urlscan.io logo urlscan.io
SecurityTrails logo

ibexsolutions.net Open in urlscan Pro
192.185.142.107  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ibexsolutions.net/ens/yahoo/yahoo.htm
Effective URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Submission: On September 26 via manual — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 19 HTTP transactions. The main IP is 192.185.142.107, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is ibexsolutions.net.
TLS certificate: Issued by R10 on September 22nd 2024. Valid for: 3 months.
This is the only time ibexsolutions.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

IP Address AS Autonomous System
1 192.185.142.107 19871 (NETWORK-S...)
12 2001:4998:14:... 14777 (YAHOO)
1 2a04:4e42::649 54113 (FASTLY)
1 2606:2800:121... 15133 (EDGECAST)
1 152.199.24.48 15133 (EDGECAST)
2 2001:4998:58:... 26101 (YAHOO-BF1)
19 7
1    192.185.142.107 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: madmodworld.com
ibexsolutions.net
12    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
gpt.mail.yahoo.net
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:2800:121:46:19e1:1c79:eea:1135 (United States)

ASN15133 (EDGECAST, US)
consent.cmp.oath.com
1    152.199.24.48 (United States)

ASN15133 (EDGECAST, US)
opus.analytics.yahoo.com
2    2001:4998:58:207::6000 (United States)

ASN26101 (YAHOO-BF1, US)
3p-udc.yahoo.com
csp.yahoo.com
Apex Domain
Subdomains		 Transfer
11 yimg.com
s.yimg.com — Cisco Umbrella Rank: 761
279 KB
3 yahoo.com
opus.analytics.yahoo.com — Cisco Umbrella Rank: 3804
3p-udc.yahoo.com — Cisco Umbrella Rank: 15561
guce.yahoo.com Failed
csp.yahoo.com — Cisco Umbrella Rank: 13899
4 KB
1 yahoo.net
gpt.mail.yahoo.net — Cisco Umbrella Rank: 5603
1 oath.com
consent.cmp.oath.com — Cisco Umbrella Rank: 6083
34 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 851
83 KB
1 ibexsolutions.net
ibexsolutions.net
14 KB
19 6
Domain Requested by
11 s.yimg.com ibexsolutions.net
s.yimg.com
1 csp.yahoo.com ibexsolutions.net
1 gpt.mail.yahoo.net s.yimg.com
1 3p-udc.yahoo.com s.yimg.com
1 opus.analytics.yahoo.com ibexsolutions.net
1 consent.cmp.oath.com ibexsolutions.net
1 code.jquery.com ibexsolutions.net
1 ibexsolutions.net
0 guce.yahoo.com Failed consent.cmp.oath.com
19 9

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
help.yahoo.com
Subject Issuer Validity Valid
ibexsolutions.net
R10		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-10-16		 2 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
service.cmp.oath.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-17 -
2025-02-16		 a year crt.sh
opus.analytics.yahoo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-07 -
2025-06-07		 a year crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-16 -
2025-01-08		 6 months crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2024-09-19 -
2024-12-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Frame ID: B56EC50D353111F297044689D19F5BDB
Requests: 18 HTTP requests in this frame

Frame: https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1
Frame ID: 039F2514F85B2A607DEBFC905D7EF2BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yahoo

Page URL History Show full URLs

  1. http://ibexsolutions.net/ens/yahoo/yahoo.htm HTTP 307
    https://ibexsolutions.net/ens/yahoo/yahoo.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

7
IPs

1
Countries

414 kB
Transfer

1384 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ibexsolutions.net/ens/yahoo/yahoo.htm HTTP 307
    https://ibexsolutions.net/ens/yahoo/yahoo.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yahoo.htm
ibexsolutions.net/ens/yahoo/
Redirect Chain
  • http://ibexsolutions.net/ens/yahoo/yahoo.htm
  • https://ibexsolutions.net/ens/yahoo/yahoo.htm
47 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.142.107 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
madmodworld.com
Software
Apache /
Resource Hash
4570c0977423a6640658b1f7c4401ba7932a9f0077c438853b44d1467b7eaadc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
13823
content-type
text/html
date
Thu, 26 Sep 2024 21:17:06 GMT
last-modified
Tue, 30 Apr 2024 15:05:11 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://ibexsolutions.net/ens/yahoo/yahoo.htm
Non-Authoritative-Reason
HttpsUpgrades
yahoo-main.css
s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/ 		548 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1813821178b180cb5d5fa14bc08bf66e449e895ca51d1c8c88de3fc904e994de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

