urlscan.io logo urlscan.io
SecurityTrails logo

mail.aol.com Open in urlscan Pro
87.248.118.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mail.aol.com/webmail-std/en-us
Effective URL: https://mail.aol.com/webmail-std/en-us?guccounter=1
Submission: On May 01 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 2 HTTP transactions. The main IP is 87.248.118.22, located in United Kingdom and belongs to YAHOO-DEB, DE. The main domain is mail.aol.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 19th 2018. Valid for: 6 months.
This is the only time mail.aol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 87.248.118.22 203220 (YAHOO-DEB)
1 1 52.18.108.1 16509 (AMAZON-02)
2 1
Apex Domain
Subdomains		 Transfer
4 aol.com
mail.aol.com
guce.aol.com
152 KB
2 1
Domain Requested by
3 mail.aol.com 1 redirects mail.aol.com
1 guce.aol.com 1 redirects
2 2

This site contains links to these domains. Also see Links.

Domain
help.aol.com
Subject Issuer Validity Valid
*.ycpi.mail.aol.com
DigiCert SHA2 High Assurance Server CA		 2018-01-19 -
2018-07-20		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://mail.aol.com/webmail-std/en-us?guccounter=1
Frame ID: 7A442C27517115EB7210775F9521D134
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mail.aol.com/webmail-std/en-us HTTP 307
    https://guce.aol.com/consent?brandType=nonEu&gcrumb=TawCzM4&done=https%3A%2F%2Fmail.aol.com%2Fweb... HTTP 302
    https://mail.aol.com/webmail-std/en-us?guccounter=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /ATS\/?([\d.]+)?/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

151 kB
Transfer

152 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.aol.com/webmail-std/en-us HTTP 307
    https://guce.aol.com/consent?brandType=nonEu&gcrumb=TawCzM4&done=https%3A%2F%2Fmail.aol.com%2Fwebmail-std%2Fen-us HTTP 302
    https://mail.aol.com/webmail-std/en-us?guccounter=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en-us
mail.aol.com/webmail-std/
Redirect Chain
  • https://mail.aol.com/webmail-std/en-us
  • https://guce.aol.com/consent?brandType=nonEu&gcrumb=TawCzM4&done=https%3A%2F%2Fmail.aol.com%2Fwebmail-std%2Fen-us
  • https://mail.aol.com/webmail-std/en-us?guccounter=1
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.aol.com/webmail-std/en-us?guccounter=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.248.118.22 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
3b15936cf3a8edd002bab8e118bc582c8bd0884981d36c730b37536fe99909b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:path
/webmail-std/en-us?guccounter=1
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
mail.aol.com
cookie
GUCS=AU2sAszO; GUC=AQABAQBa6KNa6UIh7wSO&s=AQAAACYgzWVZ&g=WuiVKg; BX=5hpjgltdeh590&b=3&s=as
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Tue, 01 May 2018 16:26:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0
status
200
x-aol-snh
d22ab6f8b08d5c1671a3764464b04a46
content-length
1695
x-ua-compatible
IE=edge
pragma
no-cache
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-language
en-US
via
https/1.1 e19.ycpi.deb.yahoo.com (ApacheTrafficServer [cMsSf ])
cache-control
no-cache no-store
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
set-cookie
wmsid=F1716F359D91DCB432FB6E62DEC8ACF4; Path=/; HttpOnly L7Id=LrrLLTfcclCr0qtf8rModg__; Domain=.mail.aol.com; Path=/
content-type
text/html;charset=UTF-8
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://mail.aol.com/webmail-std/en-us?guccounter=1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Server
guce
Set-Cookie
GUC=AQABAQBa6KNa6UIh7wSO&s=AQAAACYgzWVZ&g=WuiVKg; Expires=Wed, 2 May 2018 16:26:08 GMT; Domain=aol.com; Path=/; Secure BX=5hpjgltdeh590&b=3&s=as; path=/; domain=aol.com; Expires=Wed, 1 May 2019 16:26:08 GMT
Date
Tue, 01 May 2018 16:26:08 GMT
Content-Length
0
blerk_robot.jpg
mail.aol.com/webmail/img/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.aol.com/webmail/img/blerk_robot.jpg
Requested by
Host: mail.aol.com
URL: https://mail.aol.com/webmail-std/en-us?guccounter=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.248.118.22 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
733d378042bd209261c731700c9d19a878f829167d3352759840cbf387328273
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:path
/webmail/img/blerk_robot.jpg
pragma
no-cache
cookie
GUCS=AU2sAszO; GUC=AQABAQBa6KNa6UIh7wSO&s=AQAAACYgzWVZ&g=WuiVKg; BX=5hpjgltdeh590&b=3&s=as; wmsid=F1716F359D91DCB432FB6E62DEC8ACF4; L7Id=LrrLLTfcclCr0qtf8rModg__
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mail.aol.com
referer
https://mail.aol.com/webmail-std/en-us?guccounter=1
:scheme
https
:method
GET
Referer
https://mail.aol.com/webmail-std/en-us?guccounter=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Tue, 01 May 2018 16:26:09 GMT
via
https/1.1 e19.ycpi.deb.yahoo.com (ApacheTrafficServer [cMsSf ])
age
1
status
200
x-aol-snh
0e17846df2ebc4cf2490dab3762946d8
content-length
151869
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Thu, 19 Apr 2018 18:56:28 GMT
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=1209600, must-revalidate
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
expires
Tue, 15 May 2018 16:26:09 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.mail.aol.com/ Name: L7Id
Value: LrrLLTfcclCr0qtf8rModg__
mail.aol.com/ Name: wmsid
Value: F1716F359D91DCB432FB6E62DEC8ACF4
.aol.com/ Name: BX
Value: 5hpjgltdeh590&b=3&s=as
.aol.com/ Name: GUC
Value: AQABAQBa6KNa6UIh7wSO&s=AQAAACYgzWVZ&g=WuiVKg
.aol.com/ Name: GUCS
Value: AU2sAszO

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

guce.aol.com
mail.aol.com
52.18.108.1
87.248.118.22
3b15936cf3a8edd002bab8e118bc582c8bd0884981d36c730b37536fe99909b8
733d378042bd209261c731700c9d19a878f829167d3352759840cbf387328273