auth.usnews.com
Open in
urlscan Pro
104.96.95.105
Public Scan
Effective URL: https://auth.usnews.com/signup?client_id=2q17ud509vvjvs5svj5ql4tt1q&response_type=code&scope=openid%20email%20profile%20...
Submission: On January 18 via manual from PH — Scanned from DE
Summary
TLS certificate: Issued by Network Solutions OV Server CA 2 on August 29th 2022. Valid for: a year.
This is the only time auth.usnews.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 107.20.71.201 107.20.71.201 | 14618 (AMAZON-AES) (AMAZON-AES) | |
10 | 104.96.95.105 104.96.95.105 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
4 | 2600:9000:211... 2600:9000:211e:ba00:6:8de6:8640:21 | 16509 (AMAZON-02) (AMAZON-02) | |
15 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-71-201.compute-1.amazonaws.com
link.messaging.usnews.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-95-105.deploy.static.akamaitechnologies.com
auth.usnews.com |
ASN16509 (AMAZON-02, US)
d3oia8etllorh5.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
usnews.com
1 redirects
link.messaging.usnews.com — Cisco Umbrella Rank: 750052 auth.usnews.com |
111 KB |
4 |
cloudfront.net
d3oia8etllorh5.cloudfront.net |
476 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
10 | auth.usnews.com |
auth.usnews.com
|
4 | d3oia8etllorh5.cloudfront.net |
auth.usnews.com
|
1 | link.messaging.usnews.com | 1 redirects |
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.usnews.com Network Solutions OV Server CA 2 |
2022-08-29 - 2023-09-29 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.usnews.com/signup?client_id=2q17ud509vvjvs5svj5ql4tt1q&response_type=code&scope=openid%20email%20profile%20aws.cognito.signin.user.admin&redirect_uri=https://www.usnews.com/login-redirect
Frame ID: B717AC802C0A051623CC920829F09FC9
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
SigninPage URL History Show full URLs
-
https://link.messaging.usnews.com/click/63c72078824ff54dff27d11b/aHR0cHM6Ly9hdXRoLnVzbmV3cy5jb20vc2lnbnVwP2Nsa...
HTTP 302
https://auth.usnews.com/signup?client_id=2q17ud509vvjvs5svj5ql4tt1q&response_type=code&scope=openid%... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Akamai Bot Manager (Security) Expand
Detected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://link.messaging.usnews.com/click/63c72078824ff54dff27d11b/aHR0cHM6Ly9hdXRoLnVzbmV3cy5jb20vc2lnbnVwP2NsaWVudF9pZD0ycTE3dWQ1MDl2dmp2czVzdmo1cWw0dHQxcSZyZXNwb25zZV90eXBlPWNvZGUmc2NvcGU9b3BlbmlkK2VtYWlsK3Byb2ZpbGUrYXdzLmNvZ25pdG8uc2lnbmluLnVzZXIuYWRtaW4mcmVkaXJlY3RfdXJpPWh0dHBzOi8vd3d3LnVzbmV3cy5jb20vbG9naW4tcmVkaXJlY3Q/63c1d81ca4fd3b5a610d14ebC51b5c50c
HTTP 302
https://auth.usnews.com/signup?client_id=2q17ud509vvjvs5svj5ql4tt1q&response_type=code&scope=openid%20email%20profile%20aws.cognito.signin.user.admin&redirect_uri=https://www.usnews.com/login-redirect Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signup
auth.usnews.com/ Redirect Chain
|
29 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7FXc8MD0
auth.usnews.com/bYKGhOUNk/4yH8/DEoai/6pfK0gi9s/YQaY8XVz/WChw/B0U/ |
204 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41ec8fae
auth.usnews.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
d3oia8etllorh5.cloudfront.net/20221014152150/css/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cognito-login.css
d3oia8etllorh5.cloudfront.net/20221014152150/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-css.css
auth.usnews.com/2q17ud509vvjvs5svj5ql4tt1q/20210316192702/assets/CSS/ |
2 KB 953 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amazon-cognito-advanced-security-data.min.js
d3oia8etllorh5.cloudfront.net/20221014152150/js/ |
262 KB 263 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.jpg
auth.usnews.com/2q17ud509vvjvs5svj5ql4tt1q/20210316192702/assets/images/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
d3oia8etllorh5.cloudfront.net/20221014152150/js/ |
87 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7FXc8MD0
