urlscan.io logo urlscan.io
SecurityTrails logo

authrefundpg.top Open in urlscan Pro
104.21.67.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://authrefundpg.top/
Effective URL: https://authrefundpg.top/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 06 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 104.21.67.28, located in and belongs to CLOUDFLARENET, US. The main domain is authrefundpg.top.
TLS certificate: Issued by E1 on December 5th 2023. Valid for: 3 months.
This is the only time authrefundpg.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.211.149 13335 (CLOUDFLAR...)
2 9 104.21.67.28 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
10 authrefundpg.top
authrefundpg.top
20 KB
7 1
Domain Requested by
10 authrefundpg.top 3 redirects authrefundpg.top
7 1

This site contains no links.

Subject Issuer Validity Valid
authrefundpg.top
E1		 2023-12-05 -
2024-03-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://authrefundpg.top/
Frame ID: 5B3D8C2CA0CB370311D60BD28B8AB751
Requests: 3 HTTP requests in this frame

Frame: https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 42CD375209C8DCD1CF151FA25754AE87
Requests: 2 HTTP requests in this frame

Frame: https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 1293AE8751E239593D042D359C2AFD06
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://authrefundpg.top/ HTTP 301
    https://authrefundpg.top/ Page URL
  2. https://authrefundpg.top/ Page URL

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

2
Countries

19 kB
Transfer

23 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://authrefundpg.top/ HTTP 301
    https://authrefundpg.top/ Page URL
  2. https://authrefundpg.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://authrefundpg.top/ HTTP 301
  • https://authrefundpg.top/
Request Chain 2
  • https://authrefundpg.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Request Chain 4
  • https://authrefundpg.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
authrefundpg.top/
Redirect Chain
  • http://authrefundpg.top/
  • https://authrefundpg.top/
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64cf505f0fd9bc30e27fa73293171ae0ea3aa8276ce30e9915d47943cc20dbd9
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
831111261b954c54-MXP
content-type
text/html; charset=utf-8
date
Wed, 06 Dec 2023 02:23:27 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQXc3Odg%2BxcqAtrTmAJrnuKp71EeT2CIwj8kGjRqeoHqhIEookwp74PvoU9XV8kxoIxnZJzt7VIeRHMdz2N4mn%2BeG6FrvEWD%2FSKSELha0EvhnKvRi9qTG%2FdEtqfNPgxUNvwM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