content-encoding
gzip
etag
"e89c4e01ad4bcec15b474b0132aed791-df"
age
5916
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 19:38:31 GMT
last-modified
Fri, 08 Sep 2023 16:09:03 GMT
vary
Origin, Accept-Encoding
content-type
text/css
x-amz-id-2
wy5fTqMIYH78pcuVHT+Gq1lxR9wgBb8ayCTeh1cmVKrjCi2mYmEBayIG856JjLrfckH8BTuWaSrRvoHdAjlIfiiLh0A2AMPIcI9QjkedWXE=
strict-transport-security
max-age=31536000
cache-control
public,max-age=31536000
ats-carp-promotion
1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
YTNFG14H2AX9MQQB
accept-ranges
bytes
x-xss-protection
1; mode=block
server
ATS
x-amz-server-side-encryption
AES256
yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

etag
"cd166981c96c6d0f4b5a7d798c25878e"
age
3963
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 23:00:00 GMT
date
Thu, 26 Sep 2024 20:11:04 GMT
last-modified
Wed, 25 Sep 2024 21:32:14 GMT
vary
Origin
content-type
image/png
x-amz-id-2
mEgxfpv0WOVKV/7Jyud/xqr9aJ3tu1bzdV+h8a+8pJcbn60HorZdmsrnKvCHJNrVPiuI+X+ouIw=
strict-transport-security
max-age=31536000
cache-control
public,max-age=86400
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
BMDM35M2KYANJ2YE
accept-ranges
bytes
content-length
1346
x-xss-protection
1; mode=block
server
ATS
x-amz-server-side-encryption
AES256
yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

etag
"dd31f56b9e4dff40eb87447c3dc55b84"
age
45829
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 23:00:00 GMT
date
Thu, 26 Sep 2024 08:33:19 GMT
last-modified
Wed, 25 Sep 2024 21:32:14 GMT
vary
Origin
content-type
image/png
x-amz-id-2
ir4g3bVtDF6JKgZ0XOfTwYz6pEOzf0xxqqIHn6rEW4p1iKutlqzS5NaH+WoaI/DAxTA35ymaANY=
strict-transport-security
max-age=31536000
cache-control
public,max-age=86400
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
HNCEJQAJVVKVQPH3
accept-ranges
bytes
content-length
1391
x-xss-protection
1; mode=block
server
ATS
x-amz-server-side-encryption
AES256
jquery-3.5.1.js
code.jquery.com/ 		281 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.js
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ibexsolutions.net
Referer
https://ibexsolutions.net/

Response headers

content-encoding
gzip
etag
W/"28feccc0-4638e"
age
3505197
x-cache
HIT, HIT
date
Thu, 26 Sep 2024 21:17:07 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
14, 32291
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21971-LGA, cache-mia-kmia1760022-MIA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1727385427.033942,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
84374
server
nginx
rapid-3.53.39.js
s.yimg.com/ss/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ss/rapid-3.53.39.js
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

content-encoding
gzip
etag
"3ad90205296656e070371a83d5201160-df"
x-amz-version-id
qQB6rmWhCi0nbuLvxW7W.stvcSOa1X3q
age
325838
date
Mon, 23 Sep 2024 02:46:29 GMT
last-modified
Thu, 20 Oct 2022 22:18:00 GMT
vary
Origin, Accept-Encoding
content-type
application/javascript
x-amz-id-2
aJhVLCwR5iDf5/RRKVdmy/ePKlJeGvKRgk8fZPctbve1/SoQMVgAG1pqA+qyzOjVGP/4OV9xwKGQ8W7TYMLxhQ==
strict-transport-security
max-age=31536000
cache-control
max-age=31536000, immutable
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
PWHE68EEW8X9YDPG
accept-ranges
bytes
content-length
18263
server
ATS
x-amz-server-side-encryption
AES256
bundle.js
s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/ 		179 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/bundle.js
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
3abfd25820cb31c7f6ed2297ff3a572ffeb4b8feabbdf9491cae99d0ea7bbf5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

