krcgenk.planbookgo.be
Open in
urlscan Pro
176.62.173.241
Malicious Activity!
Public Scan
Submission: On March 01 via api from IE — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 13th 2022. Valid for: 3 months.
This is the only time krcgenk.planbookgo.be was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: La Poste (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 176.62.173.241 176.62.173.241 | 34762 (COMBELL-AS) (COMBELL-AS) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
42 | 5 |
ASN34762 (COMBELL-AS, BE)
PTR: linweb115.webhosting.be
krcgenk.planbookgo.be |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
planbookgo.be
krcgenk.planbookgo.be |
373 KB |
2 |
imgur.com
1 redirects
i.imgur.com — Cisco Umbrella Rank: 5080 |
954 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197 |
27 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610 |
7 KB |
0 |
ameli.fr
Failed
assure.ameli.fr Failed |
|
42 | 5 |
Domain | Requested by | |
---|---|---|
21 | krcgenk.planbookgo.be |
krcgenk.planbookgo.be
|
2 | i.imgur.com |
1 redirects
krcgenk.planbookgo.be
|
1 | cdnjs.cloudflare.com |
krcgenk.planbookgo.be
|
1 | maxcdn.bootstrapcdn.com |
krcgenk.planbookgo.be
|
0 | assure.ameli.fr Failed |
krcgenk.planbookgo.be
|
42 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.chronopost.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
krcgenk.planbookgo.be R3 |
2022-02-13 - 2022-05-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://krcgenk.planbookgo.be/chronopost/loding3.html
Frame ID: 9991B6ABC06194B6BE78B23D4D20B317
Requests: 42 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Contenu de page
Search URL Search Domain Scan URL
Title: Aide
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: EXPEDIER
Search URL Search Domain Scan URL
Title: ENLEVER
Search URL Search Domain Scan URL
Title: SUIVRE
Search URL Search Domain Scan URL
Title: OFFRE CHRONOPOST
Search URL Search Domain Scan URL
Title: A PROPOS DE CHRONOPOST
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://i.imgur.com/dsvPWDU.gif HTTP 302
- https://i.imgur.com/removed.png
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
loding3.html
krcgenk.planbookgo.be/chronopost/ |
33 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
krcgenk.planbookgo.be/chronopost/poste_files/ |
64 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-3.3.6.min.css
krcgenk.planbookgo.be/chronopost/templates/styles/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autentification.css
krcgenk.planbookgo.be/chronopost/templates/styles/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-chronopost-international.png
krcgenk.planbookgo.be/chronopost/poste_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
biblicnam-standalone.min.js
assure.ameli.fr/PortailAS/biblicnam/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fenetre.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
afficheElement.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OpenPopup.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
validation.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
calendar.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
calendar-setup.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
calendar-fr.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AideSaisie.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
refonte_biblicnam.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
questionnaireSatisfaction.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blocs.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
invalidite.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
paiement.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
informationsPerso.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
questionnaireNotationEtoile.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dmp.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
window.css
assure.ameli.fr/PortailAS/framework/skins/bighorn/borderless/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 711 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-fc.png
krcgenk.planbookgo.be/chronopost/templates/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fermer.svg
krcgenk.planbookgo.be/chronopost/templates/images/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aide.svg
krcgenk.planbookgo.be/chronopost/templates/images/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
double-logo.png
krcgenk.planbookgo.be/chronopost/poste_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
num_fiscal.png
krcgenk.planbookgo.be/chronopost/templates/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
num_acces.png
krcgenk.planbookgo.be/chronopost/templates/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rfr.gif
krcgenk.planbookgo.be/chronopost/templates/images/ |
21 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rfr2.gif
krcgenk.planbookgo.be/chronopost/templates/images/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rfr_th.gif
krcgenk.planbookgo.be/chronopost/templates/images/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Miniballs.gif
krcgenk.planbookgo.be/chronopost/templates/images/ |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
krcgenk.planbookgo.be/chronopost/templates/js/ |
94 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
krcgenk.planbookgo.be/chronopost/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth.js
krcgenk.planbookgo.be/chronopost/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
urls.js
krcgenk.planbookgo.be/chronopost/templates/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picto-search.png
krcgenk.planbookgo.be/chronopost/images/commun/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PlutoSansDPDRegular-Web.woff
krcgenk.planbookgo.be/chronopost/poste_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/biblicnam/js/biblicnam-standalone.min.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/framework/skins/assure/js/fenetre.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/framework/skins/assure/js/afficheElement.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/OpenPopup.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/framework/skins/assure/js/validation.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/calendar.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/calendar-setup.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/calendar-fr.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/AideSaisie.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/refonte_biblicnam.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/questionnaireSatisfaction.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/blocs.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/invalidite.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/paiement.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/informationsPerso.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/questionnaireNotationEtoile.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/dmp.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/framework/skins/bighorn/borderless/css/window.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: La Poste (Transportation)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assure.ameli.fr
cdnjs.cloudflare.com
i.imgur.com
krcgenk.planbookgo.be
maxcdn.bootstrapcdn.com
assure.ameli.fr
151.101.112.193
176.62.173.241
2606:4700::6810:125e
2606:4700::6812:bcf
081f617d20c0d2420e4f16b1ea74665263cf1dc94b165344e9db43c8f692fa67
0a8a9368bbba942ea15ef2ab84bed69a997d883b7f055a45846485a04b0175c2
18772aeed03cde3b768320d3ba30034c0dd14f51cfefa202e2b3d6f7dc7fab99
1d42364c9b8078322d930e44074908a45e43a93cec6c42f7c571ae1b1e04f9f6
21e1dfc73df3b77cac7783382449a016056d05dafb2cd3943c17abe69407ac0f
262b94a9c49a08a294695ec1ed75c6a541ef8ad05a81d6c3a9446f7caf4e50fa
30c41fffa269f92fe8cd7f7b8826158257370884de8bd331c88fe32838a2b0fe
3b2bb09c01b02bb29d3fc92d541016d59b5f2a0ff77ed83be840019e519f52d8
4d644aae3091c93a949be93b969dcd0f1ac12faf5c233556a6aa9d64b79479d6
662ee4624be6f67f73e1365f9ed8eaba64b08044eea22f41102b64cfa1b97c6b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a1ffefb7605c98a92890e4ab41705314eb5c2aab201d4863cb06a24ee2d383d
93052de213608af0a749fe25e7d8673e5999c8a1a839ca0bb742cf499eeb4e6d
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
c4544c13ad576f40a13c65e029f0b71dd886995a44fe60d8950e4a3ac3c72ef2
c64afcfa2be1d10a4375990cf4d192e4d374d4eeaad621e4721c2641d2f3e12e
c717edbb6797d62c510d3a32e440227ec6dd4670bb96357109127b0ae6c15a90
ce32707c0d679b8ed56b5dc8c498e1b1667e5b1905b8aeff42151e3f6667d73d
df2b07cd437457754a5c25161c293a2786b7cb8469f1ceb7cc9c9610f9138ed5