urlscan.io logo urlscan.io
SecurityTrails logo

electronetservices.com.au Open in urlscan Pro
103.224.90.151  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://electronetservices.com.au/dae/join/community/people
Effective URL: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f...
Submission Tags: phishing malicious Search All
Submission: On December 21 via api from NL — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 103.224.90.151, located in Australia and belongs to INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU. The main domain is electronetservices.com.au.
This is the only time electronetservices.com.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
3 10 103.224.90.151 63956 (INT-5GN-A...)
3 192.229.232.89 15133 (EDGECAST)
11 3
Apex Domain
Subdomains		 Transfer
10 electronetservices.com.au
electronetservices.com.au
196 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2811
44 KB
0 telegram.org Failed
api.telegram.org Failed
11 3
Domain Requested by
10 electronetservices.com.au 3 redirects electronetservices.com.au
3 www.paypalobjects.com electronetservices.com.au
0 api.telegram.org Failed electronetservices.com.au
11 3

This site contains no links.

Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-13 -
2025-06-12		 a year crt.sh

This page contains 1 frames:

Primary Page: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Frame ID: 6F29B2D7B097E50EE87F15AB203E8FC2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

N

Page URL History Show full URLs

  1. https://electronetservices.com.au/dae/join/community/people HTTP 301
    http://electronetservices.com.au/dae/join/community/people/ HTTP 307
    https://electronetservices.com.au/dae/join/community/people/ HTTP 302
    https://electronetservices.com.au/dae/join/community/people/signin.php?enc=382134d0a58b183d4b9099433b7f67f1&p=... HTTP 307
    http://electronetservices.com.au/dae/join/community/people/ HTTP 302
    http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

27 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

239 kB
Transfer

746 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://electronetservices.com.au/dae/join/community/people HTTP 301
    http://electronetservices.com.au/dae/join/community/people/ HTTP 307
    https://electronetservices.com.au/dae/join/community/people/ HTTP 302
    https://electronetservices.com.au/dae/join/community/people/signin.php?enc=382134d0a58b183d4b9099433b7f67f1&p=0&dispatch=6673207efc4bcc7cba9e587d7bd5cb03f69b6683 HTTP 307
    http://electronetservices.com.au/dae/join/community/people/ HTTP 302
    http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin.php
electronetservices.com.au/dae/join/community/people/
Redirect Chain
  • https://electronetservices.com.au/dae/join/community/people
  • http://electronetservices.com.au/dae/join/community/people/
  • https://electronetservices.com.au/dae/join/community/people/
  • https://electronetservices.com.au/dae/join/community/people/signin.php?enc=382134d0a58b183d4b9099433b7f67f1&p=0&dispatch=6673207efc4bcc7cba9e587d7bd5cb03f69b6683
  • http://electronetservices.com.au/dae/join/community/people/
  • http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
00a0b2af1cee82e9bcf400d0b7377fab71f2fa3b2b2b9d68e50b9bed9a7c9677

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Dec 2024 16:14:40 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-NxAccel
BYPASS

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Dec 2024 16:14:37 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
X-Cache-NxAccel
BYPASS
location
signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
contextualLoginElementalUIv2.css
electronetservices.com.au/dae/join/community/people/ 		151 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://electronetservices.com.au/dae/join/community/people/contextualLoginElementalUIv2.css
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335

Response headers

Transfer-Encoding
chunked
X-Cache-NxAccel
HIT
Content-Encoding
gzip
ETag
W/"25c40-60b3adca3e080"
Connection
keep-alive
Date
Sat, 21 Dec 2024 16:14:40 GMT
Last-Modified
Tue, 28 Nov 2023 18:48:18 GMT
Content-Type
text/css
Vary
Accept-Encoding
Server
nginx
AU.png
electronetservices.com.au/dae/join/community/people/X911/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://electronetservices.com.au/dae/join/community/people/X911/AU.png
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
4cfb3a5cfd1cb5736c41aa4318552b1aa7834cd165773356f98ff78354730f04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335

Response headers

X-Cache-NxAccel
HIT
ETag
"66b-5d0e08d741500"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1643
Date
Sat, 21 Dec 2024 16:14:40 GMT
Content-Type
image/png
Last-Modified
Tue, 16 Nov 2021 04:42:28 GMT
Server
nginx
jquery-3.5.1.min.js
electronetservices.com.au/dae/join/community/people/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://electronetservices.com.au/dae/join/community/people/js/jquery-3.5.1.min.js
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335

Response headers

Transfer-Encoding
chunked
X-Cache-NxAccel
HIT
Content-Encoding
gzip
ETag
W/"15d84-5ba0793289100"
Connection
keep-alive
Date
Sat, 21 Dec 2024 16:14:40 GMT
Last-Modified
Fri, 29 Jan 2021 10:36:20 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
nginx
jquery.mask.js
electronetservices.com.au/dae/join/community/people/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://electronetservices.com.au/dae/join/community/people/js/jquery.mask.js
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335

Response headers

Transfer-Encoding
chunked
X-Cache-NxAccel
HIT
Content-Encoding
gzip
ETag
W/"5a88-5a1a224385a00"
Connection
keep-alive
Date
Sat, 21 Dec 2024 16:14:40 GMT
Last-Modified
Tue, 24 Mar 2020 23:30:48 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
nginx
jquery.main.js
electronetservices.com.au/dae/join/community/people/js/ 		437 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://electronetservices.com.au/dae/join/community/people/js/jquery.main.js
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
0697cd4b48bf96c303a25c24d3a7581b873ce34b2edf57b618c5d352e2654797

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335

Response headers

Transfer-Encoding
chunked
X-Cache-NxAccel
HIT
Content-Encoding
gzip
ETag
W/"6d267-616632cf39c00"
Connection
keep-alive
Date
Sat, 21 Dec 2024 16:14:40 GMT
Last-Modified
Thu, 18 Apr 2024 18:31:12 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
nginx
paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 		709 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.232.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7B0) /
Resource Hash
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/

Response headers

paypal-debug-id
23f5d8f7aac4e
content-encoding
br
etag
"66d9ab63-2c5+gzip+br"
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 17:14:40 GMT
traceparent
00-000000000000000000023f5d8f7aac4e-6d80b6fe33f8d2c9-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Sat, 21 Dec 2024 16:14:40 GMT
content-type
image/svg+xml
last-modified
Thu, 05 Sep 2024 13:00:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
422
server
ECAcc (nwa/E7B0)
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.232.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7B4) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
http://electronetservices.com.au
Referer
http://electronetservices.com.au/

Response headers

paypal-debug-id
a0e19f9177c68
etag
"60271cda-6318"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 17:14:40 GMT
traceparent
00-0000000000000000000a0e19f9177c68-685963b460cf3545-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Sat, 21 Dec 2024 16:14:40 GMT
content-type
application/font-woff2
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
25368
server
ECAcc (nwa/E7B4)
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: electronetservices.com.au
URL: http://electronetservices.com.au/dae/join/community/people/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.232.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E799) /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
http://electronetservices.com.au
Referer
http://electronetservices.com.au/

Response headers

paypal-debug-id
981a9ff09e151
etag
"60271cda-484c"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 17:14:40 GMT
traceparent
00-0000000000000000000981a9ff09e151-18f1dd93c2daded7-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Sat, 21 Dec 2024 16:14:40 GMT
content-type
application/font-woff2
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
18508
server
ECAcc (nwa/E799)
sendMessage
api.telegram.org/bot6629111591:AAE4ri_4SAIi7eHl3F1gDfzQXKw_93JXlx8/ 		0
0
favicon.ico
electronetservices.com.au/ 		0
271 B 		Other
General
Check archive.org
Download Go to
Full URL
http://electronetservices.com.au/favicon.ico
Protocol
HTTP/1.1
Server
103.224.90.151 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU),
Reverse DNS
cloudhost-3399847.au-south-1.nxcli.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335

Response headers

X-Cache-NxAccel
STALE
ETag
"0-5dae2de63c36a"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Date
Sat, 21 Dec 2024 16:14:41 GMT
Content-Type
image/vnd.microsoft.icon
Last-Modified
Wed, 23 Mar 2022 13:40:12 GMT
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.telegram.org
URL
https://api.telegram.org/bot6629111591:AAE4ri_4SAIi7eHl3F1gDfzQXKw_93JXlx8/sendMessage?chat_id=-1001814885404&text=Server%20Location:http://electronetservices.com.au/dae/join/community/people/signin.php?enc=3ea0dff64ff4e40842e71a28ef04bf5d&p=0&dispatch=256414f6f911ecf9df0ffd274f11cb336dc10335&_=1734797680348

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _0x51e0 function| _0x5f36 function| _0x18d4c3

1 Cookies

Domain/Path Name / Value
electronetservices.com.au/ Name: PHPSESSID
Value: 0648472fc7cc1e6644c2b5274b555fca