app2.securereturns.com.au Open in urlscan Pro
2406:da1c:3b5:2501::6e:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app2.securereturns.com.au/
Effective URL:
http://app2.securereturns.com.au/auth
Submission Tags: phishing spamreports malicious Search All
Submission: On January 25 via api (January 25th 2021, 6:11:24 am UTC) from BG

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2406:da1c:3b5:2501::6e:1, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is app2.securereturns.com.au.

This is the only time app2.securereturns.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	2406:da1c:3b5... 2406:da1c:3b5:2501::6e:1		16509 (AMAZON-02) (AMAZON-02)
11	1

12 2406:da1c:3b5:2501::6e:1 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)

app2.securereturns.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	securereturns.com.au 1 redirects app2.securereturns.com.au	159 KB
11	1

	Domain	Requested by
12	app2.securereturns.com.au	1 redirects app2.securereturns.com.au
11	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://app2.securereturns.com.au/auth
Frame ID: 098DB22E47E955C4ADAD0A55E81A4D64
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://app2.securereturns.com.au/ HTTP 302
http://app2.securereturns.com.au/auth Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

159 kB
Transfer

156 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app2.securereturns.com.au/ HTTP 302
http://app2.securereturns.com.au/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set auth Show response app2.securereturns.com.au/ Redirect Chain http://app2.securereturns.com.au/ http://app2.securereturns.com.au/auth	4 KB 5 KB	317ms 316ms	Document text/html	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.6.30 Resource Hash `c8c8c3cd8cf839050dd3e1f76b4f2f53792c3045c6ddc871a9459f2aec20e75d` Request headers Host app2.securereturns.com.au Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie PHPSESSID=t80vji8qvhnl2v0qjrgj7b4q47 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 4555 Content-Type text/html; charset=UTF-8 Date Mon, 25 Jan 2021 06:11:03 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache/2.2.15 (CentOS) Set-Cookie PHPSESSID=ujfh68btd95kl7dodd724c8of6; path=/ X-Powered-By PHP/5.6.30 Redirect headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 0 Content-Location /auth Content-Type text/html; charset=UTF-8 Date Mon, 25 Jan 2021 06:11:03 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Location /auth Pragma no-cache Request-Uri /auth Server Apache/2.2.15 (CentOS) Set-Cookie PHPSESSID=4mesvinpu1gb1ifqd22522gm82; path=/ PHPSESSID=t80vji8qvhnl2v0qjrgj7b4q47; path=/ X-Powered-By PHP/5.6.30
GET H/1.1	200 OK	global.js Show response app2.securereturns.com.au/js/	5 KB 6 KB	580ms 298ms	Script text/javascript	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://app2.securereturns.com.au/js/global.js Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `76221fce74e9f09638d2392c3f21fca45baf2d79ce585f275d0c7fb44d242703` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:04 GMT Last-Modified Tue, 16 May 2017 13:03:32 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0990-15a3-54fa3cc74d91c" Content-Length 5539 Content-Type text/javascript
GET H/1.1	200 OK	jquery-1.5.1.min.js Show response app2.securereturns.com.au/js/jquery/	83 KB 84 KB	623ms 340ms	Script text/javascript	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://app2.securereturns.com.au/js/jquery/jquery-1.5.1.min.js Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:04 GMT Last-Modified Tue, 16 May 2017 13:03:31 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0652-14d0c-54fa3cc676b9c" Content-Length 85260 Content-Type text/javascript
GET H/1.1	200 OK	sha1.js Show response app2.securereturns.com.au/js/	5 KB 6 KB	595ms 312ms	Script text/javascript	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://app2.securereturns.com.au/js/sha1.js Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `c27a2b75d3b88f9722abcacc50e3a4b34753d6d2fb7308556990f04fcf84ea9c` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:04 GMT Last-Modified Tue, 16 May 2017 13:03:32 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a098f-15a3-54fa3cc74d91c" Content-Length 5539 Content-Type text/javascript
GET H/1.1	200 OK	jquery-ui-1.8.custom.css app2.securereturns.com.au/js/jqueryui/css/custom-flick/	30 KB 30 KB	318ms 317ms	Stylesheet text/css	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://app2.securereturns.com.au/js/jqueryui/css/custom-flick/jquery-ui-1.8.custom.css Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `2045adaa31ba42a27924e0409b54fd302b88c6e8d767c359fe355cfac6cd4369` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:04 GMT Last-Modified Tue, 16 May 2017 13:03:31 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0613-7879-54fa3cc663704" Content-Length 30841 Content-Type text/css
