auspost.transaction-6231672.site Open in urlscan Pro
2606:4700:3030::ac43:b01c  Malicious Activity! Public Scan

26 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 9017258623620 Show response auspost.transaction-6231672.site/receive/	24 KB 8 KB	406ms 276ms	Document text/html	2606:4700:3030::ac43:b01c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b01c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ce429743dfc7dd60e4458e43e8d971f033932a8808bf17da3e8d63d76b9d59dd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 26 Jan 2022 08:31:43 GMT content-type text/html; charset=utf-8 x-powered-by Express access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJQcTGaqJdMNYQ03oMTvgCDAqnT3QzDc3ZpH71f6uEuZhsHDSZ8o7OUtZlkcZb6rqL8geVtiDh7Ls0kY8sSC%2B5%2Bp%2FSN49xjatkDmquZumBZFdnl9FGgd%2FsHOi3ls39jWlUYr60DHL%2BGS0b9Bij9wc6PUupAXd5nVziK5bHMFIA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d3862f88988599b-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	index.css auspost.transaction-6231672.site/auspost/	703 KB 91 KB	478ms 477ms	Stylesheet text/css	2606:4700:3030::ac43:b01c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auspost.transaction-6231672.site/auspost/index.css Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b01c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c628a4b2c5fbfb03a5fabf91a6cec5a50d35d8c4b6cd7ec38a495f9951edc7c8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/receive/9017258623620 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 10 Oct 2021 05:30:00 GMT server cloudflare etag W/"afcc6-17c68ade7c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guU%2BJityRaECYA8aYVhWchHg5CfIT%2F6sF1DeBAXbQ%2FHGy2M6BVbnPhnnZGcM1oyMZPnSrEgccEuuh9IeFUph4703FAB%2BdJhf2cIvp%2F8JXIQmPWv9ovK5Dk4mX8OnJi2EJ%2FPw1UWv2KL4jCl3392egJ%2FHJl2yet%2Bl7QiIMxB0LA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 6d3862fa5e80599b-MXP
GET H2	200	jquery.js Show response auspost.transaction-6231672.site/auspost/	281 KB 84 KB	372ms 371ms	Script application/javascript	2606:4700:3030::ac43:b01c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auspost.transaction-6231672.site/auspost/jquery.js Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b01c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/receive/9017258623620 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 10 Oct 2021 04:51:02 GMT server cloudflare etag W/"4638e-17c688a3af0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOvedBkEmCPK72gk%2F4RJtQIxXY5XRgwnK5tOlHdlPSm3Vy7TtJSok27TAOKKEeiKqD3SsNwm9flNbqW3qNTQa7jaO0KKqaZC1PhUxfu3VfhQua8ihvHOiSV2OW8Jo75%2BIYBZ7qBVHieHqbI8z%2BNN1dx1dOt41yAYztRtO7QeDw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 6d3862fa5e85599b-MXP
GET H2	200	clientlib.js Show response auspost.transaction-6231672.site/auspost/	12 KB 6 KB	153ms 153ms	Script application/javascript	2606:4700:3030::ac43:b01c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auspost.transaction-6231672.site/auspost/clientlib.js Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b01c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 15cb3449a309babeb6345c5f93a3cbfef34528e01a8f285a82b47654a905a7bf Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/receive/9017258623620 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 08:31:43 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 26 Sep 2021 04:13:00 GMT server cloudflare etag W/"3101-17c204e60e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWj%2BDwcufk8nv3tGsZQwPzAhQjeiVDDh%2Fuq34%2BzYRWAFvKheUr0fN8VNuSSQuidQoqcePExXVaBNrq5CjIQkDkaifztaiWwbbhBUG7E0kTI7%2FWeNqm09TX%2Bp66dA8ShwMPSLckI1%2B0sCdrM2j3b%2F6cu9ec4emD3dM4g5XaEieg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 6d3862fa5e88599b-MXP
GET H2	200	clientlib.js Show response auspost.com.au/etc.clientlibs/global/components/accordion/	2 KB 1 KB	220ms 24ms	Script application/javascript	13.225.80.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auspost.com.au/etc.clientlibs/global/components/accordion/clientlib.js Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-24.fra2.r.cloudfront.net Software nginx / Resource Hash de1f43bc557df2637d412bd88f035c96b0d293a08adfe7940395f5569ee3d339 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip last-modified Wed, 26 Jan 2022 08:00:48 GMT server nginx age 110 x-frame-options SAMEORIGIN date Wed, 26 Jan 2022 08:30:23 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 804 x-amz-cf-id 31Bh6Sy5zOFFu9xbYTgzOnEU8CbxUzDExtFO0HuU9v0m_71ULQc9IQ==