content-encoding
gzip
etag
"1be6c39f41439184a2572101e9f1f580-df"
age
639390
date
Thu, 19 Sep 2024 11:40:38 GMT
last-modified
Fri, 08 Sep 2023 16:09:03 GMT
vary
Origin, Accept-Encoding
content-type
application/javascript
x-amz-id-2
wm93GOlX8LATwbPOjtrAOm+fQuqrhZz8zfFBSo9GnAb3OX6Lgz8EMLCbgwDN32ampP5GMwXsgvGRR7PqxdqcPD034KG4T193HSjOOJbJ6Oo=
strict-transport-security
max-age=31536000
cache-control
public,max-age=31536000
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
XJRJ6TC7VRGT4W91
accept-ranges
bytes
content-length
49583
server
ATS
x-amz-server-side-encryption
AES256
cmp.js
consent.cmp.oath.com/ 		180 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cmp.oath.com/cmp.js
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:121:46:19e1:1c79:eea:1135 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (mid/8735) /
Resource Hash
d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

x-amz-id-2
4SZ2BBAwapIPd5k6sYK+Jp97t1+cKl5ls2j+HVqG8pN0t/jGvqHjsyc/DhZNEFl9cw4QpQAfhjc=
cache-control
max-age=3600
content-encoding
gzip
etag
"6863ce0703ce4f482389f8a7e640e4e6+gzip"
age
933
x-amz-request-id
0EZ3N2AWNW295GS4
expires
Thu, 26 Sep 2024 22:17:07 GMT
accept-ranges
bytes
x-cache
HIT
content-length
34582
date
Thu, 26 Sep 2024 21:17:07 GMT
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 18:14:22 GMT
server
ECD (mid/8735)
vary
Accept-Encoding
opus.js
opus.analytics.yahoo.com/tag/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://opus.analytics.yahoo.com/tag/opus.js
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.48 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8738) /
Resource Hash
e30b827cdefdcc2ff2e3fb69d1d0b30e7a9e679b18a2385b3c85ff345fddbb46
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

x-amz-id-2
GR7wh7+Lf2M9oq2fsf5bA4Sbv99LbEE5J9tmzkARoyLBKAMbZ6DK9KW+DX+mtwTE322lUqDvSTE=
content-security-policy
default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-encoding
gzip
etag
"36fe94e917e5dc731081ce2ed65a7ca7+gzip"
age
198738
x-amz-request-id
SXJ81TJSZTG32WFB
accept-ranges
bytes
x-cache
HIT
content-length
3214
date
Thu, 26 Sep 2024 21:17:07 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 14:03:19 GMT
server
ECAcc (mid/8738)
vary
Accept-Encoding
Yahoo_Sans-Regular.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ibexsolutions.net
Referer
https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css

Response headers

etag
"a99b283070afc519f4816e4300c515d2"
age
1072632
expires
Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access
public
date
Sat, 14 Sep 2024 11:19:56 GMT
last-modified
Thu, 19 Apr 2018 19:06:41 GMT
content-type
font/woff2
vary
Origin
x-amz-id-2
l3DpKsBTAXSbfpttvCu269W1j46MwdnS7Gm0TUt3lsBTlfaFKWUsrHMQWLW7l/L5X1x3DEq0z2k=
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:51 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=31536000,public
ats-carp-promotion
1, 1
x-amz-meta-x-ysws-mbst-vtime
1507011771545398
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
2Y06Z6WVT5MD2TTM
accept-ranges
bytes
access-control-allow-origin
*
content-length
28860
x-amz-meta-mbst-etag
"YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
server
ATS
x-amz-server-side-encryption
AES256
checkbox-checked.svg
s.yimg.com/wm/mbr/images/ 		1 KB
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/wm/mbr/images/checkbox-checked.svg
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
11b4310df6e27428e7cf86f316abdc10148ac5cf3c8bbbd5b85c88b9f6290c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css

Response headers

content-encoding
gzip
etag
"ac8c4fbeda6efad9549cb41b992a8b3a-df"
age
38505
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 10:35:23 GMT
last-modified
Fri, 24 Apr 2020 17:13:52 GMT
vary
Origin, Accept-Encoding
content-type
image/svg+xml
x-amz-id-2
B11v0zOBAviKkUtnPfGCX8L5DTkVIV8Z7JsblB2ZBY8fUJqShMvLHOKDuImx6zr6vA8l4ynynt8=
strict-transport-security
max-age=31536000
cache-control
public,max-age=315360000
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
E35XBHFGPKEY5VN5
accept-ranges
bytes
content-length
659
x-xss-protection
1; mode=block
server
ATS
x-amz-server-side-encryption
AES256
Yahoo_Sans-Semibold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ibexsolutions.net
Referer
https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css

