urlscan.io logo urlscan.io
SecurityTrails logo

yhsll3.ga Open in urlscan Pro
104.31.70.219  Public Scan

Go To Rescan Add Verdict Report
URL: https://yhsll3.ga/owa
Submission: On May 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 104.31.70.219, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is yhsll3.ga.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 11th 2018. Valid for: a year.
This is the only time yhsll3.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.31.70.219 13335 (CLOUDFLAR...)
12 2
Apex Domain
Subdomains		 Transfer
3 yhsll3.ga
yhsll3.ga
29 KB
0 gstatic.com Failed
fonts.gstatic.com Failed
12 2
Domain Requested by
3 yhsll3.ga yhsll3.ga
0 fonts.gstatic.com Failed
12 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-05-11 -
2019-05-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://yhsll3.ga/owa
Frame ID: 37335522514FF2BEDEE82DE41A55E267
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

12
Requests

25 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

29 kB
Transfer

140 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request owa
yhsll3.ga/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yhsll3.ga/owa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.70.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27bd1fc1c027ffe8ae538426f761d1bdfc95f8848763590e5881927e777b026

Request headers

:method
GET
:authority
yhsll3.ga
:scheme
https
:path
/owa
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
37335522514FF2BEDEE82DE41A55E267

Response headers

status
200
date
Tue, 29 May 2018 15:39:59 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df45409da885196d6fcbdcbfcc2aa97d81527608398; expires=Wed, 29-May-19 15:39:58 GMT; path=/; domain=.yhsll3.ga; HttpOnly; Secure
vary
Accept-Encoding negotiate
content-location
owa.php
tcn
choice
cache-control
max-age=0
expires
Tue, 29 May 2018 15:41:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
422a0e8c8bc56385-FRA
content-encoding
gzip
bootstrap.css
yhsll3.ga/index102_files/ 		133 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yhsll3.ga/index102_files/bootstrap.css
Requested by
Host: yhsll3.ga
URL: https://yhsll3.ga/owa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.70.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56422fe4238eaaee93e9a4603eb326610d47905adb5501505d4ef66df6227b64

Request headers

:path
/index102_files/bootstrap.css
pragma
no-cache
cookie
__cfduid=df45409da885196d6fcbdcbfcc2aa97d81527608398
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
yhsll3.ga
referer
https://yhsll3.ga/owa
:scheme
https
:method
GET
Referer
https://yhsll3.ga/owa
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 29 May 2018 15:39:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 11 May 2018 11:45:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
cf-ray
422a0e8efd426385-FRA
expires
Thu, 28 Jun 2018 15:39:59 GMT
css
yhsll3.ga/index102_files/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yhsll3.ga/index102_files/css
Requested by
Host: yhsll3.ga
URL: https://yhsll3.ga/owa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.70.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08793fc013c4dfa37a33c0d93dca337c30ab8613365cb2e8c0d7524fd220168

Request headers

:path
/index102_files/css
pragma
no-cache
cookie
__cfduid=df45409da885196d6fcbdcbfcc2aa97d81527608398
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
yhsll3.ga
referer
https://yhsll3.ga/owa
:scheme
https
:method
GET
Referer
https://yhsll3.ga/owa
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 29 May 2018 15:39:59 GMT
last-modified
Fri, 11 May 2018 11:45:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
cache-control
max-age=0
accept-ranges
bytes
cf-ray
422a0e8efd436385-FRA
expires
Tue, 29 May 2018 15:41:12 GMT
css3
yhsll3.ga/compass/ 		0
0
/
yhsll3.ga/ 		0
0
K88pR3goAWT7BTt32Z01mxJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0
RjgO7rYTmqiVp7vzi-Q5URJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0
LWCjsQkB6EMdfHrEVqA1KRJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0
xozscpT2726on7jbcb_pAhJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0
59ZRklaO5bWGqF5A9baEERJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0
u-WUoqrET9fUeobQW7jkRRJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v14/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yhsll3.ga
URL
https://yhsll3.ga/compass/css3
Domain
yhsll3.ga
URL
http://yhsll3.ga/
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/K88pR3goAWT7BTt32Z01mxJtnKITppOI_IvcXXDNrsc.woff2
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/RjgO7rYTmqiVp7vzi-Q5URJtnKITppOI_IvcXXDNrsc.woff2
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/LWCjsQkB6EMdfHrEVqA1KRJtnKITppOI_IvcXXDNrsc.woff2
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/xozscpT2726on7jbcb_pAhJtnKITppOI_IvcXXDNrsc.woff2
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/59ZRklaO5bWGqF5A9baEERJtnKITppOI_IvcXXDNrsc.woff2
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/u-WUoqrET9fUeobQW7jkRRJtnKITppOI_IvcXXDNrsc.woff2
Domain
fonts.gstatic.com
URL
http://fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.yhsll3.ga/ Name: __cfduid
Value: df45409da885196d6fcbdcbfcc2aa97d81527608398

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
yhsll3.ga
fonts.gstatic.com
yhsll3.ga
104.31.70.219
56422fe4238eaaee93e9a4603eb326610d47905adb5501505d4ef66df6227b64
e08793fc013c4dfa37a33c0d93dca337c30ab8613365cb2e8c0d7524fd220168
f27bd1fc1c027ffe8ae538426f761d1bdfc95f8848763590e5881927e777b026