www.auspost.consignmentattempts.com Open in urlscan Pro
38.242.147.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.auspost.consignmentattempts.com/
Effective URL:
https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB...
Submission: On January 25 via automatic, source certstream-suspicious (January 25th 2023, 4:24:09 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 38.242.147.252, located in Diyarbakır, Turkey and belongs to CONTABO, DE. The main domain is www.auspost.consignmentattempts.com.
TLS certificate: Issued by R3 on January 25th 2023. Valid for: 3 months.

This is the only time www.auspost.consignmentattempts.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australia Post (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 13	38.242.147.252 38.242.147.252		51167 (CONTABO) (CONTABO)
12	2

13 38.242.147.252 (Diyarbakır, Turkey) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi1166781.contaboserver.net

www.auspost.consignmentattempts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	consignmentattempts.com 1 redirects www.auspost.consignmentattempts.com	615 KB
12	1

	Domain	Requested by
13	www.auspost.consignmentattempts.com	1 redirects www.auspost.consignmentattempts.com
12	1

This site contains no links.

Subject Issuer	Validity	Valid
www.auspost.consignmentattempts.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd
Frame ID: 98B2EABE28E412AA4D2269DE53FADD3B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track your items - Australia Post

Page URL History Show full URLs

https://www.auspost.consignmentattempts.com/ HTTP 302
https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8Sa... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

614 kB
Transfer

611 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.auspost.consignmentattempts.com/ HTTP 302
https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request myPostalCode Show response www.auspost.consignmentattempts.com/ Redirect Chain https://www.auspost.consignmentattempts.com/ https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxlje...	65 KB 66 KB	29ms 28ms	Document text/html	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `f0ef724f3ed97b94d6739709c874ee94bbb5316f902f8fc7287e905f5f072532` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 25 Jan 2023 04:24:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Wed, 25 Jan 2023 04:24:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache location myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd
GET H/1.1	200 OK	styles.min.css www.auspost.consignmentattempts.com/aupos_assetz/css/	258 KB 258 KB	72ms 26ms	Stylesheet text/css	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `1dad697d28aa0da0a34c60f5eeeced010a60d20b6627c63910e32d15adf1aff1` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 16:08:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 264341
GET H/1.1	200 OK	facebook-outline.svg www.auspost.consignmentattempts.com/aupos_assetz/img/	286 B 532 B	27ms 25ms	Image image/svg+xml	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/img/facebook-outline.svg Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `eed9e1439d0fa0a900ec19186c59865cdf385b47604fe27e71619c1093a5ee51` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 09:46:58 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 286
GET H/1.1	200 OK	twitter-outline.svg www.auspost.consignmentattempts.com/aupos_assetz/img/	704 B 950 B	81ms 24ms	Image image/svg+xml	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/img/twitter-outline.svg Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `763b9854a6b8828562cb6bbf601a19c4442c51dd3c1824c10c0f791f71a169c8` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 09:46:58 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 704
GET H/1.1	200 OK	linkedin-outline.svg www.auspost.consignmentattempts.com/aupos_assetz/img/	353 B 599 B	84ms 26ms	Image image/svg+xml	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/img/linkedin-outline.svg Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `7fad73c9f12de600630f45b1d84a45ee73b46c1d41e8b92bac7e4b0b042e3b3f` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 09:46:58 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 353
GET H/1.1	200 OK	support-outline.svg www.auspost.consignmentattempts.com/aupos_assetz/img/	1 KB 1 KB	82ms 25ms	Image image/svg+xml	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/img/support-outline.svg Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `b668d928704514e4f8d65cbfd495e078bf576335e8983e0b7d849f7d90b542f6` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 09:46:58 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1126
GET H/1.1	200 OK	ap-acknowledgement-logos.svg www.auspost.consignmentattempts.com/aupos_assetz/img/	41 KB 41 KB	82ms 26ms	Image image/svg+xml	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/img/ap-acknowledgement-logos.svg Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `f48b5b48b9da899bdb3ba28a622fe842fa6bc3779a5ad3088bf189cab0c1539b` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 09:46:58 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 41518
GET H/1.1	200 OK	jquery.js Show response www.auspost.consignmentattempts.com/aupos_assetz/js/	87 KB 88 KB	55ms 28ms	Script application/javascript	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/js/jquery.js Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Fri, 08 Jul 2022 09:54:40 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 89503
GET H/1.1	200 OK	misc.js Show response www.auspost.consignmentattempts.com/aupos_assetz/js/	16 KB 16 KB	26ms 25ms	Script application/javascript	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/js/misc.js Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `475575a56670c4ab3f05ca4b001674bbea9e6cbacaf9e0c0f2527a1aacdb9731` Request headers accept-language de-DE,de;q=0.9 Referer https://www.auspost.consignmentattempts.com/myPostalCode?sslchannel=true&sessionid=425JnzCZOet0AEyxvRf3IAU53rQTGoz9Cb8SaK9hEnPSJlLchvnRUxZxB4QFiSgcpWg8VyjC3BoHdM844P4z5QNTpcbBDLZwF7p59ySt1YCngqxljeuFeZHNVlvuL9AlOd User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Fri, 08 Jul 2022 14:13:58 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 15900
GET DATA	200 OK	truncated /	373 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `dd1e4a4b06cd742176e6a824da29a5a8fd9f9fa39b58abcb2cd646b777cbb627` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	APTypeProText-Regular.woff2 www.auspost.consignmentattempts.com/aupos_assetz/fonts/	49 KB 49 KB	27ms 27ms	Font font/woff2	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/fonts/APTypeProText-Regular.woff2 Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `362e7038da1d1ab321763dec9c75a702b1b3d8ef1f8b3d5870546b8abccde090` Request headers Referer https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Origin https://www.auspost.consignmentattempts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 10:14:18 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 50292
GET H/1.1	200 OK	APTypeProDisplay-Medium.woff2 www.auspost.consignmentattempts.com/aupos_assetz/fonts/	43 KB 43 KB	26ms 26ms	Font font/woff2	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/fonts/APTypeProDisplay-Medium.woff2 Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `006d08fc5f5fb333ff490338d5a7f50cd8e7b4b4493f7a1735526266efdb9456` Request headers Referer https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Origin https://www.auspost.consignmentattempts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 10:14:12 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 44240
GET H/1.1	200 OK	APTypeProText-Medium.woff2 www.auspost.consignmentattempts.com/aupos_assetz/fonts/	49 KB 50 KB	25ms 25ms	Font font/woff2	38.242.147.252 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.auspost.consignmentattempts.com/aupos_assetz/fonts/APTypeProText-Medium.woff2 Requested by Host: www.auspost.consignmentattempts.com URL: https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.242.147.252 Diyarbakır, Turkey, ASN51167 (CONTABO, DE), Reverse DNS vmi1166781.contaboserver.net Software Apache / Resource Hash `4b5856b0bc3680a4e7edb42bf80944ca309a2fd82259f00e887dc005d215a66f` Request headers Referer https://www.auspost.consignmentattempts.com/aupos_assetz/css/styles.min.css Origin https://www.auspost.consignmentattempts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Wed, 25 Jan 2023 04:24:04 GMT Last-Modified Thu, 08 Sep 2022 10:14:22 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 50472

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australia Post (Transportation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| $jscomp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.auspost.consignmentattempts.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ce4bea8b68773e26b00cd97e1dd5a390

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.auspost.consignmentattempts.com
38.242.147.252
006d08fc5f5fb333ff490338d5a7f50cd8e7b4b4493f7a1735526266efdb9456
1dad697d28aa0da0a34c60f5eeeced010a60d20b6627c63910e32d15adf1aff1
362e7038da1d1ab321763dec9c75a702b1b3d8ef1f8b3d5870546b8abccde090
475575a56670c4ab3f05ca4b001674bbea9e6cbacaf9e0c0f2527a1aacdb9731
4b5856b0bc3680a4e7edb42bf80944ca309a2fd82259f00e887dc005d215a66f
763b9854a6b8828562cb6bbf601a19c4442c51dd3c1824c10c0f791f71a169c8
7fad73c9f12de600630f45b1d84a45ee73b46c1d41e8b92bac7e4b0b042e3b3f
b668d928704514e4f8d65cbfd495e078bf576335e8983e0b7d849f7d90b542f6
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
dd1e4a4b06cd742176e6a824da29a5a8fd9f9fa39b58abcb2cd646b777cbb627
eed9e1439d0fa0a900ec19186c59865cdf385b47604fe27e71619c1093a5ee51
f0ef724f3ed97b94d6739709c874ee94bbb5316f902f8fc7287e905f5f072532
f48b5b48b9da899bdb3ba28a622fe842fa6bc3779a5ad3088bf189cab0c1539b

www.auspost.consignmentattempts.com Open in urlscan Pro 38.242.147.252 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

614 kBTransfer

611 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

www.auspost.consignmentattempts.com Open in urlscan Pro
38.242.147.252 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

614 kB
Transfer

611 kB
Size

1
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!