urlscan.io logo urlscan.io
SecurityTrails logo

quickview948userverfyyah00mail.kingfisherprojects.co.za Open in urlscan Pro
192.185.161.67  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pastwords.pythonanywhere.com/login/
Effective URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Submission: On August 21 via api from GB — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 21 HTTP transactions. The main IP is 192.185.161.67, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is quickview948userverfyyah00mail.kingfisherprojects.co.za.
TLS certificate: Issued by R11 on August 21st 2024. Valid for: 3 months.
This is the only time quickview948userverfyyah00mail.kingfisherprojects.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 35.173.69.207 14618 (AMAZON-AES)
2 192.185.161.67 19871 (NETWORK-S...)
12 2001:4998:14:... 14777 (YAHOO)
1 2606:2800:121... 15133 (EDGECAST)
1 152.199.24.48 15133 (EDGECAST)
1 2001:4998:14:... 14777 (YAHOO)
3 2001:4998:58:... 26101 (YAHOO-BF1)
21 7
1    35.173.69.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-69-207.compute-1.amazonaws.com
pastwords.pythonanywhere.com
2    192.185.161.67 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-161-67.unifiedlayer.com
quickview948userverfyyah00mail.kingfisherprojects.co.za
12    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
1    2606:2800:121:46:19e1:1c79:eea:1135 (United States)

ASN15133 (EDGECAST, US)
consent.cmp.oath.com
1    152.199.24.48 (United States)

ASN15133 (EDGECAST, US)
opus.analytics.yahoo.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
gpt.mail.yahoo.net
3    2001:4998:58:207::6000 (United States)

ASN26101 (YAHOO-BF1, US)
3p-udc.yahoo.com
csp.yahoo.com
Apex Domain
Subdomains		 Transfer
12 yimg.com
s.yimg.com — Cisco Umbrella Rank: 1020
314 KB
4 yahoo.com
opus.analytics.yahoo.com — Cisco Umbrella Rank: 6080
3p-udc.yahoo.com — Cisco Umbrella Rank: 23794
csp.yahoo.com — Cisco Umbrella Rank: 20115
guce.yahoo.com Failed
4 KB
2 kingfisherprojects.co.za
quickview948userverfyyah00mail.kingfisherprojects.co.za
10 KB
1 yahoo.net
gpt.mail.yahoo.net — Cisco Umbrella Rank: 8408
1 oath.com
consent.cmp.oath.com — Cisco Umbrella Rank: 8963
34 KB
1 pythonanywhere.com
pastwords.pythonanywhere.com
293 B
21 6
Domain Requested by
12 s.yimg.com quickview948userverfyyah00mail.kingfisherprojects.co.za
s.yimg.com
2 csp.yahoo.com quickview948userverfyyah00mail.kingfisherprojects.co.za
2 quickview948userverfyyah00mail.kingfisherprojects.co.za s.yimg.com
1 3p-udc.yahoo.com s.yimg.com
1 gpt.mail.yahoo.net quickview948userverfyyah00mail.kingfisherprojects.co.za
1 opus.analytics.yahoo.com quickview948userverfyyah00mail.kingfisherprojects.co.za
1 consent.cmp.oath.com quickview948userverfyyah00mail.kingfisherprojects.co.za
1 pastwords.pythonanywhere.com 1 redirects
0 guce.yahoo.com Failed consent.cmp.oath.com
21 9

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
help.yahoo.com
Subject Issuer Validity Valid
www.quickview948userverfyyah00mail.kingfisherprojects.co.za
R11		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2024-09-18		 2 months crt.sh
service.cmp.oath.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-17 -
2025-02-16		 a year crt.sh
opus.analytics.yahoo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-07 -
2025-06-07		 a year crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2024-08-20 -
2024-11-20		 3 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-16 -
2025-01-08		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Frame ID: EF926489F496B1F404483DA4B7ACC318
Requests: 20 HTTP requests in this frame

Frame: https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1
Frame ID: 6414257D64FC7F62CBE36E4EBABB7BB4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yahoo

Page URL History Show full URLs

  1. https://pastwords.pythonanywhere.com/login/ HTTP 302
    https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html Page URL