auth.usnews.com/bYKGhOUNk/4yH8/DEoai/6pfK0gi9s/YQaY8XVz/WChw/B0U/ |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7FXc8MD0
auth.usnews.com/bYKGhOUNk/4yH8/DEoai/6pfK0gi9s/YQaY8XVz/WChw/B0U/ |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel_41ec8fae
auth.usnews.com/akam/13/ |
0 662 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7FXc8MD0
auth.usnews.com/bYKGhOUNk/4yH8/DEoai/6pfK0gi9s/YQaY8XVz/WChw/B0U/ |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7FXc8MD0
auth.usnews.com/bYKGhOUNk/4yH8/DEoai/6pfK0gi9s/YQaY8XVz/WChw/B0U/ |
18 B 751 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange boolean| __fwcimLoaded object| AWSCognitoContextData object| _crypto function| setImmediate function| clearImmediate object| AmazonCognitoAdvancedSecurityData function| Zepto function| $ function| getAdvancedSecurityData function| getUrlParameter function| onSubmit string| bazadebezolkohpepadr function| jQuery object| $inputs function| checkPasswordHelper function| checkPasswordMatch function| checkConfirmForgotPasswordMatch function| checkConfirmPasswordMatches function| checkResetPasswordMatch object| _cf object| bmak string| _sdTrace string| urhehlevkedkilrobacf object| fwcim6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.usnews.com/ | Name: sailthru_hid Value: 96355d5221139678ea4d83035e686a6463c1d81ca4fd3b5a610d14eb4aa76694458749d38fb0d9d97b044441 |
|
.usnews.com/ | Name: sailthru_bid Value: 63c72078824ff54dff27d11b |
|
auth.usnews.com/ | Name: XSRF-TOKEN Value: 15824003-a280-487e-8202-d9422aa7fded |
|
.usnews.com/ | Name: ak_bmsc Value: 0D3B6757C2F63991C65D5B6BA0017F17~000000000000000000000000000000~YAAQVFtgaIpFyreFAQAABK35whJyNzqLUs90/pHbvEBGcFdAM4690OkIRgpX8wPY6Gs6F2tH5ctox29gDHGgC78WxBDs2OO2CdTVHTbOFGJvQDgc/PpWJDVVIWSL9RU4CcvO1xvTf1u7ShXUQnbf4JJmCXtPv8Xh2nrN+rdJ5NUIxz0x/OCG8YVuvx1ZyFtNB4ene8OdQ+Rwr7otDNOpCb6aWfbNLrLeMkafMjSQ9naScT7z9eGt6dXYW7/LEoan8KPHXwy3j/HZEd7nPKnz98pL8uN0HWuSXEQuJzwzGpDaDIIBTx0W8YsYf2XJ3jjBGiwopSZZUu6Saslnjp1UV4DR9/0GuoGjLuliz0mrBfPW7DpgCMrvV7Fx5NnOX2+7sYUzVa9ZbTQhq9l7jHP4s6cFmGwbz+66WCOZwFm1dXw7B8fvTZznHxkhuz5kCVbqHRDLgTjJGBAcnTULd9bCZ/OxLzttb9P1bOqeP0otaLKN52ZgBebG/yEUGsOQ |
|
.usnews.com/ | Name: _abck Value: 7BA2C0472B03F145FEF89A0F65034862~-1~YAAQVFtgaKBFyreFAQAA/LD5wgnYCZwD1nReJTU9nNyoF9VLqvNwKbcjMJrTGNNWRYwgi6ZP7h14TVLiBKdTzKXIq18m0F0wMZV7r1u7bQ4x+mQF6pWRkzGamAwRJF9FLbxzOyxdquUio7smsA74KjRiwQotB6NXrfrlCS9uOxpGKapsZmLFnM5pMw1PFQAJUuyQToM8fsrjFsr6qjg5DDtiXmP2Ub/YPp6YuhzwR4wkXPfwtaIl/KNXIV/dkEV1fremUWkZcBKxkcZfTUyv+oBS5jvtnXF/UDwNg6acOf+eX5WhQeziQBdum+Ukz4y3VXHiEQzdvsLWDUQE43pEtNwD8+bvbDtQk6i4ujNXgXR/i0GXbvkduNS83NcZnPFUBvQSy+ifoErUMQ==~-1~-1~-1 |
|
.usnews.com/ | Name: bm_sz Value: A98E85B8FCB7A15E74D1FD30826222DA~YAAQVFtgaKFFyreFAQAA/LD5whLd95Bv4w8t9I5Fg/wTEmN3Avn8X9iF8KmQFrgwtVtiAiXL/2fqTIsr+PQE7C+aq/AP5iW2ZY86baJ6mbZKfCEc3ufMQvfi4sXR0OtIZcogTTdFYWzHo2zqJlq0ok7ACoa9OYCTSruJdNwxETRqsOVkU3CiSzaiFccRp7fv0AoYbl7MSsHrVqaVfseVn61kMpSD6K5ruYkBZqp4P5uYAhOr4IbS8GUWy5Vjp4znTkW0hkujVxqtbXs/ri+piKWrqDqYSBvLV4zUHfUOpPkqkwY=~4277315~3425844 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 ; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.usnews.com
d3oia8etllorh5.cloudfront.net
link.messaging.usnews.com
104.96.95.105
107.20.71.201
2600:9000:211e:ba00:6:8de6:8640:21
621362b5b7b6513a58acef7fe9fe717093d1186a25b4a429c20e09e2a54c9ace
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
715bf036159712c2ebd73cdc682ba5642002f66427b8394611cb95ced17e26a9
7ae177fecdbc4dae81c93de1debd1442369e283b671dc1ecdfc1939e22d7b4b9
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
931187087d226cb122eac7b7727cb31e99a42d6232c18d92f346d9735c06f8ed
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
cd592969981c62ca24122637f77b9cb0b99985639909774927b6e605289d370a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8efc3158fbc6193e5601665d2360518fee287b3c18560aa328766ddbac3d5a2
ea81239b50dfc170c8c1225fb7fd6fa9c8bf76975cf22a6d597ff1a1e2e8a616
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d