auspost.tlzcsc.com Open in urlscan Pro
155.94.178.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auspost.tlzcsc.com/
Submission: On October 03 via automatic, source certstream-suspicious (October 3rd 2022, 3:18:28 pm UTC) — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 155.94.178.65, located in Houston, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is auspost.tlzcsc.com.
TLS certificate: Issued by R3 on October 3rd 2022. Valid for: 3 months.

This is the only time auspost.tlzcsc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australia Post (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
20	155.94.178.65 155.94.178.65		8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
20	1

20 155.94.178.65 (Houston, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: unassigned.quadranet.com

auspost.tlzcsc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tlzcsc.com auspost.tlzcsc.com	466 KB
20	1

	Domain	Requested by
20	auspost.tlzcsc.com	auspost.tlzcsc.com
20	1

This site contains no links.

Subject Issuer	Validity	Valid
auspost.tlzcsc.com R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auspost.tlzcsc.com/
Frame ID: 66FA94D71977A012E35C53B7A734682F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parts Tracking | post

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

466 kB
Transfer

1316 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response auspost.tlzcsc.com/	145 KB 29 KB	868ms 358ms	Document text/html	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `6b70f4c2daa6032a37e68975511a946bbad6bbbe74a8de75c7eef4787bb64d52` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private content-encoding gzip content-length 29234 content-type text/html date Mon, 03 Oct 2022 15:18:22 GMT server Microsoft-IIS/10.0 vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	layui.all.js Show response auspost.tlzcsc.com/static/js/	272 KB 115 KB	359ms 356ms	Script application/javascript	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/js/layui.all.js Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `251a9e596ef2859fb0e92e13b4c619e95a131a93b55e48974552d312c75d9514` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:45 GMT server Microsoft-IIS/10.0 etag "2b4c58733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	laydate.css auspost.tlzcsc.com/static/css/	7 KB 2 KB	181ms 179ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/laydate.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `26437b94d0f04ca9799425e7db20bb14e17cc9f777fa64b92ad05f87e2fddc21` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "7dda23733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2212
GET H2	200	layer.css auspost.tlzcsc.com/static/css/	14 KB 4 KB	182ms 180ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/layer.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `fdae5152c54f115a2a3340bf81a30d070e861ce744746372b4c1b02ae6ef8e74` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "7dda23733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3841
GET H2	200	code.css auspost.tlzcsc.com/static/css/	1 KB 650 B	182ms 181ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/code.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `cd4c4518e0684d548e90cf3ee37f04b9ab0b08d04569a8dfd8d97ff1e257d9e8` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "4b161f733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 592
GET H2	200	layui.css auspost.tlzcsc.com/static/css/	73 KB 18 KB	184ms 183ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/layui.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `32d29127905513d8932b6c3aa07be3addaed72ae4ca15d6f5f8cf5cce88c2641` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "7dda23733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 18676
GET H2	200	bundle.3c2de8e2291c5000dfa1bd18a61ea226.css auspost.tlzcsc.com/static/css/	521 KB 112 KB	532ms 530ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `1f79bce582d91d6f815957f6305dbdd6376044ef2c29df1a47c89347aa600a01` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "4b161f733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	bundle-utapi.3c2de8e2291c5000dfa1bd18a61ea226.css auspost.tlzcsc.com/static/css/	11 KB 3 KB	182ms 181ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/bundle-utapi.3c2de8e2291c5000dfa1bd18a61ea226.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c82061fa08f15801e85a6a3760e7e04809942ca0157afd08df6c136ebc1bd804` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "d1b31c733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2826
GET H2	200	translateelement.css auspost.tlzcsc.com/static/css/	18 KB 5 KB	185ms 183ms	Stylesheet text/css	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/css/translateelement.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `da3f9cd4452f9a77007a7b16a9a8bb4d80ec128caf2d90cc3fc6de81c3081d4e` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:22 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "7dda23733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4723
GET H2	200	logo2.png auspost.tlzcsc.com/static/picture/	34 KB 34 KB	179ms 179ms	Image image/png	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://auspost.tlzcsc.com/static/picture/logo2.png Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `1845cfc43a11017dd19133ea1cb48011365d1696b0616b2db10ac8d9d581a306` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT last-modified Mon, 03 Oct 2022 15:11:45 GMT server Microsoft-IIS/10.0 etag "2b4c58733ad7d81:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 35007
GET H2	200	jquery.min.js Show response auspost.tlzcsc.com/static/js/	122 KB 47 KB	190ms 189ms	Script application/javascript	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/js/jquery.min.js Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `239f398c5349778c9db13f61a605704e379ad7965686c3a0cd97839a79f5d25b` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT content-encoding gzip last-modified Mon, 03 Oct 2022 15:11:45 GMT server Microsoft-IIS/10.0 etag "2b4c58733ad7d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 47980
GET H2	200	translate_24dp.png auspost.tlzcsc.com/static/picture/	846 B 886 B	180ms 179ms	Image image/png	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://auspost.tlzcsc.com/static/picture/translate_24dp.png Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT last-modified Mon, 03 Oct 2022 15:11:45 GMT server Microsoft-IIS/10.0 etag "2b4c58733ad7d81:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 846
GET H2	404	laydate.css auspost.tlzcsc.com/static/js/css/modules/laydate/default/	0 0	178ms 178ms	Stylesheet text/html	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/js/css/modules/laydate/default/laydate.css?v=5.0.9 Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/js/layui.all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 1163 content-type text/html
GET H2	404	layer.css auspost.tlzcsc.com/static/js/css/modules/layer/default/	0 0	176ms 175ms	Stylesheet text/html	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/js/css/modules/layer/default/layer.css?v=3.1.1 Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/js/layui.all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 1163 content-type text/html
GET H2	404	code.css auspost.tlzcsc.com/static/js/css/modules/	0 0	179ms 178ms	Stylesheet text/html	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/js/css/modules/code.css Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/js/layui.all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 1163 content-type text/html
GET H2	200	default-5a6dd86f272b304a8b83f7df61f11c2f.woff auspost.tlzcsc.com/static/fonts/	40 KB 40 KB	178ms 177ms	Font font/x-woff	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4` Request headers Referer https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Origin https://auspost.tlzcsc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "21b03b733ad7d81:0" x-powered-by ASP.NET content-type font/x-woff accept-ranges bytes content-length 41352
GET H2	200	iconfont-2817b89766135c02472db274c79655de.woff auspost.tlzcsc.com/static/fonts/	9 KB 9 KB	179ms 178ms	Font font/x-woff	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/fonts/iconfont-2817b89766135c02472db274c79655de.woff Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e2429015bf4b995fe06db415efe71c1c345b8a536f605e5708342e8bba8c564f` Request headers Referer https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Origin https://auspost.tlzcsc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "6c133e733ad7d81:0" x-powered-by ASP.NET content-type font/x-woff accept-ranges bytes content-length 9424
GET H2	200	default-3e828e80f6e985c352eba4474518978d.woff auspost.tlzcsc.com/static/fonts/	43 KB 43 KB	177ms 176ms	Font font/x-woff	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/static/fonts/default-3e828e80f6e985c352eba4474518978d.woff Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5` Request headers Referer https://auspost.tlzcsc.com/static/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css Origin https://auspost.tlzcsc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT last-modified Mon, 03 Oct 2022 15:11:44 GMT server Microsoft-IIS/10.0 etag "764f39733ad7d81:0" x-powered-by ASP.NET content-type font/x-woff accept-ranges bytes content-length 44260
GET H2	200	translate_24dp.png auspost.tlzcsc.com/static/images/	2 KB 2 KB	176ms 176ms	Image image/png	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://auspost.tlzcsc.com/static/images/translate_24dp.png Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/css/translateelement.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82` Request headers accept-language de-DE,de;q=0.9 Referer https://auspost.tlzcsc.com/static/css/translateelement.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT last-modified Mon, 03 Oct 2022 15:11:45 GMT server Microsoft-IIS/10.0 etag "20ec55733ad7d81:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 1842
GET H2	404	userStatus Show response auspost.tlzcsc.com/	1 KB 1 KB	176ms 176ms	XHR text/html	155.94.178.65 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://auspost.tlzcsc.com/userStatus?uid=eb7cd1460cb1917853b9141bcc067997&status=10 Requested by Host: auspost.tlzcsc.com URL: https://auspost.tlzcsc.com/static/js/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 155.94.178.65 Houston, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://auspost.tlzcsc.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 15:18:23 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 1163 content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australia Post (Transportation)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auspost.tlzcsc.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSUBCBTTR Value: CNHFIOHBFGAIGPOGOALIJFMB

