whirlpool.net.au
Open in
urlscan Pro
104.26.3.30
Malicious Activity!
Public Scan
Submission Tags: 0xscam
Submission: On April 11 via api from US — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on February 18th 2024. Valid for: 3 months.
This is the only time whirlpool.net.au was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 104.26.3.30 104.26.3.30 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
whirlpool.net.au
whirlpool.net.au |
169 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | whirlpool.net.au |
whirlpool.net.au
|
10 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
forums.whirlpool.net.au |
bc.whirlpool.net.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
whirlpool.net.au GTS CA 1P5 |
2024-02-18 - 2024-05-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://whirlpool.net.au/
Frame ID: 7B34F78DCD6561809ED8E4085C66D56E
Requests: 11 HTTP requests in this frame
30 Outgoing links
These are links going to different origins than the main page.
Title: Discussion forum
Search URL Search Domain Scan URL
Title: Modems/Routers
Search URL Search Domain Scan URL
Title: ROOter OpenWRT router Adventures with 3G/4G/5G modems
Search URL Search Domain Scan URL
Title: FTTP - need a router at all?
Search URL Search Domain Scan URL
Title: Query about nbn FTTP speed vs Mesh WIFI speed
Search URL Search Domain Scan URL
Title: Acardyan aw1000 not connect to 5g mobile network
Search URL Search Domain Scan URL
Title: Networking
Search URL Search Domain Scan URL
Title: External Access Synology - best way in 2024?
Search URL Search Domain Scan URL
Title: Telephony
Search URL Search Domain Scan URL
Title: SMS from Windows
Search URL Search Domain Scan URL
Title: Programming
Search URL Search Domain Scan URL
Title: Create a formatted doc from a spreadsheet?
Search URL Search Domain Scan URL
Title: Mobile carriers
Search URL Search Domain Scan URL
Title: Optus 5G General Discussion
Search URL Search Domain Scan URL
Title: Optus-SpaceX mobile coverage
Search URL Search Domain Scan URL
Title: Boost Wi-Fi calling and SMS when overseas
Search URL Search Domain Scan URL
Title: Wireless ISPs
Search URL Search Domain Scan URL
Title: Optus 5G Home Broadband
Search URL Search Domain Scan URL
Title: Node 1 Internet - Perth/Geraldton
Search URL Search Domain Scan URL
Title: iPhone
Search URL Search Domain Scan URL
Title: iOS 17 and iPadOS 17
Search URL Search Domain Scan URL
Title: Visual Voicemail Appear on Reboot
Search URL Search Domain Scan URL
Title: Android phones
Search URL Search Domain Scan URL
Title: Poco X6 Pro
Search URL Search Domain Scan URL
Title: Samsung Galaxy S23, S23+, S23 Ultra - General Discussion
Search URL Search Domain Scan URL
Title: OnePlus - Guide to enable VoLTE on AU Networks
Search URL Search Domain Scan URL
Title: Search
Search URL Search Domain Scan URL
Title: Popular topics
Search URL Search Domain Scan URL
Title: Newest topics
Search URL Search Domain Scan URL
Title: Hardware database
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
whirlpool.net.au/ |
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
whirlpool.net.au/skin/ |
103 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
whirlpool.net.au/skin/ |
137 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
whirlpool-2015-header.svg
whirlpool.net.au/skin/image/ |
7 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
671 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
whirlpool-2015-footer.svg
whirlpool.net.au/skin/image/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slabo27px-108.woff2
whirlpool.net.au/skin/font/slabo27/ |
33 KB 33 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Semibold-r1.woff2
whirlpool.net.au/skin/font/opensans-r1/ |
17 KB 18 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Regular-r1.woff2
whirlpool.net.au/skin/font/opensans-r1/ |
17 KB 17 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Bold-r1.woff2
whirlpool.net.au/skin/font/opensans-r1/ |
17 KB 18 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
whirlpool.net.au/ |
5 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| escape function| diffString function| randomColor function| diffString2 function| diff function| whirlcode2 function| thread_page_list function| thread_page_list_all object| replyHighlightTimer function| jumpToElement function| jumpToReplyId function| selectText number| sad_attempt_cnt number| sad_attempt_user function| userVote function| $ function| jQuery object| html5 object| Modernizr function| autosize boolean| loggedin number| user_id function| ready0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' whirlpool.net.au; script-src 'self' 'unsafe-inline' whirlpool.net.au static.cloudflareinsights.com; img-src 'self' data: blob: whirlpool.net.au; font-src 'self' data: whirlpool.net.au fonts.gstatic.com; form-action 'self' whirlpool.net.au forums.whirlpool.net.au; object-src 'none'; frame-src 'none'; upgrade-insecure-requests; report-uri /application/csp.cfm?u=1 |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
whirlpool.net.au
104.26.3.30
2b8eb09c06f824f46e3d5140e424c35531db1751e54d86ff7898876614f5fe19
4d2a7ffcf9d33b7b27e8e5b512c27a933cc88a3befd57968f8b3dd6d5c1d18b8
66814a3591282cfafacd1d44c7ebdae3811d3b0ed6f3f7012a28bf1960d8db65
8b5ea41a2e98ef784aab51fb74647dca60ac1f24f49b17dd83469ff777ff9a61
b3d6aec3307e7b1e4340d09d5baa861f41e146fe1ad7e516a077dbe1ce5b4ca0
bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135
bbec898258b5ff1fe0d92e23c57df5d07acec4f648bc9ca5e3d007a7fefa5c24
c2dd909cc5e0a3d9572d497230bac3ee778691ec4378bec736df753ada1b22b2
c2e39a87b1ecef8f612ec4a15cd7692c51f17d79e89eaf554c6ee1030455ddae
ca878f58c7726b8799035c5c0366dfb5f7ba2b53cfdfae1868f66b9b3385c569
d297077bc69ac6d0518aa1e10f9f7dd72db4dcce0b24b200cee7ff2c6201138d