whirlpool.net.au Open in urlscan Pro
104.26.3.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://whirlpool.net.au/
Submission Tags: 0xscam
Submission: On April 11 via api (April 11th 2024, 12:43:59 pm UTC) from US — Scanned from AU

Summary HTTP 10 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 104.26.3.30, located in and belongs to CLOUDFLARENET, US. The main domain is whirlpool.net.au.
TLS certificate: Issued by GTS CA 1P5 on February 18th 2024. Valid for: 3 months.

This is the only time whirlpool.net.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address		AS Autonomous System
10	104.26.3.30 104.26.3.30		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

10 104.26.3.30 (None, )

ASN13335 (CLOUDFLARENET, US)

whirlpool.net.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	whirlpool.net.au whirlpool.net.au	169 KB
10	1

	Domain	Requested by
10	whirlpool.net.au	whirlpool.net.au
10	1

This site contains links to these domains. Also see Links.

Domain
forums.whirlpool.net.au
bc.whirlpool.net.au

Subject Issuer	Validity	Valid
whirlpool.net.au GTS CA 1P5	`2024-02-18` - `2024-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://whirlpool.net.au/
Frame ID: 7B34F78DCD6561809ED8E4085C66D56E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whirlpool Broadband News

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

169 kB
Transfer

362 kB
Size

0
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://forums.whirlpool.net.au/
Title: Discussion forum

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/82
Title: Modems/Routers

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/3vx1k1r3
Title: ROOter OpenWRT router Adventures with 3G/4G/5G modems

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/91mx4z2r
Title: FTTP - need a router at all?

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/9vw4pm0v
Title: Query about nbn FTTP speed vs Mesh WIFI speed

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/36yz5xp8
Title: Acardyan aw1000 not connect to 5g mobile network

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/9
Title: Networking

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/974p12q5
Title: External Access Synology - best way in 2024?

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/125
Title: Telephony

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/36yzlw0l
Title: SMS from Windows

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/127
Title: Programming

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/92465mkp
Title: Create a formatted doc from a spreadsheet?

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/114
Title: Mobile carriers

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/3x25jmv3
Title: Optus 5G General Discussion

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/30x1k726
Title: Optus-SpaceX mobile coverage

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/9xkk1ln3
Title: Boost Wi-Fi calling and SMS when overseas

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/18
Title: Wireless ISPs

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/3ww4lzx3
Title: Optus 5G Home Broadband

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/38kr4wy9
Title: Node 1 Internet - Perth/Geraldton

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/128
Title: iPhone

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/3qr12jk8
Title: iOS 17 and iPadOS 17

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/9n1jl105
Title: Visual Voicemail Appear on Reboot

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/140
Title: Android phones

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/3qr1zwk1
Title: Poco X6 Pro

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/3n1jy7zz
Title: Samsung Galaxy S23, S23+, S23 Ultra - General Discussion

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/thread/9m01z7np
Title: OnePlus - Guide to enable VoLTE on AU Networks

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/search
Title: Search

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/?action=popular_views
Title: Popular topics

Search URL Search Domain Scan URL

URL: https://forums.whirlpool.net.au/forum/?action=newthreads
Title: Newest topics

