tsweeqksa.net
Open in
urlscan Pro
188.40.20.53
Malicious Activity!
Public Scan
Submission: On October 24 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.
This is the only time tsweeqksa.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: An Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 188.40.20.53 188.40.20.53 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
9 | 2620:1ec:46::44 2620:1ec:46::44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2606:4700::68... 2606:4700::6812:83ec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 23.212.210.9 23.212.210.9 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 66.84.24.35 66.84.24.35 | 11989 (WEBINT) (WEBINT) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
26 | 8 |
ASN24940 (HETZNER-AS, DE)
PTR: static.53.20.40.188.clients.your-server.de
tsweeqksa.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-212-210-9.deploy.static.akamaitechnologies.com
cdns.eu1.gigya.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
anpost.com
www.anpost.com — Cisco Umbrella Rank: 846929 |
572 KB |
8 |
tsweeqksa.net
tsweeqksa.net |
48 KB |
2 |
gigya.com
cdns.eu1.gigya.com — Cisco Umbrella Rank: 21362 |
45 KB |
2 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385 |
145 KB |
1 |
gstatic.com
fonts.gstatic.com |
8 KB |
1 |
playgroup.org
www.playgroup.org |
37 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 |
916 B |
26 | 7 |
Domain | Requested by | |
---|---|---|
9 | www.anpost.com |
tsweeqksa.net
www.anpost.com |
8 | tsweeqksa.net |
tsweeqksa.net
|
2 | cdns.eu1.gigya.com |
tsweeqksa.net
cdns.eu1.gigya.com |
2 | cdn.cookielaw.org |
tsweeqksa.net
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.playgroup.org |
tsweeqksa.net
|
1 | fonts.googleapis.com |
tsweeqksa.net
|
26 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
my.postmobile.ie |
www.anpost.com |
addresspal.anpost.ie |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.tsweeqksa.net R3 |
2023-09-06 - 2023-12-05 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
www.anpost.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-12 - 2024-10-12 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-07 - 2023-12-07 |
a year | crt.sh |
playgroup.org cPanel, Inc. Certification Authority |
2023-09-23 - 2023-12-22 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://tsweeqksa.net/ireland/88336ad5c00fdc318/
Frame ID: 71C19A7325D53858B288C427D9338FB2
Requests: 25 HTTP requests in this frame
Frame:
https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_QXTpOCRNtWkU99Lgu_NxBzAaa2HZcSGjNvIj8rUF45zGigTHU7FCPxirRuYgubWV&version=latest&build=15468
Frame ID: 0719C1E6C54F3655479F696E08720768
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Your guide to Get your parcel | Personal | An Post Back ButtonSearch IconFilter IconBack ButtonSearch IconFilter IconDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Go to An Post Mobile
Search URL Search Domain Scan URL
Title: Buy Stamps
Search URL Search Domain Scan URL
Title: UK & US Virtual Address (AddressPal)
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
tsweeqksa.net/ireland/88336ad5c00fdc318/ |
241 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 916 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-deferred.min.css
www.anpost.com/build/css/ |
199 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.min.css
www.anpost.com/build/css/ |
697 KB 319 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m84.min.css
www.anpost.com/build/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m85.min.css
www.anpost.com/build/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m88.min.css
www.anpost.com/build/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m18.min.css
www.anpost.com/build/css/ |
28 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preload.js
tsweeqksa.net/ireland/88336ad5c00fdc318/js/ |
145 B 631 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anPostLogo.svg
www.anpost.com/build/images/logos/ |
64 KB 48 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-left-white.svg
tsweeqksa.net/AnPost/media/icons/svg/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnify.svg
www.anpost.com/build/images/icons/ |
598 B 930 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.anpost.com/build/app-store-locator/static/js/ |
319 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.svg
tsweeqksa.net/AnPost/media/icons/svg/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rocket.svg
tsweeqksa.net/AnPost/media/icons/svg/green/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-warning-colored.svg
tsweeqksa.net/AnPost/media/icons/svg/green/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anpost.png
cdn.cookielaw.org/logos/bb111ec5-ec9f-4c52-b09c-ed929040bc6f/b84e2d08-c39a-4dba-b40a-53c7bb0af39b/e1c289e0-c096-4be7-85d6-85b5ed4e1d9e/ |
143 KB 143 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Api.aspx
cdns.eu1.gigya.com/gs/webSdk/ Frame 0719 |
123 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader-green.gif
www.playgroup.org/pics/ |
36 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
591 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AnPostSans-Bold.woff2
www.anpost.com/build/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AnPostSans-Bold.woff
www.anpost.com/build/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.config.get
cdns.eu1.gigya.com/ Frame 0719 |
4 KB 2 KB |
Fetch
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AnPostSans-Bold.woff2
tsweeqksa.net/ireland/88336ad5c00fdc318/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AnPostSans-Bold.woff
tsweeqksa.net/ireland/88336ad5c00fdc318/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.anpost.com
- URL
- https://www.anpost.com/build/webfonts/AnPostSans-Bold.woff2
- Domain
- www.anpost.com
- URL
- https://www.anpost.com/build/webfonts/AnPostSans-Bold.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: An Post (Transportation)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 string| mapBaseUrl function| showStoreLocatorApp boolean| apShowDeliveryOffice object| webpackJsonpstore-locator function| clearImmediate function| setImmediate object| showStoreLocator object| dataLayer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.cookielaw.org
cdns.eu1.gigya.com
fonts.googleapis.com
fonts.gstatic.com
tsweeqksa.net
www.anpost.com
www.playgroup.org
www.anpost.com
188.40.20.53
23.212.210.9
2606:4700::6812:83ec
2620:1ec:46::44
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
66.84.24.35
013db3f74bfcace16da0bea1211c0e240d85f746c10d9e7a2826cb4a100c684c
08347c925789e9692f30236a7de43cfacb44e94c523f502a583ecb17c85a976d
1ced0fd9130bb980360c226381225439f01e5fa067f3c5c089d77d95e9b9245d
2b214077e4e1052e2f0eddc6fb87f777301622f05d761cce65db3fd9db3fc9f4
540b45075d247a55b3c51607e94fdc054303b01bd408b2e1db8fe5b8b41fc3ee
56070667e7c231cf6d86005febb13929fe5873d327926478c332e5ccfbc9073c
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
7370ae97bf262c43f0941e20b534c53537cf3766cd1f9aeb1310269b8cb8ca62
7a4c8d7f8d86e3e65c27de2f359bc079a468a49390bed4af0247e9a91de41144
7cd0db0364af9c5f016833323e7a4c884a3a5b6c7ed5c4878693c658710e6c1e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9a932450d1684fbb844c5f9f479529b5c6630205b82fd3c2df5016b3de6ae7e0
b0a8a38df1b91ad4cb321858e64a3351b27a5c4cd602e1046ed4f83418efc3ef
b7c00ec766d205bae3016fdb2916af717c965749ad129a37eaae141cb1156066
be7a3620aed16001114ce273dbc335f61834f92aa58152b2cb7d56a1577d4d47
c5366bf195dd61b17b6e7e19832bbf576ca51272bfc90db045ff2b92ea0dc48c
ce89165adbc6c79b038d6c29f3c0b4d86fb9c76788b5132d5d9af2f95a1a05c0
d535263ed7ef1392cf95c043ff9130a3d4d4b398c9c64786fb922b620438f0e8
ee2edbca16296f5b89f962443bd387b4ace3d75f4e9ea8d47b33e3502e2cee80