Response headers

etag
"af9fdad7698452697b016850fff96423"
age
1072632
expires
Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access
public
date
Sat, 14 Sep 2024 11:19:56 GMT
last-modified
Thu, 19 Apr 2018 17:33:29 GMT
content-type
font/woff2
vary
Origin
x-amz-id-2
N+cqiJ9mxf7rC0SEWVtWadEzs75rVTSHtFSMu8LE2XASjqi7iKDgsHu4EL3o+E/sc/drR9osQJk=
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:51 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=31536000,public
ats-carp-promotion
1, 1
x-amz-meta-x-ysws-mbst-vtime
1507011771480561
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
2Y05RSH19984W0EM
accept-ranges
bytes
access-control-allow-origin
*
content-length
29040
x-amz-meta-mbst-etag
"YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
server
ATS
x-amz-server-side-encryption
AES256
Yahoo_Sans-Medium.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ibexsolutions.net
Referer
https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/yahoo-main.css

Response headers

etag
"7c7c02dcee2bf1c2528db6092d4ad1fa"
age
1107454
expires
Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access
public
date
Sat, 14 Sep 2024 01:39:35 GMT
last-modified
Thu, 19 Apr 2018 16:25:50 GMT
content-type
font/woff2
vary
Origin
x-amz-id-2
QCCTuHhCdgNnjGbE535hF53r35LTtmmTMzXl9eC8sw96mz7RLvXUTJyIUK7qhTn09ovT2XUWJBE=
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:52 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=31536000,public
ats-carp-promotion
1, 1
x-amz-meta-x-ysws-mbst-vtime
1507011772247755
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
QYPK56EV95NXXR7M
accept-ranges
bytes
access-control-allow-origin
*
content-length
29228
x-amz-meta-mbst-etag
"YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
server
ATS
x-amz-server-side-encryption
AES256
yql
3p-udc.yahoo.com/v2/public/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200018&yhlCT=2&yhlBTMS=1727385427543&yhlClientVer=3.53.39&yhlRnd=aYEYYrFFo4XGCo6n&yhlCompressed=0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 , United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://ibexsolutions.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, private, max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
age
0
access-control-allow-credentials
true
expires
-1
access-control-allow-origin
https://ibexsolutions.net
p3p
policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
date
Thu, 26 Sep 2024 21:17:07 GMT
vary
Origin
server
ATS
consentRecord
guce.yahoo.com/v1/ 		0
0
sandbox
gpt.mail.yahoo.net/ Frame 039F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/898c3548c518aab29382c52093266bac38829c86/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https:; script-src 'nonce-65gtW6869Tb5IbNTe0qv8w==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibexsolutions.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
0
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src https:; script-src 'nonce-65gtW6869Tb5IbNTe0qv8w==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 21:17:08 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-omg-env
norrin-green--gam-production-bf1-7547c6dfc4-plqh5
x-xss-protection
1; mode=block
csp
csp.yahoo.com/beacon/ 		0
441 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.yahoo.com/beacon/csp?src=mail-gam
Requested by
Host: ibexsolutions.net
URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 , United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://ibexsolutions.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, private, max-age=0
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-envoy-upstream-service-time
1
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
expires
-1
x-xss-protection
1; mode=block
date
Thu, 26 Sep 2024 21:17:08 GMT
x-powered-by
Express
server
ATS
x-frame-options
SAMEORIGIN
yahoo-favicon-img-v0.0.2.ico
s.yimg.com/wm/mbr/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

etag
"b6814ae5582d7953821acbd76e977bb4"
age
4337
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 20:04:52 GMT
last-modified
Wed, 11 Sep 2019 18:01:04 GMT
vary
Origin
content-type
image/vnd.microsoft.icon
x-amz-id-2
cRn6FIJRDn7P0J5vfrCiUyc8PC4+P93e5NGq2rXwNTdD5UT5kTo2XKHhLt2U2F78A3YhyTNkkgCPmvblxugKmYbH99AclJFG7pYKt7OOjn0=
strict-transport-security
max-age=31536000
cache-control
public,max-age=315360000
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
FFTRN7KAAPCE36R7
accept-ranges
bytes
content-length
1406
x-xss-protection
1; mode=block
server
ATS
x-amz-server-side-encryption
AES256
yahoo-favicon-img-v0.0.2.ico
s.yimg.com/wm/mbr/images/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ibexsolutions.net/