Search URL Search Domain Scan URL

URL: https://bc.whirlpool.net.au/bc/hardware/
Title: Hardware database

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
whirlpool.net.au/ 20 KB
6 KB 35ms
19ms Document
text/html 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66814a3591282cfafacd1d44c7ebdae3811d3b0ed6f3f7012a28bf1960d8db65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' whirlpool.net.au; script-src 'self' 'unsafe-inline' whirlpool.net.au static.cloudflareinsights.com; img-src 'self' data: blob: whirlpool.net.au; font-src 'self' data: whirlpool.net.au fonts.gstatic.com; form-action 'self' whirlpool.net.au forums.whirlpool.net.au; object-src 'none'; frame-src 'none'; upgrade-insecure-requests; report-uri /application/csp.cfm?u=1
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 3203
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=3600
cf-cache-status: HIT
cf-ray: 872b10a44e015d35-SYD
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' whirlpool.net.au; script-src 'self' 'unsafe-inline' whirlpool.net.au static.cloudflareinsights.com; img-src 'self' data: blob: whirlpool.net.au; font-src 'self' data: whirlpool.net.au fonts.gstatic.com; form-action 'self' whirlpool.net.au forums.whirlpool.net.au; object-src 'none'; frame-src 'none'; upgrade-insecure-requests; report-uri /application/csp.cfm?u=1
content-type: text/html;charset=UTF-8
date: Thu, 11 Apr 2024 12:43:54 GMT
last-modified: Thu, 11 Apr 2024 11:50:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shQ%2BXQoaIQL19EUjXaIeLmCnGXkczmG9LENSKAdxQKJoj5p3eUjkwmxcreQT%2BBCJjTkNheokVNmmXrq3ZUakwwt9DUH%2FVXT3OeLWqNsQdlJgdxvb3YzOG4W4fGRoxSgHwgk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 style.css
whirlpool.net.au/skin/ 103 KB
20 KB 20ms
19ms Stylesheet
text/css 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/skin/style.css?7f7dc25af695

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5ea41a2e98ef784aab51fb74647dca60ac1f24f49b17dd83469ff777ff9a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4513
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 31 Mar 2024 09:45:27 GMT
server: cloudflare
etag: W/"105542-1711878327700"
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaCOuMFOuatdTArSmRGAlYazUAvzP0E4tMuJOlHpz7Cce7VN7vB6zLsBkomttlDOD20TYSM7kvfPndrvkpSjwrVzcMWq%2Fjf0XUW30MWI2%2F19OjAKkGe2Qex7tSd0DT7hZo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 872b10a46e235d35-SYD
expires: Sun, 14 Apr 2024 11:28:41 GMT

GET
H3 200 script.js Show response
whirlpool.net.au/skin/ 137 KB
46 KB 23ms
22ms Script
application/javascript 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/skin/script.js?2e1c62ef0449

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8eb09c06f824f46e3d5140e424c35531db1751e54d86ff7898876614f5fe19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6313
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 Apr 2024 09:55:41 GMT
server: cloudflare
etag: W/"139944-1711965341247"
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjFqcAJGN%2BIuVsj%2FfZafH%2BrQPqWWl3rDpQeXtr77mgRrztlY0qusHgWNChOTxupMcFejKmKWbi5%2FvKKgpM%2FiJeHYBqYLvs5msV%2BDpAKyfrzqWTz8Sl%2BCxqWM0Hc%2B2wyorGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 872b10a46e255d35-SYD
expires: Sun, 14 Apr 2024 10:58:41 GMT

GET
H3 200 whirlpool-2015-header.svg
whirlpool.net.au/skin/image/ 7 KB
4 KB 17ms
16ms Image
image/svg+xml 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whirlpool.net.au/skin/image/whirlpool-2015-header.svg

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/skin/style.css?7f7dc25af695

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d297077bc69ac6d0518aa1e10f9f7dd72db4dcce0b24b200cee7ff2c6201138d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/skin/style.css?7f7dc25af695
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 Apr 2024 09:55:41 GMT
server: cloudflare
etag: W/"6968-1711965341191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRxzEFW78Z2VZ%2BAy1x0A4HPE%2B5HVEupDyh9AI6Ocox3gCjSHvRqZnabhPD0qX5Qyejn%2Fwqj1rp69lJimo4x01SfscGBpWEjOVeAKutRt%2FzG5HMU3Nj9c4ST8jzXortOOSGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=691200
cf-ray: 872b10a4be665d35-SYD
expires: Sun, 14 Apr 2024 12:35:32 GMT

GET
DATA 200
OK truncated
/ 671 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 whirlpool-2015-footer.svg
whirlpool.net.au/skin/image/ 6 KB
3 KB 15ms
14ms Image
image/svg+xml 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whirlpool.net.au/skin/image/whirlpool-2015-footer.svg

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/skin/style.css?7f7dc25af695