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auspost.tlzcsc.com/static/js/css/modules/laydate/default/laydate.css?v=5.0.9 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://auspost.tlzcsc.com/static/js/css/modules/layer/default/layer.css?v=3.1.1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://auspost.tlzcsc.com/static/js/css/modules/code.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://auspost.tlzcsc.com/userStatus?uid=eb7cd1460cb1917853b9141bcc067997&status=10 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auspost.tlzcsc.com
155.94.178.65
1845cfc43a11017dd19133ea1cb48011365d1696b0616b2db10ac8d9d581a306
1f79bce582d91d6f815957f6305dbdd6376044ef2c29df1a47c89347aa600a01
239f398c5349778c9db13f61a605704e379ad7965686c3a0cd97839a79f5d25b
251a9e596ef2859fb0e92e13b4c619e95a131a93b55e48974552d312c75d9514
26437b94d0f04ca9799425e7db20bb14e17cc9f777fa64b92ad05f87e2fddc21
32d29127905513d8932b6c3aa07be3addaed72ae4ca15d6f5f8cf5cce88c2641
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
6b70f4c2daa6032a37e68975511a946bbad6bbbe74a8de75c7eef4787bb64d52
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
c82061fa08f15801e85a6a3760e7e04809942ca0157afd08df6c136ebc1bd804
cd4c4518e0684d548e90cf3ee37f04b9ab0b08d04569a8dfd8d97ff1e257d9e8
da3f9cd4452f9a77007a7b16a9a8bb4d80ec128caf2d90cc3fc6de81c3081d4e
e2429015bf4b995fe06db415efe71c1c345b8a536f605e5708342e8bba8c564f
fdae5152c54f115a2a3340bf81a30d070e861ce744746372b4c1b02ae6ef8e74

auspost.tlzcsc.com Open in urlscan Pro 155.94.178.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

466 kBTransfer

1316 kBSize

1 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

auspost.tlzcsc.com Open in urlscan Pro
155.94.178.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

466 kB
Transfer

1316 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!