Response headers

etag
"b6814ae5582d7953821acbd76e977bb4"
age
4337
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 20:04:52 GMT
last-modified
Wed, 11 Sep 2019 18:01:04 GMT
vary
Origin
content-type
image/vnd.microsoft.icon
x-amz-id-2
cRn6FIJRDn7P0J5vfrCiUyc8PC4+P93e5NGq2rXwNTdD5UT5kTo2XKHhLt2U2F78A3YhyTNkkgCPmvblxugKmYbH99AclJFG7pYKt7OOjn0=
cache-control
public,max-age=315360000
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
FFTRN7KAAPCE36R7
accept-ranges
bytes
content-length
1406
x-xss-protection
1; mode=block
server
ATS
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
guce.yahoo.com
URL
https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 number| pageStartTime boolean| isGoodJS object| YUI_config object| I13N_config string| COMET_URL string| gamIframeUrl object| challenge string| currentURL object| COUNTRY_CODES_MAP function| mbrSendError function| $ function| jQuery object| _0xabc6 object| chill object| ray object| cut string| n string| hash object| regeX function| submit function| makeid function| isBase64 object| YAHOO object| rapidInstance object| jsModules boolean| mbrJSLoaded function| checkAssets function| __uspapi function| __tcfapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp number| lastApvTime

1 Cookies

Domain/Path Name / Value
.yahoo.com/ Name: A3
Value: d=AQABBFPP9WYCEMcAKqUlH69ccnwfVUU02hgFEgEBAQEg92b_Ztww0iMA_eMAAA&S=AQAAAvaJYug0AiOm3kOuLwx8CzM

9 Console Messages

Source Level URL
Text
other warning URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Message:
Unrecognized feature: 'document-domain'.
other warning URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm
Message:
Unrecognized feature: 'speaker-selection'.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
recommendation warning URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm#rb@387AVWOE3&bXeo5Fq2RF@1rlmbo&Thu-Sep-26-2024-11:17:07-GMT-1000-(Hawaii-Aleutian-Standard-Time)&8ec7IkdB7oqiSUy&(Hawaii-Aleutian,Standard,Time)&$S4ss6mArpn38yshhTJx=4QAps&0E1jUHVuiC3m@fCWBzA15UYqa2n3WW3CJ#
Message:
[DOM] Found 2 elements with non-unique id #browser-fp-data: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm#rb@387AVWOE3&bXeo5Fq2RF@1rlmbo&Thu-Sep-26-2024-11:17:07-GMT-1000-(Hawaii-Aleutian-Standard-Time)&8ec7IkdB7oqiSUy&(Hawaii-Aleutian,Standard,Time)&$S4ss6mArpn38yshhTJx=4QAps&0E1jUHVuiC3m@fCWBzA15UYqa2n3WW3CJ#
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm#rb@387AVWOE3&bXeo5Fq2RF@1rlmbo&Thu-Sep-26-2024-11:17:07-GMT-1000-(Hawaii-Aleutian-Standard-Time)&8ec7IkdB7oqiSUy&(Hawaii-Aleutian,Standard,Time)&$S4ss6mArpn38yshhTJx=4QAps&0E1jUHVuiC3m@fCWBzA15UYqa2n3WW3CJ#
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
security error
Message:
Refused to frame 'https://gpt.mail.yahoo.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080".
javascript error URL: https://ibexsolutions.net/ens/yahoo/yahoo.htm#rb@387AVWOE3&bXeo5Fq2RF@1rlmbo&Thu-Sep-26-2024-11:17:07-GMT-1000-(Hawaii-Aleutian-Standard-Time)&8ec7IkdB7oqiSUy&(Hawaii-Aleutian,Standard,Time)&$S4ss6mArpn38yshhTJx=4QAps&0E1jUHVuiC3m@fCWBzA15UYqa2n3WW3CJ#
Message:
Access to XMLHttpRequest at 'https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid' from origin 'https://ibexsolutions.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid
Message:
Failed to load resource: net::ERR_FAILED