urlscan.io logo urlscan.io
SecurityTrails logo

aureturnloginplan.info Open in urlscan Pro
104.21.83.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aureturnloginplan.info/auclaims
Effective URL: https://aureturnloginplan.info/auclaims
Submission: On November 23 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 104.21.83.183, located in and belongs to CLOUDFLARENET, US. The main domain is aureturnloginplan.info.
TLS certificate: Issued by GTS CA 1P5 on November 22nd 2023. Valid for: 3 months.
This is the only time aureturnloginplan.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 10 104.21.83.183 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
10 aureturnloginplan.info
aureturnloginplan.info
19 KB
7 1
Domain Requested by
10 aureturnloginplan.info 3 redirects aureturnloginplan.info
7 1

This site contains no links.

Subject Issuer Validity Valid
aureturnloginplan.info
GTS CA 1P5		 2023-11-22 -
2024-02-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://aureturnloginplan.info/auclaims
Frame ID: 496805E72F2860C4F8C0044C6924986C
Requests: 3 HTTP requests in this frame

Frame: https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 8566F38DE4D263B373A9D8DA2A50BB72
Requests: 2 HTTP requests in this frame

Frame: https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 3AD1A6B676B7D60750484A9F2D4DCB2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://aureturnloginplan.info/auclaims HTTP 301
    https://aureturnloginplan.info/auclaims Page URL
  2. https://aureturnloginplan.info/auclaims Page URL

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

18 kB
Transfer

22 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aureturnloginplan.info/auclaims HTTP 301
    https://aureturnloginplan.info/auclaims Page URL
  2. https://aureturnloginplan.info/auclaims Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://aureturnloginplan.info/auclaims HTTP 301
  • https://aureturnloginplan.info/auclaims
Request Chain 2
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 4
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
auclaims
aureturnloginplan.info/
Redirect Chain
  • http://aureturnloginplan.info/auclaims
  • https://aureturnloginplan.info/auclaims
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/auclaims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02873d2f82a46a9399fa124db0113578ca7488e61fd812ecd0c53c9ab60cad7f
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
82a6ed21a92f2996-MEL
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 05:14:02 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivrfOT%2FQ%2BTttvbRqyC4HltKmcXDilc%2FmuScO2YlTF1s9DEBcY8B6a7hG1gx7Z8OkkgJjI49Y63eW2xi%2F9dyoiXvk%2Fx0fujQ1i0piuCXjBk8nRaRxp14P6IdPv2xrb0b%2BQmvlRPJyru%2FZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