Page Statistics

21
Requests

95 %
HTTPS

57 %
IPv6

6
Domains

9
Subdomains

7
IPs

1
Countries

363 kB
Transfer

1148 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pastwords.pythonanywhere.com/login/ HTTP 302
    https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.html
quickview948userverfyyah00mail.kingfisherprojects.co.za/
Redirect Chain
  • https://pastwords.pythonanywhere.com/login/
  • https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.161.67 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-161-67.unifiedlayer.com
Software
Apache /
Resource Hash
ef9b623912e09853a1a75fd671d7d2d2dd7061581c4e6c1a62e8e054d2594be1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
5109
content-type
text/html
date
Wed, 21 Aug 2024 16:42:51 GMT
last-modified
Wed, 21 Aug 2024 15:44:16 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
333
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Aug 2024 16:42:50 GMT
Location
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Server
PythonAnywhere
X-Clacks-Overhead
GNU Terry Pratchett
yahoo-main.css
s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/ 		568 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
3cad7414b803a7353313baa52a4c93a7923a2f11ef2c796fdfb196df199a9c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Thu, 15 Aug 2024 17:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
444NJG6WFPGDYMPQ
age
516185
x-amz-server-side-encryption
AES256
x-amz-id-2
isd5HvBL7R1/7lwtyWav5WfHc9X9Qo9x4jaeT6tp+gsvAbCaHyJnkcniIPnyV4d6CRtd4Z9b1zo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Oct 2023 16:04:41 GMT
server
ATS
etag
"452422d3b07f853056d31985e1362350-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Wed, 21 Aug 2024 11:59:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
6335MCBQ8AGKVQHS
age
17014
x-amz-server-side-encryption
AES256
content-length
1346
x-amz-id-2
W2AH+0kIA7r6dEyQJ3wzaN8bDQ6HfpHcMYqYylJ6opuCk0VgHR0z5UtPZBhcs9JaSVfA4sZTf08=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Aug 2024 21:45:49 GMT
server
ATS
etag
"cd166981c96c6d0f4b5a7d798c25878e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
cache-control
public,max-age=86400
accept-ranges
bytes
expires
Wed, 21 Aug 2024 23:00:00 GMT
yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Tue, 20 Aug 2024 17:01:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
S7JXZP7VFF7RSSPR
age
85304
x-amz-server-side-encryption
AES256
content-length
1391
x-amz-id-2
GP7ZZ3gxDpST1xZf3q8wOXRu5zvbsB0pFLe6lR/ttCYuu3pdKI9Dd1MGE+gwCKc9f1fCQnSUFkk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Aug 2024 21:32:10 GMT
server
ATS
etag
"dd31f56b9e4dff40eb87447c3dc55b84"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
cache-control
public,max-age=86400
accept-ranges
bytes
expires
Tue, 20 Aug 2024 23:00:00 GMT
rapid-3.53.39.js
s.yimg.com/ss/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ss/rapid-3.53.39.js
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Tue, 20 Aug 2024 15:31:40 GMT
x-amz-version-id
qQB6rmWhCi0nbuLvxW7W.stvcSOa1X3q
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
41XR5JZMX9C5B58G
age
90672
x-amz-server-side-encryption
AES256
content-length
18263
x-amz-id-2
wzufGUJ2IkEqzWTgO0dnnV+YURzVUxINupv1RFUA9CRVEdNr9RdxQxrQY0ggNy0letZsRZXrSeU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Oct 2022 22:18:00 GMT
server
ATS
etag
"3ad90205296656e070371a83d5201160-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
bundle.js
s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/ 		177 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/bundle.js
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
317bb329b108e0b43240303272544a258cca0c1219a183cb44b11f856a887184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Tue, 13 Aug 2024 03:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
P8JN4PKDY7ZEZKMQ
age
738388
x-amz-server-side-encryption
AES256
content-length
48992
x-amz-id-2
2fN6J0R4c/UmVWrOdt9XYBaD2+v2HXuj5bIaeHPQNtfROIWMS5IhqNib5xutpwFo9hdV4yVOCA0=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Oct 2023 16:04:41 GMT
server
ATS
etag
"8409d6a7bb9abb2daf9a4cf7c7a38865-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
cmp.js
consent.cmp.oath.com/ 		180 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cmp.oath.com/cmp.js
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:121:46:19e1:1c79:eea:1135 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (mid/8735) /
Resource Hash
d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 21 Aug 2024 16:42:51 GMT
content-encoding
gzip
last-modified
Thu, 08 Feb 2024 18:14:22 GMT
server
ECD (mid/8735)
age
2477
x-amz-request-id
G7FZQRQ7CGBV9K0Q
etag
"6863ce0703ce4f482389f8a7e640e4e6+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
34582
x-amz-id-2
RwZpTx9QLDkvRsB3tq+lanuPlIzK7zFpcXbzF74/ZZEBX1APW7V0+YDrUiqW7/KdXzRW9A+DfhE=
expires
Wed, 21 Aug 2024 17:42:51 GMT
opus.js
opus.analytics.yahoo.com/tag/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://opus.analytics.yahoo.com/tag/opus.js
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.48 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/872E) /
Resource Hash
2a53b21e174d47311b403ac8a58554ca3784728dc488839c979b7db633dfbdcf
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-encoding
gzip
date
Wed, 21 Aug 2024 16:42:51 GMT
last-modified
Wed, 21 Aug 2024 13:25:37 GMT
server
ECAcc (mid/872E)
age
11727
x-amz-request-id
J68KHN6X4SSWYS26
etag
"5cf96bee16b3ee210b4d718ef677cd80+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-length
3106
x-amz-id-2
4APixlxBdVPmD2AjGIllm0L3nF+wHBivUxpDumlAfE2UxRXlf7gvzWZ/enwY0S3bG30s5JpxijqLb2NleEhvuGAf/yt6p209
sandbox
gpt.mail.yahoo.net/ Frame 6414 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https:; script-src 'nonce-MQcwKore0um4WOOTVwQUgA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

age
0
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src https:; script-src 'nonce-MQcwKore0um4WOOTVwQUgA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 16:42:51 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-omg-env
norrin-green--gam-production-bf1-6886c69bf8-zhqgr
x-xss-protection
1; mode=block
phone-otp-v0.0.1.svg
s.yimg.com/wm/mbr/images/yahoo/ 		22 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/wm/mbr/images/yahoo/phone-otp-v0.0.1.svg
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
43c4090bf80305926a6fb9a8a75423ee8ff75c9eaf679d5d65ddd054a1d13c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Thu, 15 Aug 2024 01:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
W0WCVQFHHJHJX98H
age
574257
x-amz-server-side-encryption
AES256
content-length
7005
x-amz-id-2
Z+rKQjbRBdrnGR0r4WJtmGSqwsrhKjSS8IMnTOEcGpA1sQxK0R33PJCgiFkY3r+t0GEmvXL+mFo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jun 2019 21:20:35 GMT
server
ATS
etag
"4f3bb1a3d64eea60033dcd272ead6c83-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=315360000
accept-ranges
bytes
Yahoo_Sans-Regular.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Origin
https://quickview948userverfyyah00mail.kingfisherprojects.co.za
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Sat, 10 Aug 2024 13:31:58 GMT
strict-transport-security
max-age=31536000
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:51 GMT
x-content-type-options
nosniff
x-amz-request-id
BHX7VKACR6N6A3TS
age
961854
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011771545398
content-length
28860
x-amz-id-2
XTmDssZYtDGNqoIj+IqAm1A9JTMBfxyqRqnLCZK3Kqs+pLn9RGnoeCAxzRiVyU6kPUvWgcNGDMw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 19:06:41 GMT
server
ATS
etag
"a99b283070afc519f4816e4300c515d2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-access
public
expires
Sat, 05 Sep 2026 00:00:00 GMT
Yahoo_Sans-Semibold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Origin
https://quickview948userverfyyah00mail.kingfisherprojects.co.za
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Wed, 31 Jul 2024 13:03:31 GMT
strict-transport-security
max-age=31536000
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:51 GMT
x-content-type-options
nosniff
x-amz-request-id
C6NBYPCZG5BZJFGP
age
1827561
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011771480561
content-length
29040
x-amz-id-2
yfImHsLhC1yMOlJG+zXa9MAR+7cPVeGL2UCXcYYJgxyoimcfqIj9PIuP3FTo2l1LdlUPkAJSYOQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 17:33:29 GMT
server
ATS
etag
"af9fdad7698452697b016850fff96423"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
x-amz-meta-x-ysws-access
public
expires
Sat, 05 Sep 2026 00:00:00 GMT
Yahoo_Sans-Medium.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Origin
https://quickview948userverfyyah00mail.kingfisherprojects.co.za
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Sat, 17 Aug 2024 01:20:53 GMT
strict-transport-security
max-age=31536000
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:52 GMT
x-content-type-options
nosniff
x-amz-request-id
MNKC5Q6EM0W3FG6A
age
400919
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011772247755
content-length
29228
x-amz-id-2
I5QdduiPlmhTd3FqWuJh/yJXw9Z+qN66G1RE8Megt13OnA1dBsEDZE0c3u4CB1WANzwUPZ03S4E=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 16:25:50 GMT
server
ATS
etag
"7c7c02dcee2bf1c2528db6092d4ad1fa"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-access
public
expires
Sat, 05 Sep 2026 00:00:00 GMT
Yahoo_Sans-Bold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Bold.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
22e9e86d745200109fbcb3e96695307fea67880fca509728194b2cfce3906fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/yahoo-main.css
Origin
https://quickview948userverfyyah00mail.kingfisherprojects.co.za
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Sat, 17 Aug 2024 19:27:03 GMT
strict-transport-security
max-age=31536000
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:52 GMT
x-content-type-options
nosniff
x-amz-request-id
7CJP3H8NKA3XPCNH
age
335749
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011772122689
content-length
28108
x-amz-id-2
HvzpUscdbBkqScpVKovuQkN8dFH/NhcLQPqGVSE4XZd0Sl3lDFwJVx4TXnlsOEc5Ieh611B8WTg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 17:20:37 GMT
server
ATS
etag
"58b9e3ca84accc5d50ac893317cd6705"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:5893a8ed-f86d-4278-b1dc-94c16c36132200055a9e85598641"
x-amz-meta-x-ysws-access
public
expires
Sat, 05 Sep 2026 00:00:00 GMT
yql
3p-udc.yahoo.com/v2/public/ 		0
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794244015&yhlCT=2&yhlBTMS=1724258571746&yhlClientVer=3.53.39&yhlRnd=5kkRcaQwSQ8tCHbF&yhlCompressed=0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 , United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 16:42:51 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
vary
Origin
p3p
policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin
https://quickview948userverfyyah00mail.kingfisherprojects.co.za
cache-control
no-store, no-cache, private, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
expires
-1
csp
csp.yahoo.com/beacon/ 		0
441 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.yahoo.com/beacon/csp?src=mail-gam
Requested by
Host: quickview948userverfyyah00mail.kingfisherprojects.co.za
URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 , United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 16:42:52 GMT
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
server
ATS
age
0
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
cache-control
no-store, no-cache, private, max-age=0
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
expires
-1
consentRecord
guce.yahoo.com/v1/ 		0
0
yahoo-favicon-img-v0.0.2.ico
s.yimg.com/wm/mbr/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Wed, 21 Aug 2024 02:03:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
V2EBR7J00V3BTM6A
age
52760
x-amz-server-side-encryption
AES256
content-length
1406
x-amz-id-2
YCLqndpobyD1l6MvOWawyJxQCWiTPgdLvrnHi/uifia8+VYFx+K0AultAH1PGpUIP21/M1DblcDA3081DRPt42ws5jO09WJHG0YHA0Cdalg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Sep 2019 18:01:04 GMT
server
ATS
etag
"b6814ae5582d7953821acbd76e977bb4"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/vnd.microsoft.icon
cache-control
public,max-age=315360000
accept-ranges
bytes
csp
csp.yahoo.com/beacon/ 		0
49 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.yahoo.com/beacon/csp?src=mail-gam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 , United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 16:42:52 GMT
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
server
ATS
age
0
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
cache-control
no-store, no-cache, private, max-age=0
x-envoy-upstream-service-time
0
x-xss-protection
1; mode=block
expires
-1
yahoo-favicon-img-v0.0.2.ico
s.yimg.com/wm/mbr/images/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1, 1
date
Wed, 21 Aug 2024 02:03:33 GMT
x-content-type-options
nosniff
x-amz-request-id
V2EBR7J00V3BTM6A
age
52760
x-amz-server-side-encryption
AES256
content-length
1406
x-amz-id-2
YCLqndpobyD1l6MvOWawyJxQCWiTPgdLvrnHi/uifia8+VYFx+K0AultAH1PGpUIP21/M1DblcDA3081DRPt42ws5jO09WJHG0YHA0Cdalg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Sep 2019 18:01:04 GMT
server
ATS
etag
"b6814ae5582d7953821acbd76e977bb4"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/vnd.microsoft.icon
cache-control
public,max-age=315360000
accept-ranges
bytes
logads
quickview948userverfyyah00mail.kingfisherprojects.co.za/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/logads?adType=gam&delay=timeout&spid=794244015
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.161.67 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-161-67.unifiedlayer.com
Software
Apache /
Resource Hash
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Request headers

Referer
https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 21 Aug 2024 16:42:57 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 11:51:07 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
4677

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
guce.yahoo.com
URL
https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 number| pageStartTime boolean| isGoodJS object| YUI_config object| I13N_config string| COMET_URL string| gamIframeUrl object| challenge object| phoneVerifyData function| mbrSendError object| YAHOO object| rapidInstance object| jsModules boolean| mbrJSLoaded function| checkAssets function| __uspapi function| __tcfapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp number| lastApvTime

1 Cookies

Domain/Path Name / Value
.yahoo.com/ Name: A3
Value: d=AQABBAsZxmYCEBFY1BojcNLMBGF4qAsstucFEgEBAQFqx2bPZtww0iMA_eMAAA&S=AQAAAkF-Mi_aFcNJclPl_lBbFhU

7 Console Messages

Source Level URL
Text
other warning URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html(Line 153)
Message:
Unrecognized feature: 'document-domain'.
other warning URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html(Line 153)
Message:
Unrecognized feature: 'speaker-selection'.
security error
Message:
Refused to frame 'https://gpt.mail.yahoo.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080".
security error
Message:
Refused to frame 'https://gpt.mail.yahoo.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080".
javascript error URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/home.html
Message:
Access to XMLHttpRequest at 'https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid' from origin 'https://quickview948userverfyyah00mail.kingfisherprojects.co.za' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://quickview948userverfyyah00mail.kingfisherprojects.co.za/logads?adType=gam&delay=timeout&spid=794244015
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3p-udc.yahoo.com
consent.cmp.oath.com
csp.yahoo.com
gpt.mail.yahoo.net
guce.yahoo.com
opus.analytics.yahoo.com
pastwords.pythonanywhere.com
quickview948userverfyyah00mail.kingfisherprojects.co.za
s.yimg.com
guce.yahoo.com
152.199.24.48
192.185.161.67
2001:4998:14:800::1000
2001:4998:14:800::1001
2001:4998:58:207::6000
2606:2800:121:46:19e1:1c79:eea:1135
35.173.69.207
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
22e9e86d745200109fbcb3e96695307fea67880fca509728194b2cfce3906fa7
2a53b21e174d47311b403ac8a58554ca3784728dc488839c979b7db633dfbdcf
317bb329b108e0b43240303272544a258cca0c1219a183cb44b11f856a887184
322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1
3cad7414b803a7353313baa52a4c93a7923a2f11ef2c796fdfb196df199a9c9f
43c4090bf80305926a6fb9a8a75423ee8ff75c9eaf679d5d65ddd054a1d13c3c
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9b623912e09853a1a75fd671d7d2d2dd7061581c4e6c1a62e8e054d2594be1
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560