luxembourg-posts.com
Open in
urlscan Pro
213.226.123.202
Malicious Activity!
Public Scan
Effective URL: https://luxembourg-posts.com/app/
Submission: On May 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on April 29th 2023. Valid for: 3 months.
This is the only time luxembourg-posts.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Post Luxembourg (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 17 | 213.226.123.202 213.226.123.202 | 49943 (ITRESHENI...) (ITRESHENIYA-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700:303... 2606:4700:3032::6815:3fb8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80d::2003 | 15169 (GOOGLE) (GOOGLE) | |
19 | 5 |
ASN49943 (ITRESHENIYA-AS, RU)
luxembourg-posts.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
luxembourg-posts.com
2 redirects
luxembourg-posts.com |
84 KB |
1 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
1 KB |
1 |
rawgit.com
rawgit.com — Cisco Umbrella Rank: 13558 |
39 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 997 |
82 KB |
19 | 5 |
Domain | Requested by | |
---|---|---|
17 | luxembourg-posts.com |
2 redirects
luxembourg-posts.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
luxembourg-posts.com
|
1 | rawgit.com |
luxembourg-posts.com
|
1 | code.jquery.com |
luxembourg-posts.com
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
luxembourg-posts.com R3 |
2023-04-29 - 2023-07-28 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://luxembourg-posts.com/app/
Frame ID: 3D5FF6EA466B0B7104AE097C35F8C11B
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Track and Trace: Le suivi des envois, colis et recommandés - POSTPage URL History Show full URLs
-
http://luxembourg-posts.com/
HTTP 301
https://luxembourg-posts.com/ HTTP 302
https://luxembourg-posts.com/app/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://luxembourg-posts.com/
HTTP 301
https://luxembourg-posts.com/ HTTP 302
https://luxembourg-posts.com/app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
luxembourg-posts.com/app/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
luxembourg-posts.com/app/assets/ |
152 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.css
luxembourg-posts.com/app/assets/ |
41 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
luxembourg-posts.com/app/assets/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.0.js
code.jquery.com/ |
276 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.inputmask.bundle.js
rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/ |
214 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.php
luxembourg-posts.com/app/pages/ |
25 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
luxembourg-posts.com/app/assets/ |
9 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-right2.png
luxembourg-posts.com/app/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-left.png
luxembourg-posts.com/app/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-right-fr.png
luxembourg-posts.com/app/assets/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu-fr.png
luxembourg-posts.com/app/assets/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu2-fr.png
luxembourg-posts.com/app/assets/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.png
luxembourg-posts.com/app/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.png
luxembourg-posts.com/app/assets/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.png
luxembourg-posts.com/app/assets/ |
520 B 689 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social.png
luxembourg-posts.com/app/assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Post Luxembourg (Transportation)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| Inputmask function| lfl function| load function| value function| luhn function| expa function| showError function| sendrez function| submit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
luxembourg-posts.com/ | Name: PHPSESSID Value: 98lim3njc38vd3lcidu4qn86f1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
luxembourg-posts.com
rawgit.com
2001:4de0:ac18::1:a:2b
213.226.123.202
2606:4700:3032::6815:3fb8
2607:f8b0:4006:80d::2003
2607:f8b0:4006:820::200a
05e8d6217f7aca94f9103878d00babcabe9b80ed41da3c12bfacd523e7f47a00
062e8564f0a209476a422013387abb9d9e9bbe30ef6be794c3e7d3f578c65544
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
2107d44014ba304f0b80e936aba787731b212f31e75f381d52f27294f46bae46
24bf235815d8ea2bd70379376f0ee8ea741f6a982613804a7079b5b0eaebed4b
2c49aa544508cd5eca2ef346170969ce263c8267a0e6b11f1732cefe798392c6
2f645c9aa54b6fe67b546a551ad54071cc9c76628c9f671c10122aefdc7d01d4
4c52f9c5c4aba09539f3de37c1792044492aad54ec398ce5ee830d5616649fc4
59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc
5cbeb9095648444ae26ad665785931d937a10bc83b78f2cf51eaefea0dc0ec21
757cbdcfd00f462a797b05e4245c4926a5ecdda35942dea982ecf39c4ed118b0
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
9b7f3cb875cb8e374b4449e7cc3442dfcd8098f93a675a00cc39cfa7b42538ef
a42ea12986628fa51cb1a5e0a5af4187b5844434d89d6750be56ecb78d926377
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b9dcf33df232cf97cde098caa34e3982c560eea9db35973ce49a301e2803dd21
ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c
d8438feb7fb87f27e3f7356aa480223779610764372e434b99e67a8b0976bd5b
f06e291ae25c202c258edafd460dd31afa4fbec721ce27d39f047fa33e438b22