atpostpone.xyz
Open in
urlscan Pro
104.21.7.98
Malicious Activity!
Public Scan
Effective URL: https://atpostpone.xyz/s/sendungssuche/
Submission Tags: @phish_report
Submission: On February 27 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on January 31st 2024. Valid for: 3 months.
This is the only time atpostpone.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Österreichische Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 41 | 104.21.7.98 104.21.7.98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
39 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
41 |
atpostpone.xyz
2 redirects
atpostpone.xyz |
1 MB |
39 | 1 |
Domain | Requested by | |
---|---|---|
41 | atpostpone.xyz |
2 redirects
atpostpone.xyz
|
39 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
boyisj.com |
services.post.at |
play.google.com |
apps.apple.com |
allespost.at |
www.facebook.com |
www.youtube.com |
www.linkedin.com |
www.instagram.com |
www.post.at |
onlineshop.post.at |
karriere.post.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
atpostpone.xyz E1 |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://atpostpone.xyz/s/sendungssuche/
Frame ID: 2CCF6DDAEE2BEA223C4D94015615D615
Requests: 37 HTTP requests in this frame
Frame:
https://atpostpone.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: B175FC1A744DE43A77E353502C094718
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Sendungsdetails - PostAGPage URL History Show full URLs
-
https://atpostpone.xyz/s/sendungssuche?gyn=oDergY7LSu
HTTP 302
https://atpostpone.xyz/s/sendungssuche/ Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
55 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 3 Monate testen
Search URL Search Domain Scan URL
Title: Zur dauerhaften Paketumleitung
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Versenden
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Empfangen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Lösungen & Services
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Filialen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Hilfe & Kontakt
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://atpostpone.xyz/s/sendungssuche?gyn=oDergY7LSu
HTTP 302
https://atpostpone.xyz/s/sendungssuche/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://atpostpone.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://atpostpone.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
atpostpone.xyz/s/sendungssuche/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-30ff46ec.js
atpostpone.xyz/s/sendungssuche/assets/ |
162 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f6170fbb84eeY.css
atpostpone.xyz/s/sendungssuche/assets/ |
952 B 745 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7ae7b7887w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d8802e657w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
28 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
atpostpone.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame B175 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
74ab3d487w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
112 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f88a4b907w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
103 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
09bf01f87w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
968 B 936 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edff40217w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
825cda147w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
121 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c27b69117w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
806 B 766 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ba2618c684eeY.css
atpostpone.xyz/s/sendungssuche/assets/ |
473 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
85bf8d4f1c6ebe3d
atpostpone.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B175 |
0 495 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
U2FsdGVkX1%7C7JTRKfGgx9KlCa9h1e9z4a00MZult
atpostpone.xyz/api/ |
540 B 932 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
atpostpone.xyz/socket.io/ |
118 B 407 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
U2FsdGVkX1%7C%7C7dtOySC%2BFzjo1mDnWtfD2oOOW11IW5Jz
atpostpone.xyz/api/ |
600 B 773 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
atpostpone.xyz/socket.io/ |
2 B 285 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
atpostpone.xyz/socket.io/ |
32 B 303 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
839f12b37w8rt.js
atpostpone.xyz/s/sendungssuche/assets/ |
98 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e9841a7784eeY.css