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbec898258b5ff1fe0d92e23c57df5d07acec4f648bc9ca5e3d007a7fefa5c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/skin/style.css?7f7dc25af695
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2918
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 Apr 2024 09:50:02 GMT
server: cloudflare
etag: W/"5723-1711965002091"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XskLCPb0cmnG8qj14oCT5%2BeJgC%2FcKmZg3NFp4ccgjtOu8BzbwE%2FuSPCo8zJI2x7uiNR9dA9uZJQlV5bTQ%2BrR5s17DOBzIaN80q4IbZ2YTShrbbBuPy%2FAyROHU9jjLu0q8D8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=691200
cf-ray: 872b10a4be6a5d35-SYD
expires: Sun, 14 Apr 2024 11:55:17 GMT

GET
H3 200 slabo27px-108.woff2
whirlpool.net.au/skin/font/slabo27/ 33 KB
33 KB 16ms
15ms Font
application/x-font-woff2 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/skin/font/slabo27/slabo27px-108.woff2

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/skin/style.css?7f7dc25af695

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a7ffcf9d33b7b27e8e5b512c27a933cc88a3befd57968f8b3dd6d5c1d18b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/skin/style.css?7f7dc25af695
Origin: https://whirlpool.net.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5720
alt-svc: h3=":443"; ma=86400
content-length: 33504
last-modified: Mon, 01 Apr 2024 09:50:02 GMT
server: cloudflare
etag: W/"33504-1711965002083"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: https://whirlpool.net.au
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9emWVUWtqYjF93g8bNy%2FGgkrUF4zLSYooAzXMs%2BllPpGwtts1dtSAM%2FH6uQclIaY5T0c%2BQy3LSK2x1U4H2KP%2FYi%2FxRwJ6P%2BnqFMy9qwWxlYz8dDQ68bdI%2BGT2PhafGCwpLo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 872b10a4ee8a5d35-SYD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
expires: Sun, 14 Apr 2024 11:08:35 GMT

GET
H3 200 OpenSans-Semibold-r1.woff2
whirlpool.net.au/skin/font/opensans-r1/ 17 KB
18 KB 18ms
17ms Font
application/x-font-woff2 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/skin/font/opensans-r1/OpenSans-Semibold-r1.woff2

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/skin/style.css?7f7dc25af695

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d6aec3307e7b1e4340d09d5baa861f41e146fe1ad7e516a077dbe1ce5b4ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/skin/style.css?7f7dc25af695
Origin: https://whirlpool.net.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5682
alt-svc: h3=":443"; ma=86400
content-length: 17720
last-modified: Mon, 01 Apr 2024 09:55:41 GMT
server: cloudflare
etag: W/"17720-1711965341171"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: https://whirlpool.net.au
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjtTbuQik5AGngVcKa7VXr7mUjOEjFIgv2WXDfc2OeQLCMFL0Baoyh4bY1VfAYKBvP4R0IdYd5IqvxTuiASkVBt3rY7%2B5JZM27FC6Z3hHjjDE97isloi896M4R2zNa1IumI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 872b10a4ee8b5d35-SYD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
expires: Sun, 14 Apr 2024 11:09:13 GMT

GET
H3 200 OpenSans-Regular-r1.woff2
whirlpool.net.au/skin/font/opensans-r1/ 17 KB
17 KB 19ms
19ms Font
application/x-font-woff2 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/skin/font/opensans-r1/OpenSans-Regular-r1.woff2

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/skin/style.css?7f7dc25af695

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2dd909cc5e0a3d9572d497230bac3ee778691ec4378bec736df753ada1b22b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/skin/style.css?7f7dc25af695
Origin: https://whirlpool.net.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 670
alt-svc: h3=":443"; ma=86400
content-length: 16940
last-modified: Mon, 01 Apr 2024 09:50:02 GMT
server: cloudflare
etag: W/"16940-1711965002071"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: https://whirlpool.net.au
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPsVtOalUL98FMMVqqriU6%2B6KpgfyJl7tD4vczTS5oEEF5jheYOpaIhO4c%2BJp2D%2BZBAZ72XcMTAEHmJ2aTRf5ZYr9UP6oaP0Ld6ODuUQtOumWaDJWdjHLvBT38IIkEpIFGU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 872b10a4ee8e5d35-SYD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
expires: Sun, 14 Apr 2024 12:32:45 GMT

