candsa.top
Open in
urlscan Pro
43.249.9.216
Malicious Activity!
Public Scan
Effective URL: https://candsa.top/
Submission: On April 19 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.
This is the only time candsa.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australia Post (Transportation)Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-12-168.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-11.fra60.r.cloudfront.net
dd.auspost.com.au |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-116.fra56.r.cloudfront.net
cdn.branch.io |
ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-218-223.eu-west-1.compute.amazonaws.com
auspost.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
ssl.o.auspost.com.au |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-63-100.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-37-77.eu-central-1.compute.amazonaws.com
api-js.datadome.co |
ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-60.fra56.r.cloudfront.net
auspost.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
candsa.top
candsa.top |
71 KB |
5 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 427 |
198 KB |
4 |
inq.com
media-aus.inq.com — Cisco Umbrella Rank: 294219 auspost.inq.com |
323 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 233 auspost.demdex.net — Cisco Umbrella Rank: 450109 |
2 KB |
4 |
auspost.com.au
dd.auspost.com.au — Cisco Umbrella Rank: 462833 auspost.com.au — Cisco Umbrella Rank: 154793 Failed ssl.o.auspost.com.au — Cisco Umbrella Rank: 401856 |
43 KB |
3 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 709 |
40 KB |
3 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 940 |
42 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
150 KB |
1 |
datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 4941 |
227 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1310 |
517 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36 |
61 B |
1 |
branch.io
cdn.branch.io — Cisco Umbrella Rank: 947 |
23 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 123 |
18 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 594 |
12 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242 |
688 B |
0 |
googleapis.com
Failed
translate.googleapis.com Failed |
|
60 | 16 |
Domain | Requested by | |
---|---|---|
22 | candsa.top |
candsa.top
|
5 | assets.adobedtm.com |
candsa.top
assets.adobedtm.com |
3 | media-aus.inq.com |
candsa.top
|
3 | dpm.demdex.net |
1 redirects
candsa.top
|
3 | analytics.tiktok.com |
candsa.top
|
3 | s.pinimg.com |
candsa.top
s.pinimg.com |
2 | ssl.o.auspost.com.au |
assets.adobedtm.com
candsa.top |
2 | www.googletagmanager.com |
candsa.top
assets.adobedtm.com |
1 | api-js.datadome.co |
dd.auspost.com.au
|
1 | cm.everesttech.net | 1 redirects |
1 | auspost.demdex.net |
assets.adobedtm.com
|
1 | auspost.com.au |
candsa.top
|
1 | auspost.inq.com |
candsa.top
|
1 | googleads.g.doubleclick.net |
candsa.top
|
1 | cdn.branch.io |
candsa.top
|
1 | dd.auspost.com.au |
candsa.top
|
1 | www.googleadservices.com |
candsa.top
|
1 | js-agent.newrelic.com |
candsa.top
|
1 | bam.nr-data.net |
candsa.top
|
0 | translate.googleapis.com Failed |
candsa.top
|
60 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
auspost.com.au |
eparcel.auspost.com.au |
auspostbusiness.force.com |
auspost.app.link |
shop.auspost.com.au |
www.digitalid.com |
paypaperbills.postbillpay.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.candsa.top R3 |
2024-02-05 - 2024-05-05 |
3 months | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-21 - 2025-04-22 |
a year | crt.sh |
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-07 - 2024-08-07 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
dd.auspost.com.au R3 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
*.branch.io Amazon RSA 2048 M01 |
2023-09-11 - 2024-10-09 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-14 - 2024-10-11 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
ssl.o.auspost.com.au DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-27 - 2025-04-27 |
a year | crt.sh |
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3 |
2023-10-10 - 2024-11-09 |
a year | crt.sh |
auspost.com.au Entrust Certification Authority - L1M |
2023-08-17 - 2024-09-16 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://candsa.top/
Frame ID: 7602EC966440ECA645538F663EDB9272
Requests: 59 HTTP requests in this frame
Frame:
https://auspost.demdex.net/dest5.html?d_nsid=0
Frame ID: 08E744C83741FD6DFDA0D330529DFF10
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Track your items - Australia PostPage URL History Show full URLs
-
http://candsa.top/
HTTP 307
https://candsa.top/ Page URL
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtag/js
Page Statistics
100 Outgoing links
These are links going to different origins than the main page.
