winall.net
Open in
urlscan Pro
68.66.226.110
Malicious Activity!
Public Scan
URL:
http://winall.net/m/dashboard.php?reference=2b58cefcbca4331631b7
Submission: On January 16 via api from US — Scanned from US
Submission: On January 16 via api from US — Scanned from US
Summary
This website contacted 6 IPs
in 1 countries
across 5 domains to perform 14 HTTP transactions.
The main IP is 68.66.226.110, located in
United States and
belongs to A2HOSTING, US.
The main domain is winall.net.
This is the only time winall.net was scanned on urlscan.io!
This is the only time winall.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Qantas (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 9 | 68.66.226.110 68.66.226.110 | 55293 (A2HOSTING) (A2HOSTING) | |
| 1 | 54.164.86.209 54.164.86.209 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 23.43.85.37 23.43.85.37 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 23.43.85.42 23.43.85.42 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4004:c17::5f | 15169 (GOOGLE) (GOOGLE) | |
| 14 | 6 |
1
54.164.86.209
(United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-86-209.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-86-209.compute-1.amazonaws.com
| qantas.resultspage.com |
1
23.43.85.37
(Edison, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-37.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-37.deploy.static.akamaitechnologies.com
| cdn.qantasloyalty.com |
2
23.43.85.42
(Edison, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-42.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-42.deploy.static.akamaitechnologies.com
| www.qantas.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
winall.net
winall.net |
302 KB |
| 2 |
qantas.com
www.qantas.com — Cisco Umbrella Rank: 162665 |
21 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369 |
33 KB |
| 1 |
qantasloyalty.com
cdn.qantasloyalty.com — Cisco Umbrella Rank: 355285 |
665 B |
| 1 |
resultspage.com
qantas.resultspage.com — Cisco Umbrella Rank: 378178 |
1 KB |
| 14 | 5 |
| Domain | Requested by | |
|---|---|---|
| 9 | winall.net |
winall.net
|
| 2 | www.qantas.com |
winall.net
|
| 1 | ajax.googleapis.com |
winall.net
|
| 1 | cdn.qantasloyalty.com |
winall.net
|
| 1 | qantas.resultspage.com |
winall.net
|
| 14 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.qantas.com |
| travelinsider.qantas.com.au |
| help.qantas.com |
| www.facebook.com |
| twitter.com |
| www.linkedin.com |
| www.youtube.com |
| instagram.com |
| www.jetstar.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| qantasloyalty.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-06 - 2024-09-10 |
10 months | crt.sh |
| qantas.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-06 - 2024-11-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://winall.net/m/dashboard.php?reference=2b58cefcbca4331631b7
Frame ID: E08313B41F5997A3A9590F4B3A734596
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
error iconCheckboxDetected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /etc/designs/
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
41 Outgoing links
These are links going to different origins than the main page.
URL: https://www.qantas.com/travel/airlines/viewing/global/en
Title: Upgrade my browser
Title: Upgrade my browser
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en.html
Search URL Search Domain Scan URL
URL: https://www.qantas.com/au/en/qantas-experience/network-and-partner-airlines/oneworld.html
Title: Oneworld
Title: Oneworld
Search URL Search Domain Scan URL
URL: https://www.qantas.com/travelinsider/en.html
Title: Travel Insider
Title: Travel Insider
Search URL Search Domain Scan URL
URL: https://www.qantas.com/directconnect/affinity
Title: Where can I go?
Title: Where can I go?
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/travel-guides/australia.html?int_cam=us:en:travel-guides-au:nav:en:flights
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-australia.html/au
Title: Flights to Australia
Title: Flights to Australia
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-new-zealand.html/nz
Title: Flights to New Zealand
Title: Flights to New Zealand
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals.html
Title: Flights to Japan
Title: Flights to Japan
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-singapore.html/sin
Title: Flights to Singapore
Title: Flights to Singapore
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-vanuatu.html/nou
Title: Flights to New Caledonia
Title: Flights to New Caledonia
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/international/flights-to-australia.html/economy/all/lowest?int_cam=us:en:flight-deals-au:nav:en:flights
Search URL Search Domain Scan URL
URL: http://travelinsider.qantas.com.au/qantas-magazine
Title: Qantas magazineOpens external site
Title: Qantas magazineOpens external site
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/book-a-trip/flights/qantas-explorer.html?int_cam=us:en:qantas-explorer:nav:en:flights
Search URL Search Domain Scan URL
URL: http://www.qantas.com/travel/airlines/flight-deals/us/en
Title: Flights to Australia
Title: Flights to Australia
Search URL Search Domain Scan URL
URL: https://www.qantas.com/detect-site/coronavirus.html
Title: COVID-19 information
Title: COVID-19 information
Search URL Search Domain Scan URL
URL: https://www.qantas.com/detect-site/manage-booking.html
Title: Manage booking
Title: Manage booking
Search URL Search Domain Scan URL
URL: https://www.qantas.com/travel/airlines/baggage/global/en
Title: baggage allowances
Title: baggage allowances
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/qantas-experience/australian-domestic-flight-network.html?int_cam=us:en:mega-nav:domestic-network:en:flights
Search URL Search Domain Scan URL
URL: https://help.qantas.com/support/s/
Title: Help Opens external site
Title: Help Opens external site
Search URL Search Domain Scan URL
URL: https://www.qantas.com/au/en/frequent-flyer/discover-and-join/terms-and-conditions.html
Title: Terms and Conditions