CF-RAY
82a6ed1ffa0a2997-MEL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 23 Nov 2023 05:14:01 GMT
Expires
Thu, 23 Nov 2023 06:14:01 GMT
Location
https://aureturnloginplan.info/auclaims
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmsF3epeAHR4%2F5Oxh6wNeGT63joRm%2B4xteD01eDxbw6eMGiPEcGRwQycLT%2Flhw%2Fl8SQZPlVETqtUmfVGfY55PgWbBwYGW5sS56O0INumNyk1qwZf4wYcBHq83QSoDD6u8wVn36XTelZU"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
auclaims
aureturnloginplan.info/ 		0
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/auclaims
Requested by
Host: aureturnloginplan.info
URL: https://aureturnloginplan.info/auclaims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
en-AU,en;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
uDwJY5pV1p1i7hXeh4ML1Y7J0
npC8mfqzEB9j9DCUaxrLZGccjY
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Referer
https://aureturnloginplan.info/auclaims
HNe1kzPtmwaZQX4i6hPi7gE-EQU
42343145
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 05:14:02 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYNJsGV05pyDhacgl%2FNdQlCO6U3iaPAfKOSDGmAVnvgrz4Czmtk8l6ksF0m2Q4hgwdNmj4IqFJwiAW8z7ERD243p1yoiZPsN%2FxVCHfFAlRf2%2BM0BMer3z82F6GHow05t%2Ffk42li%2FIOrj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
82a6ed267fbd2996-MEL
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 8566
Redirect Chain
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H2
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337f6c66d8a0307db6995cc7f5eb7629c598e3779e1881f6583811688fc348fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:14:02 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b3vUYiBU1%2Bz0AsQ3jfg9I888RK3fvhMmwbwn57GLmP7%2B8QxJEExEzLR0vWS59wKnNzsXWihU2TAieuJxPX9NpBYVyUMs7TQDRkNzK8U%2B%2BAiNQRh8enQb4MpevW088EIF8XFcotYRHVV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82a6ed2728952996-MEL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 05:14:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VJLqUfww1ujDFsDjl8jkyYhbhhzkQBRzJ0gqtlfex9y42twsJAnSAgB12J07uVj4809nmR4eV%2FWyQDq%2FQJFw54SpNkqZLMNBixQ2GqdI0yl9r%2F2NQ%2FrBEU5sWZiw1g7JqvTvei8q50s"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
82a6ed269fdd2996-MEL
alt-svc
h3=":443"; ma=86400
82a6ed21a92f2996
aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8566 		0
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/jsd/r/82a6ed21a92f2996
Requested by
Host: aureturnloginplan.info
URL: https://aureturnloginplan.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 05:14:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9nv9CGkN57kRY5DMheCOT%2ByijMu86oEcvevZf4SpdL0ouugti48o0OaJ4zOXj%2FI%2BwxU3FxiXAxIQhkHqMd2AUoFza57Z6KCxXE3HaFVSxI1PTRHQDsm52gWrT8RZmRzLLzdbA5py1pu"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82a6ed28a91229af-MEL
alt-svc
h3=":443"; ma=86400
Primary Request auclaims
aureturnloginplan.info/ 		2 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/auclaims
Requested by
Host: aureturnloginplan.info
URL: https://aureturnloginplan.info/auclaims
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6caafb64811d1d479c7e35b02553546e6542e343a61c1787427bfb11518591
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://aureturnloginplan.info/auclaims
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82a6ed2919a029af-MEL
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 05:14:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BNFwzjAnFBePw26ep8F04sCSmKQjY8xPTkSY%2BukbsQZ6cNsCxhj1nugnI89ziY5IzUXnYBCQWG7hGFAL4VfhxKDWH1l2cR%2BI19Q8M628tWhzuWPCjOUwGjPTSsob7FGxmP93EZlRabM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 3AD1
Redirect Chain
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H3
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f6bd90572c856bee6d7b09358812f47dbdc5e18b7395b1b289cd1194b775fe8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfAfnp92WRsCIFIeVzFFlda50Ko9cp7UXu1W5YRgZTuuP%2B1rIB9qZOHWTX7dpZkIriefrWEmarssMRQxukjmJ4LoL6cPl6GGKTpr3dy8fY6YVw%2FHXsf8uOyv7efZDH8kcAdKaTdq%2Fi7D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82a6ed2e79c529af-MEL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 05:14:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4t0xMMpknujO9Ah2Da%2FmTCUb%2Bx3hB6s61l0qCBxuosxHYAc2z7LwbEcnynwD5FPrg%2BNRrq0xGo8v1tKJsijoWpkUkiohgLjLusOEQ7BookWInGsbS3%2BqXryn4rXLvfVFqrqw1ch9%2FTw"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
82a6ed2dd8ef29af-MEL
alt-svc
h3=":443"; ma=86400
82a6ed2919a029af
aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3AD1 		0
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aureturnloginplan.info/cdn-cgi/challenge-platform/h/g/jsd/r/82a6ed2919a029af
Requested by
Host: aureturnloginplan.info
URL: https://aureturnloginplan.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 05:14:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFOn3nwId2%2Bws7NQrAy2SDKjlgj8WzY7XN45SnAhKeEuM2zmGSbrf7QRxkJUx%2FG0utxPG3dzLoUacaqkEdp%2F%2B3sJECnqh%2BRLprgKXFaPuA0ZU%2BI%2BlfdOK3EDUOpOnKrg9e87lL13KpI4"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82a6ed2feba329af-MEL
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

11 Cookies

Domain/Path Name / Value
aureturnloginplan.info/ Name: k9RFfemK5bw9ZGra85eIeJXdLB4
Value: iaE9udGoo05LgaJlZvrcIPdPNHI
aureturnloginplan.info/ Name: fbiCb7YFPO8zyYPwJvLXhXIlHv0
Value: 1700716438
aureturnloginplan.info/ Name: zK6AjcXAMMamfC9wDnrNR1RDs9o
Value: 1700802838
aureturnloginplan.info/ Name: 0bKmNYQj2Mi8NOUuK4SUTNjjDpk
Value: MXZ-tKGkaMcLZbfWMjhUXO5abDc
aureturnloginplan.info/ Name: CeqLUAiiEITLslDno5NzpsiFmTg
Value: uUA6vI63CxGN_IpcSmf0jRY21EI
aureturnloginplan.info/ Name: zbVxVDcmc2SvnlBYEQhFXEBiVvE
Value: oZBJS2s6bHkLWB_KhlUn5dfYruY
aureturnloginplan.info/ Name: _2A2ReFAyNOz-7SqN9HSzM7looE
Value: 1700716442
aureturnloginplan.info/ Name: bAT9WI1bxEgqWh3zIwFLyWycGPc
Value: 1700802842
aureturnloginplan.info/ Name: MPV2Ok6sbj8hNoA2AQOkc9GoMig
Value: ByDaZ1aGrBFPDKGLh3Xon_F-Pd4
aureturnloginplan.info/ Name: CTwZmshwkqFDGGF_X7d1XGRVWsM
Value: 07lSGaYgHnp7wfF-9DHvaLgbAeo
.aureturnloginplan.info/ Name: cf_clearance
Value: wcznKK8J7SHMgWPnZJgxpXduC4gV1RDYoiROJ6V1QTE-1700716444-0-1-2c05d9b0.d043795e.e245b75a-0.2.1700716444

2 Console Messages

Source Level URL
Text
network error URL: https://aureturnloginplan.info/auclaims
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://aureturnloginplan.info/auclaims
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block