Title: We are still delivering but COVID-19 disruptions and extreme weather events may cause delays. Learn more
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Enterprise & Gov
Search URL Search Domain Scan URL
Title: About us
Search URL Search Domain Scan URL
Title: Log in
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Title: MyPost Business
Search URL Search Domain Scan URL
Title: Parcel Send
Search URL Search Domain Scan URL
Title: eParcel
Search URL Search Domain Scan URL
Title: Business Support Portal
Search URL Search Domain Scan URL
Title: Receiving
Search URL Search Domain Scan URL
Title: Download our mobile app
Search URL Search Domain Scan URL
Title: Track your item
Search URL Search Domain Scan URL
Title: Collection points
Search URL Search Domain Scan URL
Title: Manage deliveries in transit
Search URL Search Domain Scan URL
Title: Collecting missed deliveries
Search URL Search Domain Scan URL
Title: Delayed, lost or damaged items
Search URL Search Domain Scan URL
Title: Manage your mail
Search URL Search Domain Scan URL
Title: Mail and parcel delivery – street and roadside
Search URL Search Domain Scan URL
Title: Buy online
Search URL Search Domain Scan URL
Title: Express Post
Search URL Search Domain Scan URL
Title: Sending
Search URL Search Domain Scan URL
Title: Home & office
Search URL Search Domain Scan URL
Title: Sending
Search URL Search Domain Scan URL
Title: Print postage labels
Search URL Search Domain Scan URL
Title: Calculate postage
Search URL Search Domain Scan URL
Title: Delivery times & service updates
Search URL Search Domain Scan URL
Title: Send within Australia
Search URL Search Domain Scan URL
Title: Send overseas
Search URL Search Domain Scan URL
Title: Satchels & packaging
Search URL Search Domain Scan URL
Title: Check sending guidelines
Search URL Search Domain Scan URL
Title: Stamps
Search URL Search Domain Scan URL
Title: Return a parcel
Search URL Search Domain Scan URL
Title: Postage stamps
Search URL Search Domain Scan URL
Title: Satchels
Search URL Search Domain Scan URL
Title: Packaging
Search URL Search Domain Scan URL
Title: Money & insurance
Search URL Search Domain Scan URL
Title: Transfer money
Search URL Search Domain Scan URL
Title: Get insurance
Search URL Search Domain Scan URL
Title: Banking & payments
Search URL Search Domain Scan URL
Title: Organise travel money
Search URL Search Domain Scan URL
Title: Prepaid cards
Search URL Search Domain Scan URL
Title: Buy gift cards
Search URL Search Domain Scan URL
Title: Self-Managed Super Funds (SMSF)
Search URL Search Domain Scan URL
Title: Gift cards
Search URL Search Domain Scan URL
Title: Square Card Reader
Search URL Search Domain Scan URL
Title: ID & document services
Search URL Search Domain Scan URL
Title: Arrange passports & ID photos
Search URL Search Domain Scan URL
Title: Apply for a tax file number
Search URL Search Domain Scan URL
Title: Licence renewals & applications
Search URL Search Domain Scan URL
Title: Get a police check
Search URL Search Domain Scan URL
Title: Get an international police check
Search URL Search Domain Scan URL
Title: ID checks for property transfers
Search URL Search Domain Scan URL
Title: Get your Digital iDâ„¢
Search URL Search Domain Scan URL
Title: Get documents certified & witnessed
Search URL Search Domain Scan URL
Title: Apply for a Keypass ID
Search URL Search Domain Scan URL
Title: Apply for a MyPost Concession card
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: Aussie Coin Hunt
Search URL Search Domain Scan URL
Title: Collectables
Search URL Search Domain Scan URL
Title: Gifts
Search URL Search Domain Scan URL
Title: Electronics
Search URL Search Domain Scan URL
Title: Mobile phones
Search URL Search Domain Scan URL
Title: Catalogue
Search URL Search Domain Scan URL
Title: Australia Post Mobile
Search URL Search Domain Scan URL
Title: Clearance
Search URL Search Domain Scan URL
Title: Track your item
Search URL Search Domain Scan URL
Title: Find a postcode
Search URL Search Domain Scan URL
Title: Redirect or hold mail
Search URL Search Domain Scan URL
Title: Print shipping labels
Search URL Search Domain Scan URL
Title: Pay a bill
Search URL Search Domain Scan URL
Title: Convert currency
Search URL Search Domain Scan URL
Title: Find missing mail
Search URL Search Domain Scan URL
Title: Find locations & hours
Search URL Search Domain Scan URL