GET H2	200	ap-acknowledgement-logos.svg auspost.com.au/content/dam/global/svg-icons/custom/logos/	41 KB 10 KB	19ms 18ms	Image image/svg+xml	13.225.80.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://auspost.com.au/content/dam/global/svg-icons/custom/logos/ap-acknowledgement-logos.svg Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-24.fra2.r.cloudfront.net Software nginx / Resource Hash f48b5b48b9da899bdb3ba28a622fe842fa6bc3779a5ad3088bf189cab0c1539b Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip last-modified Wed, 26 Jan 2022 08:00:27 GMT server nginx age 321 x-frame-options SAMEORIGIN date Wed, 26 Jan 2022 08:29:10 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 content-length 10156 x-amz-cf-id 7aulEEGQpw12FxWZ3ZpkiUmjqZV0_MwSEyuDD3r8NGgXeYeYsLnMBQ==
GET H2	200	s-l400.webp i.ebayimg.com/images/g/jSYAAOSwuXxhy~sv/	31 KB 32 KB	86ms 20ms	Image image/webp	2001:1900:2322:1b04::1fa LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://i.ebayimg.com/images/g/jSYAAOSwuXxhy~sv/s-l400.webp Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:1900:2322:1b04::1fa State College, United States, ASN3356 (LEVEL3, US), Reverse DNS Software ebay-proxy-server / Resource Hash e1900c7f0df98de324478f44025abb6481de1a876b291f1cf755e0f3143bd7d5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 08:31:44 GMT x-cdn LUMN x-ebay-pop-id UFES2-FRA-zoe-anycast age 2425489 x-envoy-upstream-service-time 11 x-ebay-c-version 1.0.0 content-length 32042 last-modified Tue, 28 Dec 2021 18:07:43 GMT server ebay-proxy-server content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*atj%601%28rbpv6775-17e04f1151f-0x13d accept-ranges bytes access-control-allow-headers * access-control-allow-method GET expires Thu, 29 Dec 2022 06:46:55 GMT
GET DATA	200 OK	truncated /	395 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1cd9eb63f0293972d5323eaf52da910723b5500d8e61791922fa5af25a89a372 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET		APTypeProText-Regular.woff2 auspost.com.au/content/dam/global/fonts/	0 0
GET		APTypeProDisplay-Medium.woff2 auspost.com.au/content/dam/global/fonts/	0 0
GET		APTypeProText-Medium.woff2 auspost.com.au/content/dam/global/fonts/	0 0
GET H2	200	loader.js Show response www.smartsuppchat.com/	18 KB 5 KB	62ms 15ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.smartsuppchat.com/loader.js? Requested by Host: auspost.transaction-6231672.site URL: https://auspost.transaction-6231672.site/receive/9017258623620 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 6070b6faf7f76093a145a8c2bb42e139a0c61f192007729321eb5ab18286363d Request headers Accept-Language de-DE,de;q=0.9 Referer https://auspost.transaction-6231672.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-nzt AcO1rgVe+UP/FQAAAA== x-accel-expires @1643185943 date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br etag W/"61df0970-4627" last-modified Wed, 12 Jan 2022 17:01:36 GMT server CDN77-Turbo x-77-nzt-ray tMzM/NRN0WI= x-77-cache HIT content-type application/javascript cache-control max-age=300, public, s-maxage=60 x-cache HIT x-age 21 x-77-pop frankfurtDE expires Wed, 12 Jan 2022 17:07:15 GMT
GET		APTypeProText-Regular.woff auspost.com.au/content/dam/global/fonts/	0 0
GET		APTypeProDisplay-Medium.woff auspost.com.au/content/dam/global/fonts/	0 0
GET		APTypeProText-Medium.woff auspost.com.au/content/dam/global/fonts/	0 0
GET H2	200	fcfa4f6693bba05a038d97faa2edad7c190646f1.json Show response bootstrap.smartsuppchat.com/widget/	856 B 592 B	43ms 16ms	XHR application/json	3.65.6.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bootstrap.smartsuppchat.com/widget/fcfa4f6693bba05a038d97faa2edad7c190646f1.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.65.6.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-65-6-125.eu-central-1.compute.amazonaws.com Software / Resource Hash 4d9f0660ef24ea6fc4f821f5afde2cdc0fc307e554fbb2939ec3b86355ae0640 Request headers Referer https://auspost.transaction-6231672.site/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers x-version d830c25b2e9b570474446910aed213c81d4b2369 date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br x-hit redis etag "358-z474O+VfqFOM3yKXc6WLlNe8qXY" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, max-age=0, must-revalidate