Title: Terms and Conditions
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/travel-info/baggage/allowance-and-fees.html
Title: Baggage & Optional Service Fees
Title: Baggage & Optional Service Fees
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/customer-service-plan.html
Title: Customer Service Plan
Title: Customer Service Plan
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/qantas-group.html
Title: Qantas Group
Title: Qantas Group
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us/news-room.html
Title: News Room
Title: News Room
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us/qantas-careers.html
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us/our-company/our-airline-partners/oneworld.html
Title: oneworld
Title: oneworld
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us.html
Title: More about Qantas
Title: More about Qantas
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/100-years-of-the-spirit-of-australia.html
Title: Qantas Centenary
Title: Qantas Centenary
Search URL Search Domain Scan URL
URL: https://www.qantas.com/content/dam/qantas/pdfs/about-us/corporate-governance/modern-slavery-and-human-trafficking-statement.pdf
Title: Modern Slavery Act Statement
Title: Modern Slavery Act Statement
Search URL Search Domain Scan URL
URL: https://www.facebook.com/Qantas/
Title: 1.4m+ likesOpens external site in a new window
Title: 1.4m+ likesOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://twitter.com/Qantas
Title: 483k+ followersOpens external site in a new window
Title: 483k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/company/qantas
Title: 287k+ followersOpens external site in a new window
Title: 287k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/Qantas
Title: 93k+ subscribersOpens external site in a new window
Title: 93k+ subscribersOpens external site in a new window
Search URL Search Domain Scan URL
URL: http://instagram.com/Qantas
Title: 933k+ followersOpens external site in a new window
Title: 933k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://www.jetstar.com/
Title: JetstarOpens external site in a new window
Title: JetstarOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/essential-accessibility.html
Title: eSSENTIAL AccessibilityTM
Title: eSSENTIAL AccessibilityTM
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/privacy-and-security.html
Title: Privacy & Security
Title: Privacy & Security
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/terms-of-use.html
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/book-a-trip/flights/conditions-of-carriage.html
Title: Conditions of Carriage
Title: Conditions of Carriage
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/book-a-trip/flights/fare-types.html
Title: Fare types
Title: Fare types
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
dashboard.php
winall.net/m/ |
543 KB 99 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
winall.net/m/ |
210 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sli-rac.css
qantas.resultspage.com/autocomplete/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.bundle.css
cdn.qantasloyalty.com/assets/widgets/login/v2/ |
114 B 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-noncritical.min.39f8b7e771e1f7442c41e2b0eb8c5459.css
www.qantas.com/etc/designs/qcom/site/ |
74 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
qantas-masterbrand-logo-40px.svg
winall.net/m/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
escape-au.jpg
winall.net/m/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Australia-flight-deals-190x135.jpg
winall.net/m/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
qantas-explorer.jpg
winall.net/m/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
australian-domestic-network-190x440.jpg
winall.net/m/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
315CA1_3_0.woff2
winall.net/m/ |
48 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spritesheet-9632fb7044385395ce89846b873ea4e3.png
www.qantas.com/etc/designs/qantas/global/img/ |
11 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
736 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
315CA1_1_0.woff2
winall.net/m/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Qantas (Transportation)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| aler function| aler1 boolean| completed1 boolean| completed2 boolean| completed3 function| aler2 function| tcitle function| return_string function| checkelement2 function| all3 function| checkelement3 function| all4 function| checkelement4 function| all5 function| checkelement5 function| all6 function| checkelement6 function| $ function| jQuery function| formatString function| digitKeyOnly function| normalizeYear function| checkExp function| CCValidationWithType function| barranayek function| validinfo function| alorsondanse function| sleep function| demo0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.qantasloyalty.com
qantas.resultspage.com
winall.net
www.qantas.com
23.43.85.37
23.43.85.42
2607:f8b0:4004:c17::5f
54.164.86.209
68.66.226.110
0664e82539264eafd54fe31718f5f4d885348fe8f8c8268482fe29c0043f3e98
445b7df4c1fa8a4f1847e39edc7476fb8bec4c9e7aa3c4127ce4e61a300f6e00
450bb80667b0393d6caa03b172876b02fd39a64dc3fae3c7d398d22dad852b64
55adb2c8fa18eaba51ebf7ad393246020f4c827146c2d1fe30b38d4a47d2fbda
568f298a407bc58446b100508660aa5cbcd3d1272b595330d56207b9767e20ea
572e61cc03f163934166ecdb2f2ff546e2c3910e1832f2928c5dded01d604db1
5a1d9e8f0951eaf775165f9381733d44a10df8b8997d478fb04fadbf8c955d66
763a86d3b22b56dc063a25ec601d018d501c38aed49034fde8e2d3351f614f81
7dea4d97838b86216b1aaf40c0cac0b0d0239c5c55596ca90412fe8631ea2019
929994c943e6df422c54cdb9ab4e7b0b7e73cf9cd81d9e8f259789c8c5aacb15
acfecce6970a2ec8db6bbf3a51bcec7b2936d8930b0b7c84a079a315adb7b6c3
b2b64e5d45e5f4911d34343f60b7d15ba57d7ce1e4cc5dd69ac424bb79d84455
b964d246defe2ccf6dd3a0d3887ac9d09325a866b94bd57732219406654698a2
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e33bf0e24ad4a7482d68c48aa84a576e57bd3d8cdd3256de1e72f3b08bff4fed