets/img/	75 KB 75 KB	184ms 182ms	Image image/png	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Show image Full URL https://www.vttlivraison.com/assets/img/lin.png Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `308bffac59b0202e2f2d2c894fc728cae51e625d45492d6becac23b0ff825615` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT last-modified Wed, 26 Jan 2022 23:17:06 GMT server nginx etag "12c4c-5d684667af95b" vary Host content-type image/png accept-ranges bytes content-length 76876
GET H2	200	jquery.js Show response www.vttlivraison.com/assets/js/	86 KB 30 KB	184ms 182ms	Script application/javascript	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Full URL https://www.vttlivraison.com/assets/js/jquery.js Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT content-encoding gzip last-modified Wed, 26 Jan 2022 23:17:14 GMT server nginx etag "15850-5d68466ee0694-gzip" vary Host,Accept-Encoding content-type application/javascript accept-ranges bytes content-length 30675
GET H2	200	bootstrap.min.js Show response www.vttlivraison.com/assets/js/	57 KB 15 KB	184ms 181ms	Script application/javascript	185.98.131.196 RMI-FITECH
General Check archive.org Show headers Download Go to Full URL https://www.vttlivraison.com/assets/js/bootstrap.min.js Requested by Host: www.vttlivraison.com URL: https://www.vttlivraison.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.98.131.196 , France, ASN16347 (RMI-FITECH, FR), Reverse DNS Software nginx / Resource Hash `0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.vttlivraison.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 07:48:13 GMT content-encoding gzip last-modified Wed, 26 Jan 2022 23:17:14 GMT server nginx etag "e2d8-5d68466ec7054-gzip" vary Host,Accept-Encoding content-type application/javascript accept-ranges bytes content-length 15437

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.vttlivraison.com
185.98.131.196
005c17430a3c15674f3e526960e54838d8be8f80e2bd1c13c977c94e840525fe
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
16fc774dd51f7250601b15a8d787156c65d8f051d9c8974d25d68c7245689bea
19005f9ff9b6f522cc43c03e3bd094ebdba066a050a3642aec9adb68551dff3e
308bffac59b0202e2f2d2c894fc728cae51e625d45492d6becac23b0ff825615
3fdc6cab61ef5cd438326561c3daea5757d49ad041ae11392b11a6968ffcb280
4a107393784dde95db9d00ff810eab1c9c67e4b509d46ffa757af4a24f18b00b
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
61a66fd63daf784b720989bac158628808ddc5a4c0fe7db05b5bed67f930f5e9
6e2a2832cb5d99f69efc8aefe7c48e07350c7a5d69e4cb7392444c353a5c1941
74be0af5fcf5445bfd568f2afa86a4c0d77cbd8700346262e0b7345f2edc7308
870fa3c873b18e06dbf8b8ae52e840912d09d98adbaab4b70a083adae396c325
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
c8b0ce97b61e5edd4fb7cc5af9c531676b4453007f4366c10ce8df3c22a99b0a
e2ff246c23ca6ca7424689df483b9553d1a069aaf4ae1a6ccc64cd89a2abdb89
fac788f811226f9c3a146bd0f7857877ed35c70dcb8f930be304d19542610df8
fc52c1e86143c03b53b84ae68df027887582c3796937da02b186ea0b4a7c3473

www.vttlivraison.com Open in urlscan Pro 185.98.131.196 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

393 kBTransfer

652 kBSize

0 Cookies

33 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

www.vttlivraison.com Open in urlscan Pro
185.98.131.196 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

393 kB
Transfer

652 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!