atpostpone.xyz/s/sendungssuche/assets/ |
389 B 536 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
atpostpone.xyz/socket.io/ |
137 B 414 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
atpostpone.xyz/socket.io/ |
2 B 275 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
atpostpone.xyz/socket.io/ |
98 B 460 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
19.png
atpostpone.xyz/s/sendungssuche/home/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20.jpg
atpostpone.xyz/s/sendungssuche/home/images/ |
451 KB 452 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21.png
atpostpone.xyz/s/sendungssuche/home/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
22.png
atpostpone.xyz/s/sendungssuche/home/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23.jpg
atpostpone.xyz/s/sendungssuche/home/images/ |
142 KB 143 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.svg
atpostpone.xyz/home/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14.svg
atpostpone.xyz/home/images/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15.svg
atpostpone.xyz/home/images/ |
1 KB 708 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16.svg
atpostpone.xyz/home/images/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17.svg
atpostpone.xyz/home/images/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e1a6432e84eeY.woff2
atpostpone.xyz/s/sendungssuche/assets/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e7b1eff684eeY.woff2
atpostpone.xyz/s/sendungssuche/assets/ |
124 KB 124 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
atpostpone.xyz/socket.io/ |
1 B 280 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
atpostpone.xyz/socket.io/ |
2 B 281 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
U2FsdGVkX19sLLKmjkR5Wfhpe4Qei%7CBTyd4y3HqF
atpostpone.xyz/api/ |
28 B 353 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Österreichische Post (Transportation)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| IMask boolean| __vite_is_modern_browser boolean| __VUE__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.atpostpone.xyz/ | Name: cf_clearance Value: Uq0z8NuJWMMtiaxzsYf2_47Cu7PKrYcvjVBC6BeQEKI-1709027725-1.0-AWXvcyQw5PCFX9a7WzdVc0i1UlAKLf1DSnhcjvfaMhhmDNpDSExlh8Unb6sVvorrAu+DluUVrczJzye0KQX0jHU= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
atpostpone.xyz
104.21.7.98
032dc5bfa56b44c946b2c85427784bfa7142591036cbe9e359cfb0a0f4f80e86
088fe2ac8b3e1e381e061d5a3b61fb9548f9618473431b0d1d76da1a2fdd3698
0d466ac9a719e66805302181531d33372ee05959dcc7d481ac5b524cd46e3373
100a0c5b2710ad579a42328aeef9b7c365f5a85d1e27e117497323e0f1fb6639
16a213d5f9746edcc662acbed251ae4bb4028006085a31b61ce78e2878334bc8
16f550a2c5bc91d1a488182508f99acfe8b5917284ef3c6f24b1a12b20581b90
1c38c28b7b9d04eefe9b69f0cab333ffa6415abcca093aed76297f3db41705c3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
53407e46176a742aec4f8ff48a9983e2ffbcac731780687b15dda0af516febef
558466746df102b83f50b4b9d32709b25745ee0b643ff71d8a95e84ef0354ee2
5933c78dd6739952f6549e39933c89abec97005bae01555a15161ca2e2dea17c
5a15aa306ac95961dfb9c53d972dd574fc61158c097a78dec83791caa9d3cbff
6da846d362a666494b325633b404c05eca9314c6f1b5e038a546786beaebff1e
72b97116a484fba20a5027f98fcf01e21a5cc0f9dae32aa4df84541bc750c34c
757e9e3dc3aefb3da8541ac12a6f953c2fe548b0dce873ac1f253d1266a6e5e0
87acb1245bbb37740c0508ee9910c0dd337e560ba1c08be72195ed012b5281b2
882051cb949cdd59c513bef81752e0e8920b592c6655b5ca97e342e4b2a5ef78
a6727d3dab07a2782c9f326992a8c50c463d79119cbc3a6824527e85c77568e1
aa9f4c0455ba30e0460c205988c8148f0fcea11359f9e059c80fcdab2952c150
ae6867084975ed3be5b5ddafd1ef9cf9df3fbfec8bd965c42ae3e128f7224591
b3e3296085dfc48268bd898e2ef395dcfabd42b3a59423a83f3ce63fa2a1c9aa
b8d3e81845b14f15e587717079cad267a6adfbabb932d125c508d5e0c949f6a3
ba2618c6ab95b7bf4ed25b5091ec677a217eadbcb3c57ec9628ab5d1f677c928
ba8a017075b121d5b061609cc8cbddd0608f4ec6fce38f22ea9efca1715d26b9
c1575a7f7701f539e2680e563f5141f12e1960f7a4e00048f870f4af9d360770
ca936f67aebc67e753452e743cacf8cf33fcce652224786b5f05d4baf3c9669f
cfd72f4ec08abbb7af89e46b59be9eac5ff65d32b262dcf7ad0b7859a69c7093
dc9fec4e49d1f074c8088b4dcd8e0f23fa81ccf548872db69322326bd8b2089d
e1a6432e8aff5d2e64ebbcb411139e62ac9225ac7ea6a4cc904965c8ab83a4ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fc33f897b58e0769f32c3b18d7a2602135b2b5a32679282592732ab9775bd5
e7ab314724de3e3bc451912f29c0ea5e59b2f312e764e47173e5726bf3b8e78e
e7b1eff6398c76b780705007320bec67fac87df1991dcd85d2ecdf560db11de5
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e9841a77f4566e799dbcc67059041cd351a5cdb626be21b2db57b8c0ad660021
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911
fb436f81df8f87b3c9b4a145064b962f5e0b0ad9a8f2472e57ba27371f6ab4e0