Title: Download our app
Search URL Search Domain Scan URL
Title: Use a 24/7 Parcel Locker
Search URL Search Domain Scan URL
Title: Collect your parcel from a Post Office
Search URL Search Domain Scan URL
Title: MyPost
Search URL Search Domain Scan URL
Title: Have your parcel left in a safe place
Search URL Search Domain Scan URL
Title: Redirect parcels in transit
Search URL Search Domain Scan URL
Title: Compensation for lost or damaged items
Search URL Search Domain Scan URL
Title: Returns policy
Search URL Search Domain Scan URL
Title: Redirect mail
Search URL Search Domain Scan URL
Title: Free 12-month mail redirection for special circumstances
Search URL Search Domain Scan URL
Title: Hold mail
Search URL Search Domain Scan URL
Title: Extend your service
Search URL Search Domain Scan URL
Title: Proving your identity
Search URL Search Domain Scan URL
Title: Change or cancel your mail redirection or hold
Search URL Search Domain Scan URL
Title: Mail Redirection and Mail Hold Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy notice
Search URL Search Domain Scan URL
Title: Post Office Box Rewards
Search URL Search Domain Scan URL
Title: Post Office Box Rewards Terms and Conditions
Search URL Search Domain Scan URL
Title: Post Office Box Rewards Privacy Notice
Search URL Search Domain Scan URL
Title: PO Boxes & Private Bags
Search URL Search Domain Scan URL
Title: Use a PO Box for parcel deliveries
Search URL Search Domain Scan URL
Title: Mail2Day notifications
Search URL Search Domain Scan URL
Title: Free PO Boxes for Sydney's homeless
Search URL Search Domain Scan URL
Title: Post Office Boxes, Locked Bags, PO Box Plus and Common Boxes Terms & Conditions
Search URL Search Domain Scan URL
Title: Manage junk mail
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://candsa.top/
HTTP 307
https://candsa.top/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011
- https://cm.everesttech.net/cm/dd?d_uuid=67133878820313017301421010678859860146 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
candsa.top/ Redirect Chain
|
807 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e7c9377759
bam.nr-data.net/1/ |
79 B 688 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-963.min.js
js-agent.newrelic.com/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.32155010.js
s.pinimg.com/ct/lib/ |
69 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
analytics.tiktok.com/i18n/pixel/ |
877 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
conversion_async.js
www.googleadservices.com/pagead/ |
49 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tags.js
dd.auspost.com.au/ |
149 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
219 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mypost-track-config.js
candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-relic-tracking.js
candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.js
candsa.top/website-header/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-es2015.js
candsa.top/ap-footer/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js
assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/ |
861 KB 165 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EX1f0da9d63d8945dd8a57a3766052c373-libraryCode_source.min.js
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/2563a30763ad/ |
42 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branch-latest.min.js
cdn.branch.io/ |
75 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.8a672496cc43bf1fc4fe.css
candsa.top/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCda9ed4324e68498bb892e8456f83522d-source.min.js
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/2563a30763ad/ |
1 KB 790 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964765464/ |
43 B 61 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ |
139 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
translateelement.css
translate.googleapis.com/translate_static/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
366 B 906 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EX771a893021694b81b688aed2e2d076bc-libraryCode_source.min.js
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/0b735a180ded/ |
44 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InqFramework.js
media-aus.inq.com/media/launch/ci/ |
0 210 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-acif.js