GET H2	200	asset-manifest.json Show response widget-v2.smartsuppcdn.com/	2 KB 686 B	56ms 14ms	XHR application/json	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/asset-manifest.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 6a5818577e82472f54014b6f448710dc7fb4c2d0b7a181ab7754d66bcaaad073 Request headers Referer https://auspost.transaction-6231672.site/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers x-77-pop frankfurtDE date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br x-77-nzt-ray Cx8yLO5p0wo= x-77-cache HIT x-cache HIT x-age 32 x-77-nzt AcO1rgVIzkT/IAAAAA== x-accel-expires @1643185932 last-modified Mon, 24 Jan 2022 16:51:08 GMT server CDN77-Turbo etag W/"61eed8fc-638" content-type application/json access-control-allow-origin * cache-control max-age=300, public, s-maxage=60 expires Mon, 24 Jan 2022 17:35:18 GMT
GET H2	200	runtime-main.4dd1f58e.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame 24DA	2 KB 2 KB	50ms 13ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/runtime-main.4dd1f58e.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash d553111cd6cbe5b385aec78fac8ec13b5d58b691f40b4f421acf2647860726fa Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br x-77-nzt-ray 3OZSdR5IsIQ= x-77-cache HIT x-cache HIT x-age 140488 x-77-nzt AcO1rgWlzTD/yCQCAA== x-accel-expires @1674581416 last-modified Mon, 24 Jan 2022 16:51:08 GMT server CDN77-Turbo etag W/"61eed8fc-9b0" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Tue, 24 Jan 2023 17:30:16 GMT
GET H2	200	6.3489f5b0.chunk.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame 24DA	509 KB 141 KB	88ms 50ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/6.3489f5b0.chunk.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9768c3f01ceee5373e1eadd5875e11adc35cda6bfdcc5f477bde9fd4b688e6b7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br x-77-nzt-ray 1YYbQ3eHQbI= x-77-cache HIT x-cache HIT x-age 140549 x-77-nzt AcO1rgWtTZP/BSUCAA== x-accel-expires @1674581355 last-modified Mon, 24 Jan 2022 16:51:08 GMT server CDN77-Turbo etag W/"61eed8fc-7f2a3" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Tue, 24 Jan 2023 17:29:15 GMT
GET H2	200	main.90487173.chunk.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame 24DA	105 KB 24 KB	108ms 71ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/main.90487173.chunk.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 490e77d7f03c95d6864978a4fd9d7aea71d4fc9b48f5cc02c16d927dee23d5f1 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br x-77-nzt-ray mk8SG83c1Dc= x-77-cache HIT x-cache HIT x-age 140549 x-77-nzt AcO1rgUHdBf/BSUCAA== x-accel-expires @1674581355 last-modified Mon, 24 Jan 2022 16:51:08 GMT server CDN77-Turbo etag W/"61eed8fc-1a288" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Tue, 24 Jan 2023 17:29:15 GMT
GET H2	200	en.json Show response widget-v2.smartsuppcdn.com/translates/ Frame 24DA	4 KB 2 KB	13ms 13ms	Fetch application/json	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/translates/en.json?v=971ab649f3021d7bf3394175609930305c1c0534 Requested by Host: widget-v2.smartsuppcdn.com URL: https://widget-v2.smartsuppcdn.com/static/js/main.90487173.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ea85a751f2df2b38b58d4687ebefcb0c3387559e861e34d75a7e63084868e517 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 26 Jan 2022 08:31:44 GMT content-encoding br x-77-nzt-ray NzRsS5K+iN8= x-77-cache HIT x-cache HIT x-age 140485 x-77-nzt AcO1rgXVLMr/xSQCAA== x-accel-expires @1674581419 last-modified Mon, 24 Jan 2022 16:50:14 GMT server CDN77-Turbo etag W/"61eed8c6-f8a" content-type application/json access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Tue, 24 Jan 2023 17:30:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