CF-RAY
83111125699d0cf5-MRS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 06 Dec 2023 02:23:27 GMT
Expires
Wed, 06 Dec 2023 03:23:27 GMT
Location
https://authrefundpg.top/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEbqAiPdcHYIxuinRNG1vSZ81TtT0GaegGymCkk%2FRmkv0VJRysOCzp0yRFKGTwrkeHJCpB%2BV%2BVZlzlkx%2BqrrWdoKcCbYTE9RXmWG15JwkaBAL0YR8WTxQd5GlmDFMfRQEp3W"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
authrefundpg.top/ 		0
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/
Requested by
Host: authrefundpg.top
URL: https://authrefundpg.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
6Hxmv8DWLFrYhkNpYeareRrvzPA
25353228
accept-language
it-IT,it;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
7GMfkzR343w2t1wVJhkbRSOX3Iw
5vMK1sJgrPHKgwHNwXvrIDwfeEk
Referer
https://authrefundpg.top/
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 02:23:27 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ1xDCZKusyDGXzvOGs2L1mJhLM5rfoaM3blz8RmS0ZViUxJJWxNhUKtzeVHKyZQN%2BqSblp%2FJJz8FbGiw9cqFkCTS8yDyiu7muwf0q2t2KTTIK83Uc3dzRe7j%2BLM6TZKNavM"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
831111275be24c54-MXP
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 42CD
Redirect Chain
  • https://authrefundpg.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Protocol
H2
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be37f136ac583119a7faf24b0ec0a63ba655bd728f98ecb5430831e0aaf72780
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 02:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9Bih8rYK0dWdSzrsnjceIf7%2BPt7jAOUbozA2WTcKUaGxa0gSy0fI4tLHg1mYknvGcyPlMJEkbeEJjqsKRr0jdqwJY2j5SRoClgCUR%2Bv7T9AKKvIq%2BNZwrfs6qDg4N%2BoGlux"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
831111279bfe4c54-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 06 Dec 2023 02:23:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChNTDXKxGhIdK3Qc01Kb0Tc7o52hyXXZtMNKgEe0b%2FdyRPe4DqLJGMmkMAT7GqrlD0Pyxatpg%2Fqbed9TNEvsBHAZR37tZSilVCq%2FYJvLu%2FcAZL9%2FKWEcfcykzhcEpPL8pdMT"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
831111275bea4c54-MXP
alt-svc
h3=":443"; ma=86400
831111261b954c54
authrefundpg.top/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 42CD 		0
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/jsd/r/831111261b954c54
Requested by
Host: authrefundpg.top
URL: https://authrefundpg.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 02:23:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GetpjnJbI0nq0QfA9TBnmIVt7opmZsmD8MEBd0X50jMkKhwdvQbITmf4yYiZPUS2pLaMnRuKI1XXoAerM7PhBvfUSmRVDQvvpvzbYaJTgJfxxWh4OyEuWFf3gGSSvpA8M%2BZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
831111284c5fba80-MXP
alt-svc
h3=":443"; ma=86400
Primary Request /
authrefundpg.top/ 		2 KB
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/
Requested by
Host: authrefundpg.top
URL: https://authrefundpg.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047650b1dea7733f611c37399832a5d3065115fe84c235340e12868226fbcc5c
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://authrefundpg.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831111284c61ba80-MXP
content-encoding
br
content-type
text/html
date
Wed, 06 Dec 2023 02:23:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn2BC8TgV9%2FqvY22zTqnN9yBXpBgza7JTKTzv0TrpMX5DZBMTrZV4WBhJ8txz%2BODUA9RiRh2y8o%2FKBxcfneImGhiYxp%2F1OIYMrJo1GO5CiHF9KVCQySQd59iniy94lO9Hkzj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 1293
Redirect Chain
  • https://authrefundpg.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Protocol
H3
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2baea43416c6363aa4def1bd0f520fd162cfb415b4cb5b10f345c36f46edf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 02:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH9Nzs1DQGvWRisvzX8vvI50a1Gs%2F7gXarhZK1wIBI%2FZH7i9rWZzbG3WbAbxiMKubmG250oY99W2BN5ELTEfRuVC92tnpfOhhHW7QLUYSUHWKd8BPKIzPALW5C3B0u46OHqx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
831111299cf8ba80-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 06 Dec 2023 02:23:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08F90Tn0aZwL%2F3w7qs%2Fdwz21WXN9jd9i9xnKPia14IYbm7MLeHSWM89V8bc68hrrIB86X%2B3AHRVeqbYk5sA8F30VdLAVJ%2FGos9hXjkSBRxqrPjceoozpAVtyzo6OChXI3CN5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control
max-age=300, public
cf-ray
831111295ce8ba80-MXP
alt-svc
h3=":443"; ma=86400
831111284c61ba80
authrefundpg.top/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1293 		0
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authrefundpg.top/cdn-cgi/challenge-platform/h/b/jsd/r/831111284c61ba80
Requested by
Host: authrefundpg.top
URL: https://authrefundpg.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 02:23:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgD9Cur7%2B3rfDqEyCwGEzm9HY6gPKI58%2BD1IXmQfVC8gyU%2F5He3yN3dB%2BAu6qJtcGNS7kYmPMHmnS75w%2F6Ri5zufoYvAXWcC6%2B3fJNEiYp2uMOQ08%2B0cbMGw%2BRrjgcAHZh%2B9"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8311112a2d36ba80-MXP
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

12 Cookies

Domain/Path Name / Value
authrefundpg.top/ Name: n3Ah0P3i5EyZPsnk58oA5ceIiKU
Value: 2QtXF6RoXLtuzKoPa40Tyh07yKM
authrefundpg.top/ Name: wXbOgbg5OQL4kM0qqWJXwS_9PKE
Value: 1701829407
authrefundpg.top/ Name: RMD25JIL-rzkc04WyUVKH4DTxl4
Value: 1701915807
authrefundpg.top/ Name: 0k0v9BzRcYzP1oatKgIpvBoOmH8
Value: -enTOwBuAHgaxQk26nYiLvA2w6Y
authrefundpg.top/ Name: n3Un18aKPZJbnQH9jpzluCP_9v8
Value: 8a2lA0XQgMIeGQCi9tcSZtkPfPM
authrefundpg.top/ Name: rq2T07f_v9U8QNWL3Gs1Q9pa1pk
Value: c_ZCXBTyAhdKYlUZz7Pqwq991QQ
authrefundpg.top/ Name: bnHNgrFFY0Y6XTARLNW74J7OOY4
Value: bw6ZSbLiLI6_9Sefpw81UfleVgY
authrefundpg.top/ Name: 301Owct_H8tm6KcUkpvNJqwohnU
Value: 1701829407
authrefundpg.top/ Name: 0krgwRRYzNo3Q14vrylPo82zH0Y
Value: 1701915807
authrefundpg.top/ Name: Wk0kUJIS7aXb_TXAAQ9i8JgSpos
Value: kXpWTK2DGTpx2Zgzd0bZTl6oIQg
authrefundpg.top/ Name: KhWeA8M18w9djV-M_pB6FXjrTqg
Value: b0hZCyd-MGS8OuynQndUd0LKrFc
.authrefundpg.top/ Name: cf_clearance
Value: M06WvnPT8N9Wb2a9ZIWE2w5t2sjIgrfPZGyn2Qrxco8-1701829408-0-1-d59c1a1b.91be9afd.c615599c-0.2.1701829408

2 Console Messages

Source Level URL
Text
network error URL: https://authrefundpg.top/
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://authrefundpg.top/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block