auspost.inq.com/tagserver/acif/ |
0 734 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif.js
media-aus.inq.com/media/launch/acif/ |
0 112 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif-configs.js
media-aus.inq.com/media/sites/10005961/assets/automatons/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
APTypeProText-Medium.woff2
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
APTypeProText-Regular.woff2
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
194 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
APTypeProDisplay-Medium.woff2
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6192ffb7.js
s.pinimg.com/ct/lib/ |
69 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC0509a741873c468faa4c6c20f0dc2e00-source.min.js
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/0b735a180ded/ |
1 KB 686 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
auspost.demdex.net/ Frame 08E7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
ssl.o.auspost.com.au/ |
48 B 456 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe
dpm.demdex.net/ Redirect Chain
|
42 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
80bdc2e9-8f94-4964-ac10-e4d90f3f083a
https://candsa.top/ |
597 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.datadome.co/js/ |
50 B 227 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s61087569255549
ssl.o.auspost.com.au/b/ss/auspost-dev/1/JS-2.22.4-LDQM/ |
43 B 202 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
APTypeProText-Regular.woff
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
APTypeProDisplay-Medium.woff
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
APTypeProText-Medium.woff
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Regular.a67ad29d67ff62360d33.woff2
candsa.top/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Regular.woff2
candsa.top/ap-footer/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Regular.woff2
candsa.top/website-header/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Regular.woff
candsa.top/ap-footer/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Regular.woff
candsa.top/website-header/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Regular.0d06f05cee62a982b327.woff
candsa.top/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProDisplay-Medium.3965cc1a217ef4946152.woff2
candsa.top/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProDisplay-Medium.woff2
candsa.top/website-header/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProDisplay-Medium.woff2
candsa.top/ap-footer/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProDisplay-Medium.e7119b9cddcfe7afabe5.woff
candsa.top/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProDisplay-Medium.woff
candsa.top/website-header/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProDisplay-Medium.woff
candsa.top/ap-footer/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Medium.47db950bddc880ba36a0.woff2
candsa.top/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Medium.woff2
candsa.top/website-header/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Medium.woff
candsa.top/website-header/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
APTypeProText-Medium.413a53b9b97bf12b7b51.woff
candsa.top/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
auspost.com.au/mypost/auspoststaticassets/assets/favicons/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- translate.googleapis.com
- URL
- https://translate.googleapis.com/translate_static/css/translateelement.css
- Domain
- auspost.com.au
- URL
- https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff2
- Domain
- auspost.com.au
- URL
- https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff2
- Domain
- auspost.com.au
- URL
- https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff2
- Domain
- auspost.com.au
- URL
- https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff
- Domain
- auspost.com.au
- URL
- https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff
- Domain
- auspost.com.au
- URL