GET
H3 200 OpenSans-Bold-r1.woff2
whirlpool.net.au/skin/font/opensans-r1/ 17 KB
18 KB 20ms
19ms Font
application/x-font-woff2 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/skin/font/opensans-r1/OpenSans-Bold-r1.woff2

Requested by

Host: whirlpool.net.au
URL: https://whirlpool.net.au/skin/style.css?7f7dc25af695

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e39a87b1ecef8f612ec4a15cd7692c51f17d79e89eaf554c6ee1030455ddae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/skin/style.css?7f7dc25af695
Origin: https://whirlpool.net.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5826
alt-svc: h3=":443"; ma=86400
content-length: 17668
last-modified: Mon, 08 Apr 2024 05:33:02 GMT
server: cloudflare
etag: W/"17668-1712554382745"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: https://whirlpool.net.au
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8eIiDr3G4guMB6Ur6IjrWq3x8pKAPz9WoU%2FAgYQOmASSGfYWv%2Byc0%2Bapwj2xks0U6gIs4repT4MdRsaIoYul4wl1hrRod%2BZN%2FjIJdtnTzhvck6O7ZCQ4crjJA2NEk1adOU4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 872b10a4ee8f5d35-SYD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
expires: Sun, 14 Apr 2024 11:06:49 GMT

GET
H3 200 favicon.ico
whirlpool.net.au/ 5 KB
3 KB 16ms
16ms Other
image/x-icon 104.26.3.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whirlpool.net.au/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.3.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca878f58c7726b8799035c5c0366dfb5f7ba2b53cfdfae1868f66b9b3385c569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whirlpool.net.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52746
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 Apr 2024 09:50:01 GMT
server: cloudflare
etag: W/"5430-1711965001883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7PRkaf5UZCgcGJ7HDPLgRpN18fxoaXvvDkoDE2jjHT0ADqm%2FtlN7rM7P8bsWaxBdG64x7hLmg7VGVMYWXTxjcocqHBlG9QodKoEqUyzfLR0RINwr%2F%2FwhVmZnzWHUIFotrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=86400
cf-ray: 872b10a51ece5d35-SYD
expires: Thu, 11 Apr 2024 22:04:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' whirlpool.net.au; script-src 'self' 'unsafe-inline' whirlpool.net.au static.cloudflareinsights.com; img-src 'self' data: blob: whirlpool.net.au; font-src 'self' data: whirlpool.net.au fonts.gstatic.com; form-action 'self' whirlpool.net.au forums.whirlpool.net.au; object-src 'none'; frame-src 'none'; upgrade-insecure-requests; report-uri /application/csp.cfm?u=1
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

whirlpool.net.au
104.26.3.30
2b8eb09c06f824f46e3d5140e424c35531db1751e54d86ff7898876614f5fe19
4d2a7ffcf9d33b7b27e8e5b512c27a933cc88a3befd57968f8b3dd6d5c1d18b8
66814a3591282cfafacd1d44c7ebdae3811d3b0ed6f3f7012a28bf1960d8db65
8b5ea41a2e98ef784aab51fb74647dca60ac1f24f49b17dd83469ff777ff9a61
b3d6aec3307e7b1e4340d09d5baa861f41e146fe1ad7e516a077dbe1ce5b4ca0
bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135
bbec898258b5ff1fe0d92e23c57df5d07acec4f648bc9ca5e3d007a7fefa5c24
c2dd909cc5e0a3d9572d497230bac3ee778691ec4378bec736df753ada1b22b2
c2e39a87b1ecef8f612ec4a15cd7692c51f17d79e89eaf554c6ee1030455ddae
ca878f58c7726b8799035c5c0366dfb5f7ba2b53cfdfae1868f66b9b3385c569
d297077bc69ac6d0518aa1e10f9f7dd72db4dcce0b24b200cee7ff2c6201138d

whirlpool.net.au Open in urlscan Pro 104.26.3.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

169 kBTransfer

362 kBSize

0 Cookies

30 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

whirlpool.net.au Open in urlscan Pro
104.26.3.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

169 kB
Transfer

362 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!