auspost.com.au

URL

https://auspost.com.au/content/dam/global/fonts/APTypeProText-Regular.woff2

Domain

auspost.com.au

URL

https://auspost.com.au/content/dam/global/fonts/APTypeProDisplay-Medium.woff2

Domain

auspost.com.au

URL

https://auspost.com.au/content/dam/global/fonts/APTypeProText-Medium.woff2

Domain

auspost.com.au

URL

https://auspost.com.au/content/dam/global/fonts/APTypeProText-Regular.woff

Domain

auspost.com.au

URL

https://auspost.com.au/content/dam/global/fonts/APTypeProDisplay-Medium.woff

Domain

auspost.com.au

URL

https://auspost.com.au/content/dam/global/fonts/APTypeProText-Medium.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australia Post (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| picturefillCFG function| picturefill object| _smartsupp function| smartsupp boolean| SMARTSUPP_LOADED object| $smartsupp

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auspost.transaction-6231672.site/	1969-12-31 23:59:59	Name: _csrf Value: ekoN-JlDv5dG6zOqtcgP-JTD
			auspost.transaction-6231672.site/	1970-01-20 00:26:29	Name: connect.sid Value: s%3AA4QCWgPMEirWo899TwYXlJ4BgoQ2zqlV.X4xKC5VdWJzuyg8NvWAGNbgXCjAfEoDUItrlerGg%2Bt4
			auspost.transaction-6231672.site/	1970-01-20 04:48:30	Name: ssupp.vid Value: vipDIk6Wvi1ZF
			auspost.transaction-6231672.site/	1970-01-20 04:48:30	Name: ssupp.visits Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://auspost.transaction-6231672.site/receive/9017258623620(Line 5) Message: The value "" for key "width" is invalid, and has been ignored.
javascript	error	URL: https://auspost.transaction-6231672.site/receive/9017258623620 Message: Access to font at 'https://auspost.com.au/content/dam/global/fonts/APTypeProText-Regular.woff2' from origin 'https://auspost.transaction-6231672.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/content/dam/global/fonts/APTypeProText-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auspost.transaction-6231672.site/receive/9017258623620 Message: Access to font at 'https://auspost.com.au/content/dam/global/fonts/APTypeProDisplay-Medium.woff2' from origin 'https://auspost.transaction-6231672.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/content/dam/global/fonts/APTypeProDisplay-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auspost.transaction-6231672.site/receive/9017258623620 Message: Access to font at 'https://auspost.com.au/content/dam/global/fonts/APTypeProText-Medium.woff2' from origin 'https://auspost.transaction-6231672.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/content/dam/global/fonts/APTypeProText-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auspost.transaction-6231672.site/receive/9017258623620 Message: Access to font at 'https://auspost.com.au/content/dam/global/fonts/APTypeProText-Regular.woff' from origin 'https://auspost.transaction-6231672.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/content/dam/global/fonts/APTypeProText-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auspost.transaction-6231672.site/receive/9017258623620 Message: Access to font at 'https://auspost.com.au/content/dam/global/fonts/APTypeProText-Medium.woff' from origin 'https://auspost.transaction-6231672.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/content/dam/global/fonts/APTypeProText-Medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://auspost.transaction-6231672.site/receive/9017258623620 Message: Access to font at 'https://auspost.com.au/content/dam/global/fonts/APTypeProDisplay-Medium.woff' from origin 'https://auspost.transaction-6231672.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/content/dam/global/fonts/APTypeProDisplay-Medium.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auspost.com.au
auspost.transaction-6231672.site
bootstrap.smartsuppchat.com
i.ebayimg.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
auspost.com.au
13.225.80.24
2001:1900:2322:1b04::1fa
2606:4700:3030::ac43:b01c
2a02:6ea0:c700::11
3.65.6.125
15cb3449a309babeb6345c5f93a3cbfef34528e01a8f285a82b47654a905a7bf
1cd9eb63f0293972d5323eaf52da910723b5500d8e61791922fa5af25a89a372
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
490e77d7f03c95d6864978a4fd9d7aea71d4fc9b48f5cc02c16d927dee23d5f1
4d9f0660ef24ea6fc4f821f5afde2cdc0fc307e554fbb2939ec3b86355ae0640
6070b6faf7f76093a145a8c2bb42e139a0c61f192007729321eb5ab18286363d
6a5818577e82472f54014b6f448710dc7fb4c2d0b7a181ab7754d66bcaaad073
9768c3f01ceee5373e1eadd5875e11adc35cda6bfdcc5f477bde9fd4b688e6b7
c628a4b2c5fbfb03a5fabf91a6cec5a50d35d8c4b6cd7ec38a495f9951edc7c8
ce429743dfc7dd60e4458e43e8d971f033932a8808bf17da3e8d63d76b9d59dd
d553111cd6cbe5b385aec78fac8ec13b5d58b691f40b4f421acf2647860726fa
de1f43bc557df2637d412bd88f035c96b0d293a08adfe7940395f5569ee3d339
e1900c7f0df98de324478f44025abb6481de1a876b291f1cf755e0f3143bd7d5
ea85a751f2df2b38b58d4687ebefcb0c3387559e861e34d75a7e63084868e517
f48b5b48b9da899bdb3ba28a622fe842fa6bc3779a5ad3088bf189cab0c1539b