- https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australia Post (Transportation)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| mpcTrackUI string| assetsDirName object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| branch object| gtagDataLayer function| mboxCreate function| mboxDefine function| mboxUpdate object| ttMETA boolean| google_noFurtherRedirects object| webpackJsonp.TiktTokAnalytics function| tz function| s_doPlugins function| s_getLoadTime function| AppMeasurement function| s_gi function| s_pgicq string| s_change_date string| s_code_location string| s_account object| s string| j_pageName number| s_loadT number| s_objectID number| s_giq object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager object| dataLayer function| gtag undefined| SIGNAL_TYPE boolean| dataDomeProcessed object| dataDomeOptions boolean| ddShouldSkipFingerPrintReq object| s_pagename_array string| s_site string| s_section string| s_subsection string| s_subsubsection object| s_i_auspost-dev16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
candsa.top/ | Name: sat_track Value: true |
|
.demdex.net/ | Name: demdex Value: 67133878820313017301421010678859860146 |
|
.tiktok.com/ | Name: _ttp Value: 2fIVFboON6GmPhWg93NI8mN9psX |
|
.candsa.top/ | Name: _gcl_au Value: 1.1.374687878.1713488475 |
|
.candsa.top/ | Name: AMCVS_0A2D38B352782F1E0A490D4C%40AdobeOrg Value: 1 |
|
.candsa.top/ | Name: prevUrl Value: https%3A%2F%2Fcandsa.top%2F |
|
.candsa.top/ | Name: s_ppn Value: auspost%3Ahome |
|
.candsa.top/ | Name: s_nr Value: 1713488475483 |
|
.candsa.top/ | Name: s_auth Value: false |
|
.candsa.top/ | Name: s_cc Value: true |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZiHCWwAAANMiCANe |
|
.dpm.demdex.net/ | Name: dpm Value: 67133878820313017301421010678859860146 |
|
.candsa.top/ | Name: AMCV_0A2D38B352782F1E0A490D4C%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19833%7CMCMID%7C67206938550738786581429466749116190290%7CMCAAMLH-1714093275%7C6%7CMCAAMB-1714093275%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713495675s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19840%7CvVersion%7C5.4.0 |
|
auspost.inq.com/ | Name: ApplicationGatewayAffinityCORS Value: 1a63f1968d43605e2bb51ff173d309ab |
|
media-aus.inq.com/ | Name: ApplicationGatewayAffinityCORS Value: 517fee00e5acfc8cd06a917e9a55ad5b |
50 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
api-js.datadome.co
assets.adobedtm.com
auspost.com.au
auspost.demdex.net
auspost.inq.com
bam.nr-data.net
candsa.top
cdn.branch.io
cm.everesttech.net
dd.auspost.com.au
dpm.demdex.net
googleads.g.doubleclick.net
js-agent.newrelic.com
media-aus.inq.com
s.pinimg.com
ssl.o.auspost.com.au
translate.googleapis.com
www.googleadservices.com
www.googletagmanager.com
auspost.com.au
translate.googleapis.com
108.138.26.116
142.250.186.66
162.247.241.14
18.197.37.77
18.245.86.11
20.53.179.33
216.58.206.34
2602:816:5001::39
2620:1ec:46::67
2a00:1450:4001:80b::2008
2a02:26f0:480:58f::1931
2a02:26f0:480:99e::1e80
3.161.82.60
43.249.9.216
52.214.218.223
52.49.110.165
63.140.62.17
92.123.12.168
99.81.63.100
042b279f9200c2aea94473d89f7cfebfac8871777fd94c80f560906ff1afba80
0fa4d81d930d6368d20f099dc19db2f096f3ec106c570acd12c2fec2f62cadb0
19281f270f466e15bbaf85a2b145cb2dcbaff75284e9ef3fc604d35a6a633362
2371e7c7bcac0fa23f127d0fcebb8419fe237eadb122998df2a23d3f38e6bcd8
3e7f9238a46b85be32b9d92930264052a7e3e1e5c1b1efd2b5f9d6e6a948517c
4ffebc1502a58f968a7739556374a44a8731a8bc1c133347fe97fc3b93b67a6b
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62e7cb03e8f65ceb4f43a5a56a3b9c3950158fae3fea85699e3f4c68672f4c2f
6978f91aef1a1a2101311ccfdc609ed840517b0127d4ce07e54b3f141781b28f
6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33
6b46e8134eeffca704802415ec3dca95d1dadf7bedb563c8ffd0b755650cf336
74debbeb2387d267d3f284c60fc0253dbad14ee6483d3ed6d74d3358a2dfe779
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7bda64a5578d7cd0d654c0e0b0b91f31f9ae94b2212ff9c2cb3871c8032192cd
9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96
a032232db96125b16eb9cc49de13757026be2322e23da78d4a878b006cbb522a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a647e2373d7835d9e17ad5cf52b3a736765c1a81b0269cec05c21a3aede60380
b4eb56f90de8ac48e46835b8809dd35aed0a46b569fd24b68f7a0cfda0fbf427
d46bfa0312bde6ad50eed9e84e7cc9d1deb5535a246d77dccdd72847f069d827
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
e2928f156a83dfb1aa01783399c49f2b6636c4ee6660ab9c240c998c01368e55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f082b496c0b7474ebb0395eb969bec8ed9c2b7bdf5b78d5f1459395ff25d9366
f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144
faebbb148388045da2972c6c84f013f0ece667dd3e7b00f01cd006880b1de73e