GET H/1.1	200 OK	carbon.css app2.securereturns.com.au/img/	21 KB 21 KB	304ms 303ms	Stylesheet text/css	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://app2.securereturns.com.au/img/carbon.css Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `94b3b9b36fe640670d81d0efe667060765327159f91204c70de2182fe16140d8` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:04 GMT Last-Modified Thu, 18 May 2017 03:31:01 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "80db0-544c-54fc408b6d0d9" Content-Length 21580 Content-Type text/css
GET H/1.1	200 OK	logo-small.png app2.securereturns.com.au/img/	6 KB 6 KB	300ms 300ms	Image image/png	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://app2.securereturns.com.au/img/logo-small.png Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `1625ba8102c94b1fff189afc46bdf52ec3cb1945f181ef35aacbedc33167e6c7` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:04 GMT Last-Modified Tue, 16 May 2017 13:03:30 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "80f61-1880-54fa3cc5e14fc" Content-Length 6272 Content-Type image/png
GET H/1.1	200 OK	box_tl.gif app2.securereturns.com.au/img/box/	99 B 332 B	301ms 300ms	Image image/gif	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://app2.securereturns.com.au/img/box/box_tl.gif Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `9beb1bbd0e5cb6e054e23798f4a29d0e4dd6af535c7ac54a36ffe94899fb9621` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:05 GMT Last-Modified Tue, 16 May 2017 13:03:30 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0507-63-54fa3cc5da3b4" Content-Length 99 Content-Type image/gif
GET H/1.1	200 OK	box_tr.gif app2.securereturns.com.au/img/box/	98 B 331 B	300ms 299ms	Image image/gif	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://app2.securereturns.com.au/img/box/box_tr.gif Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `ab10098c0499d2ba702c6a84cc7d719d16fbd402a0f8fab03a76f8a4510645f9` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:05 GMT Last-Modified Tue, 16 May 2017 13:03:30 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0509-62-54fa3cc5da79c" Content-Length 98 Content-Type image/gif
GET H/1.1	200 OK	box_bl.gif app2.securereturns.com.au/img/box/	90 B 323 B	304ms 303ms	Image image/gif	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://app2.securereturns.com.au/img/box/box_bl.gif Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `9d4ab6bf9a54f5ade4a12909b93fe6b77b892f8359f681800411f3aaf61722fb` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:05 GMT Last-Modified Tue, 16 May 2017 13:03:30 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0506-5a-54fa3cc5da3b4" Content-Length 90 Content-Type image/gif
GET H/1.1	200 OK	box_br.gif app2.securereturns.com.au/img/box/	90 B 323 B	304ms 303ms	Image image/gif	2406:da1c:3b5:2501::6e:1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://app2.securereturns.com.au/img/box/box_br.gif Requested by Host: app2.securereturns.com.au URL: http://app2.securereturns.com.au/auth Protocol HTTP/1.1 Server 2406:da1c:3b5:2501::6e:1 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `46ddfda9a632599e7caaa06885eec199388f69439c6d14530562667152941591` Request headers Referer http://app2.securereturns.com.au/auth User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 06:11:05 GMT Last-Modified Tue, 16 May 2017 13:03:30 GMT Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Etag "a0508-5a-54fa3cc5da79c" Content-Length 90 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app2.securereturns.com.au/	1969-12-31 23:59:59	Name: PHPSESSID Value: ujfh68btd95kl7dodd724c8of6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app2.securereturns.com.au
2406:da1c:3b5:2501::6e:1
1625ba8102c94b1fff189afc46bdf52ec3cb1945f181ef35aacbedc33167e6c7
2045adaa31ba42a27924e0409b54fd302b88c6e8d767c359fe355cfac6cd4369
46ddfda9a632599e7caaa06885eec199388f69439c6d14530562667152941591
76221fce74e9f09638d2392c3f21fca45baf2d79ce585f275d0c7fb44d242703
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
94b3b9b36fe640670d81d0efe667060765327159f91204c70de2182fe16140d8
9beb1bbd0e5cb6e054e23798f4a29d0e4dd6af535c7ac54a36ffe94899fb9621
9d4ab6bf9a54f5ade4a12909b93fe6b77b892f8359f681800411f3aaf61722fb
ab10098c0499d2ba702c6a84cc7d719d16fbd402a0f8fab03a76f8a4510645f9
c27a2b75d3b88f9722abcacc50e3a4b34753d6d2fb7308556990f04fcf84ea9c
c8c8c3cd8cf839050dd3e1f76b4f2f53792c3045c6ddc871a9459f2aec20e75d

app2.securereturns.com.au Open in urlscan Pro 2406:da1c:3b5:2501::6e:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

159 kBTransfer

156 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

1 Cookies

Indicators

app2.securereturns.com.au Open in urlscan Pro
2406:da1c:3b5:2501::6e:1 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

159 kB
Transfer

156 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions