e-transport-cfscolisfr.prohoster.biz
Open in
urlscan Pro
185.212.130.10
Malicious Activity!
Public Scan
Effective URL: https://e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/
Submission: On September 29 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 29th 2021. Valid for: 3 months.
This is the only time e-transport-cfscolisfr.prohoster.biz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chronopost (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.111.231.72 104.111.231.72 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
5 | 18.66.112.114 18.66.112.114 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 142.250.186.106 142.250.186.106 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.16.138 172.217.16.138 | 15169 (GOOGLE) (GOOGLE) | |
8 | 185.212.130.10 185.212.130.10 | 200313 (INTERNET-IT) (INTERNET-IT) | |
3 | 104.21.92.200 104.21.92.200 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.16.18.94 104.16.18.94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 52.218.196.232 52.218.196.232 | 16509 (AMAZON-02) (AMAZON-02) | |
24 | 9 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-231-72.deploy.static.akamaitechnologies.com
esdf-fd4x.mystrikingly.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
ajax.googleapis.com |
ASN200313 (INTERNET-IT, SC)
PTR: host.prohoster.info
e-transport-cfscolisfr.prohoster.biz |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
prohoster.biz
e-transport-cfscolisfr.prohoster.biz |
57 KB |
5 |
strikinglycdn.com
static-assets.strikinglycdn.com |
112 KB |
3 |
fontawesome.com
kit-free.fontawesome.com |
166 KB |
3 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
64 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
34 KB |
1 |
amazonaws.com
s3-us-west-2.amazonaws.com |
173 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
25 KB |
1 |
mystrikingly.com
esdf-fd4x.mystrikingly.com |
26 KB |
24 | 8 |
Domain | Requested by | |
---|---|---|
8 | e-transport-cfscolisfr.prohoster.biz |
esdf-fd4x.mystrikingly.com
e-transport-cfscolisfr.prohoster.biz |
5 | static-assets.strikinglycdn.com |
esdf-fd4x.mystrikingly.com
|
3 | kit-free.fontawesome.com |
e-transport-cfscolisfr.prohoster.biz
kit-free.fontawesome.com |
2 | cdnjs.cloudflare.com |
e-transport-cfscolisfr.prohoster.biz
|
2 | ajax.googleapis.com |
esdf-fd4x.mystrikingly.com
e-transport-cfscolisfr.prohoster.biz |
1 | s3-us-west-2.amazonaws.com |
e-transport-cfscolisfr.prohoster.biz
|
1 | stackpath.bootstrapcdn.com |
e-transport-cfscolisfr.prohoster.biz
|
1 | fonts.googleapis.com |
esdf-fd4x.mystrikingly.com
|
1 | esdf-fd4x.mystrikingly.com | |
24 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mystrikingly.com DigiCert SHA2 Secure Server CA |
2021-07-29 - 2022-07-29 |
a year | crt.sh |
*.strikinglycdn.com Amazon |
2021-04-18 - 2022-05-17 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
e-transport-cfscolisfr.prohoster.biz R3 |
2021-09-29 - 2021-12-28 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-08 - 2022-07-07 |
a year | crt.sh |
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-06-23 - 2022-07-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/
Frame ID: F7A566C984EF8AA889C1D99C9D20B057
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://esdf-fd4x.mystrikingly.com/ Page URL
- https://e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://esdf-fd4x.mystrikingly.com/ Page URL
- https://e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
esdf-fd4x.mystrikingly.com/ |
93 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_reset-e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332.css
static-assets.strikinglycdn.com/ |
1 KB 984 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_v4.0810e193a8906ac4ee27.bundle.css
static-assets.strikinglycdn.com/themes/s5-theme/ |
766 KB 98 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js
static-assets.strikinglycdn.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.png
static-assets.strikinglycdn.com/images/fb_images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n-2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97.js
static-assets.strikinglycdn.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
kit-free.fontawesome.com/releases/latest/css/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chronopost_logo.png
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chronopost_tours_03712200_113425863.jpg
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/img/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chronopost_if.js
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.inputmask.bundle.js
s3-us-west-2.amazonaws.com/s.cdpn.io/3/ |
172 KB 173 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Capture.png
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpd-logo.png
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chronopost_logo_small.png
e-transport-cfscolisfr.prohoster.biz/AEFJNAF754DSQ74XsD54/BIbAZTGkMv4784/sourceApp/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-brands-400.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chronopost (Transportation)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| validateForm function| myFunction function| Inputmask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
e-transport-cfscolisfr.prohoster.biz
esdf-fd4x.mystrikingly.com
fonts.googleapis.com
kit-free.fontawesome.com
s3-us-west-2.amazonaws.com
stackpath.bootstrapcdn.com
static-assets.strikinglycdn.com
104.111.231.72
104.16.18.94
104.18.11.207
104.21.92.200
142.250.186.106
172.217.16.138
18.66.112.114
185.212.130.10
52.218.196.232
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1cbfd3959406f3f878e6f64133e4d7baece38558bbbcee1a11a0a2d8ee1b8352
1ea1fa226e6300d3e7c31e0f17077ab0feef48feb236b30de73f25c327b63524
2309a3b42db8684ed57dce9e29ed418477acb7740b979a15004f3e1f28b5e5ca
277b3d7509e18a5853b95de911547f1453ad45c201bee91ccdc814d8441ddf11
564c382bf9a1a695e725728d47006761ae582e9c7e77cfd034ad99ea68b5c3ef
5fe740bfc59bf39cd60a9360fad014f27cd0de473e0968c98799546040102171
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
95e9a87f1b065fd6bd85c4b6817d7621f91481f41dd24b53803f7bad1bfe4909
a1d4dc7ed12cbd39ab6e8d1f572312c75c1051047a0c5b40b78721c6f6f4f934
ad0e79376d3a17afcef8306e5025d805a9e252eb31d2c56fa510cfe5851e8d42
b5bd9e64eea624aa2343f918af01f093ec4f2df1ca74b77eb1e10eecd596b336
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
bc5fa15b90d078322fac07419dbce0372e156a38d69c6b3abc38bf29ad476b32
c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
e86dc20205eb267eb1803edb4281063d0db8db4dde3345771532819dae916332
f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda