admin-internal.guacapp.com Open in urlscan Pro
18.244.18.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://admin-internal.guacapp.com/
Submission: On November 24 via automatic, source certstream-suspicious (November 24th 2024, 4:48:27 am UTC) — Scanned from IT

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 18.244.18.34, located in United States and belongs to AMAZON-02, US. The main domain is admin-internal.guacapp.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 24th 2023. Valid for: a year.

This is the only time admin-internal.guacapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	18.244.18.34 18.244.18.34		16509 (AMAZON-02) (AMAZON-02)
9	2

7 18.244.18.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-34.fra56.r.cloudfront.net

admin-internal.guacapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	guacapp.com admin-internal.guacapp.com api-prod-internal-dashboard.guacapp.com Failed	1 MB
0	googleapis.com Failed fonts.googleapis.com Failed
9	2

	Domain	Requested by
7	admin-internal.guacapp.com	admin-internal.guacapp.com
0	api-prod-internal-dashboard.guacapp.com Failed	admin-internal.guacapp.com
0	fonts.googleapis.com Failed	admin-internal.guacapp.com
9	3

This site contains no links.

Subject Issuer	Validity	Valid
admin-internal.guacapp.com Amazon RSA 2048 M03	`2023-12-24` - `2025-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://admin-internal.guacapp.com/
Frame ID: AC4F8A12906164A30B15E2D3CC97C990
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guac App

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1278 kB
Transfer

4825 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response admin-internal.guacapp.com/	3 KB 2 KB	378ms 109ms	Document text/html	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin-internal.guacapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `bc1c0f3da367ad70daf146cb2bdab5cc3fc68510cae24fb1365d0393a3a195b9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 61347 content-encoding gzip content-type text/html date Sat, 23 Nov 2024 11:45:56 GMT etag W/"e491b1376b7a5685436c7caf2ff71a4f" last-modified Mon, 17 Jul 2023 09:50:06 GMT server AmazonS3 vary accept-encoding via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) x-amz-cf-id yeKAKoFUyhoi2FlzN6b8JTx1ZN_TM_2xG5gZrzPSWvnjQONzJc1rxw== x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	2.a8b1916d.chunk.css admin-internal.guacapp.com/static/css/	563 KB 70 KB	691ms 690ms	Stylesheet text/css	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin-internal.guacapp.com/static/css/2.a8b1916d.chunk.css Requested by Host: admin-internal.guacapp.com URL: https://admin-internal.guacapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `379c07b36a091efddf468c017383598146147934f75e0118492fa1c9ca7a9044` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://admin-internal.guacapp.com/ Response headers x-amz-cf-pop FRA56-P11 content-encoding br etag W/"7c5acef424cb4ee282d7de78cddbb3cd" via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id j5UGjDTHEEXmblqMN5NjDarBU0caOKZAdwnPH7vNEXBzBqPEiSaJOA== date Sun, 24 Nov 2024 04:48:23 GMT content-type text/css vary accept-encoding server AmazonS3 last-modified Mon, 17 Jul 2023 09:50:11 GMT x-amz-server-side-encryption AES256
GET H2	200	main.75acdb49.chunk.css admin-internal.guacapp.com/static/css/	66 KB 10 KB	691ms 691ms	Stylesheet text/css	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin-internal.guacapp.com/static/css/main.75acdb49.chunk.css Requested by Host: admin-internal.guacapp.com URL: https://admin-internal.guacapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `6716d282cdd55f31a456c6e53a3e10a65f332fd704b7278c95e0a24e7f81f6a1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://admin-internal.guacapp.com/ Response headers x-amz-cf-pop FRA56-P11 content-encoding br etag W/"bffe2c83a834112295ad8fc84108c640" via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id qErMoMCwqTtCyAqXCdpIqwv3wPntseBFU9KkW6L-08Ej0I4vQH1yZg== date Sun, 24 Nov 2024 04:48:23 GMT content-type text/css vary accept-encoding server AmazonS3 last-modified Mon, 17 Jul 2023 09:50:14 GMT x-amz-server-side-encryption AES256
GET H2	200	2.d46b52b2.chunk.js Show response admin-internal.guacapp.com/static/js/	4 MB 1 MB	139ms 139ms	Script application/javascript	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin-internal.guacapp.com/static/js/2.d46b52b2.chunk.js Requested by Host: admin-internal.guacapp.com URL: https://admin-internal.guacapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `9752dc51c81973c7b5871cf08dbd7e28f92c2e4b4a2a8feccfa1ab332514de9b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://admin-internal.guacapp.com/ Response headers x-amz-cf-pop FRA56-P11 content-encoding gzip etag W/"6809802d1ffc51aabe383f62937e721e" age 35072 via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 2bOUcpzzEISdtg_15M6FU5I-V5qgrzBR8IX_BHGjySAGb0rz8rc6eQ== date Sat, 23 Nov 2024 19:03:51 GMT content-type application/javascript vary accept-encoding server AmazonS3 last-modified Mon, 17 Jul 2023 09:50:19 GMT x-amz-server-side-encryption AES256
GET H2	200	main.a46a9ec0.chunk.js Show response admin-internal.guacapp.com/static/js/	427 KB 104 KB	190ms 190ms	Script application/javascript	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin-internal.guacapp.com/static/js/main.a46a9ec0.chunk.js Requested by Host: admin-internal.guacapp.com URL: https://admin-internal.guacapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `c2a36dec435d81c4e0819af19835d5a4cc475b9603768d7aaa8eb4d32705dddb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://admin-internal.guacapp.com/ Response headers x-amz-cf-pop FRA56-P11 content-encoding gzip etag W/"e6831aab1d9454060bd5827286169c7a" age 35072 via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id MP_q6PmatTMZ7CmfZ05wveE7DAw-ErOLUrok8GasYenLNqU6wsQg8Q== date Sat, 23 Nov 2024 19:03:51 GMT content-type application/javascript vary accept-encoding server AmazonS3 last-modified Mon, 17 Jul 2023 09:50:34 GMT x-amz-server-side-encryption AES256
GET		css fonts.googleapis.com/	0 0

GET		getAdminProfile api-prod-internal-dashboard.guacapp.com/api/Admin/AdminUsers/	0 0

GET H2	200	login-logo.cde90b21.png admin-internal.guacapp.com/static/media/	19 KB 19 KB	729ms 728ms	Image image/png	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://admin-internal.guacapp.com/static/media/login-logo.cde90b21.png Requested by Host: admin-internal.guacapp.com URL: https://admin-internal.guacapp.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `9e129bae3a8de4ab01eea8af4713ed1a37a8689dace080ac0016f548765ceff8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://admin-internal.guacapp.com/login Response headers etag "8d1e1ba187c01df2a42d731aa3054aa8" via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 19279 x-amz-cf-id 4BOz8vlb4Z50SQvOWcsqiMCx2A-PRIKYdpvXyfTN2Bf_cH3v3dPsMA== date Sun, 24 Nov 2024 04:48:25 GMT content-type image/png last-modified Mon, 17 Jul 2023 09:50:39 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256
GET H2	200	favicon.ico admin-internal.guacapp.com/	1 KB 1 KB	548ms 548ms	Other image/x-icon	18.244.18.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admin-internal.guacapp.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `d9b7ce1c489aa4c5ff5fe991f831bc0f7c664ba2bf0fe08681a6b92ee8cab3aa` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://admin-internal.guacapp.com/login Response headers etag "154a41ad4245d5e5d4542f50c2222c02" via 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 1150 x-amz-cf-id UAJZAINgeWi7S5QHsOlhRhSHtQnJdtHVqH9xLXka5yEjmm2Qo_qiFA== date Sun, 24 Nov 2024 04:48:25 GMT content-type image/x-icon last-modified Mon, 17 Jul 2023 09:50:06 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display+SC

Domain: api-prod-internal-dashboard.guacapp.com
URL: https://api-prod-internal-dashboard.guacapp.com/api/Admin/AdminUsers/getAdminProfile

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonpguac-dashboard-ui object| regeneratorRuntime object| cptable object| XLSX

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://admin-internal.guacapp.com/ Message: Mixed Content: The page at 'https://admin-internal.guacapp.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Playfair+Display+SC'. This request has been blocked; the content must be served over HTTPS.
recommendation	verbose	URL: https://admin-internal.guacapp.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://admin-internal.guacapp.com/login Message: Access to XMLHttpRequest at 'https://api-prod-internal-dashboard.guacapp.com/api/Admin/AdminUsers/getAdminProfile' from origin 'https://admin-internal.guacapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api-prod-internal-dashboard.guacapp.com/api/Admin/AdminUsers/getAdminProfile Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin-internal.guacapp.com
api-prod-internal-dashboard.guacapp.com
fonts.googleapis.com
api-prod-internal-dashboard.guacapp.com
fonts.googleapis.com
18.244.18.34
379c07b36a091efddf468c017383598146147934f75e0118492fa1c9ca7a9044
6716d282cdd55f31a456c6e53a3e10a65f332fd704b7278c95e0a24e7f81f6a1
9752dc51c81973c7b5871cf08dbd7e28f92c2e4b4a2a8feccfa1ab332514de9b
9e129bae3a8de4ab01eea8af4713ed1a37a8689dace080ac0016f548765ceff8
bc1c0f3da367ad70daf146cb2bdab5cc3fc68510cae24fb1365d0393a3a195b9
c2a36dec435d81c4e0819af19835d5a4cc475b9603768d7aaa8eb4d32705dddb
d9b7ce1c489aa4c5ff5fe991f831bc0f7c664ba2bf0fe08681a6b92ee8cab3aa

admin-internal.guacapp.com Open in urlscan Pro 18.244.18.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

78 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

1278 kBTransfer

4825 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

admin-internal.guacapp.com Open in urlscan Pro
18.244.18.34 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1278 kB
Transfer

4825 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions