urlscan.io logo urlscan.io
SecurityTrails logo

guce.signdnlink-auth.org Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://guce.signdnlink-auth.org/
Effective URL: https://guce.signdnlink-auth.org/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On June 24 via api from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is guce.signdnlink-auth.org.
TLS certificate: Issued by WE1 on June 21st 2024. Valid for: 3 months.
This is the only time guce.signdnlink-auth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
7 3
Apex Domain
Subdomains		 Transfer
2 yahoo.com
edge-mcdn.secure.yahoo.com — Cisco Umbrella Rank: 8063
8 KB
1 signdnlink-auth.org
guce.signdnlink-auth.org
s.signdnlink-auth.org Failed
32 KB
7 2
Domain Requested by
2 edge-mcdn.secure.yahoo.com guce.signdnlink-auth.org
edge-mcdn.secure.yahoo.com
1 guce.signdnlink-auth.org
0 s.signdnlink-auth.org Failed guce.signdnlink-auth.org
7 3

This site contains links to these domains. Also see Links.

Domain
www.signdnlink-auth.org
Subject Issuer Validity Valid
signdnlink-auth.org
WE1		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-05-30 -
2024-07-17		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://guce.signdnlink-auth.org/
Frame ID: 6068257F53DB91281E1FCD2BF1813FD0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

aol

Page URL History Show full URLs

  1. http://guce.signdnlink-auth.org/ HTTP 307
    https://guce.signdnlink-auth.org/ Page URL

Page Statistics

7
Requests

43 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

40 kB
Transfer

239 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://guce.signdnlink-auth.org/ HTTP 307
    https://guce.signdnlink-auth.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
guce.signdnlink-auth.org/
Redirect Chain
  • http://guce.signdnlink-auth.org/
  • https://guce.signdnlink-auth.org/
231 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://guce.signdnlink-auth.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a97f63976cddf5bb32953425d0b32eeaccd6a05ec3e1da26bd1407e57af47d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
898f526b9cee9fb4-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 24 Jun 2024 20:03:35 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRjsy411%2B49VuVlipx700it6kJUsMFO%2FcTobEIw%2Fr4u%2FFxQt%2BmH%2F0opt3JklhwQJkz5VkWEWzNTv7EwYr0EdCdWSatGtxrj1wTxVHxkmEf3%2B6G4TR531eD%2FcEu2wSFYlkBnGl%2BK4I7qzDqg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://guce.signdnlink-auth.org/
Non-Authoritative-Reason
HttpsUpgrades
site-ltr-553551be.css
s.signdnlink-auth.org/oa/build/css/ 		0
0
aol-logo-black-v.0.0.2.png
s.signdnlink-auth.org/wm/assets/images/ns/ 		0
0
aol-logo-white-v0.0.4.png
s.signdnlink-auth.org/wm/assets/images/ybar/ 		0
0
cerebro_min.js
edge-mcdn.secure.yahoo.com/ybar/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js
Requested by
Host: guce.signdnlink-auth.org
URL: https://guce.signdnlink-auth.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://guce.signdnlink-auth.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 03:55:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
05972EYJ92TEE9Y0
age
58061
x-amz-server-side-encryption
AES256
content-length
5636
x-amz-id-2
RDGQfMJykadgwL6E+hYviX7UMde/6GUTNvMUd+9uO2fhQs9+CNBWDxs+StStD/jqLAgjUZn8+Hg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 May 2022 20:34:05 GMT
server
ATS
etag
"0ccb51bc1dd6980920da39e008a599e0"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
exp.json
edge-mcdn.secure.yahoo.com/ybar/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-mcdn.secure.yahoo.com/ybar/exp.json
Requested by
Host: edge-mcdn.secure.yahoo.com
URL: https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://guce.signdnlink-auth.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:05:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
77SG2GBWP93YRD82
age
32258
x-amz-server-side-encryption
AES256
content-length
1784
x-amz-id-2
ukWusyYQCWtflWYr+FbBC4KTYFHfaYrjj+kNRiMYDv2iM1K3MYW1+mYLx4eVZYvDE38WLE8OTS4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Dec 2022 17:20:56 GMT
server
ATS
etag
"877792d86d801176269a36ac7b4e6e02"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
aol.png
s.signdnlink-auth.org/oa/build/images/favicons/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.signdnlink-auth.org
URL
https://s.signdnlink-auth.org/oa/build/css/site-ltr-553551be.css
Domain
s.signdnlink-auth.org
URL
https://s.signdnlink-auth.org/wm/assets/images/ns/aol-logo-black-v.0.0.2.png
Domain
s.signdnlink-auth.org
URL
https://s.signdnlink-auth.org/wm/assets/images/ybar/aol-logo-white-v0.0.4.png
Domain
s.signdnlink-auth.org
URL
https://s.signdnlink-auth.org/oa/build/images/favicons/aol.png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| WORK_SERVER number| TIMEOUT function| Cerebro

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://guce.signdnlink-auth.org/
Message:
Failed to load resource: the server responded with a status of 404 ()