0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app Open in urlscan Pro
2a05:d014:275:cb00::c8  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/	14 KB 4 KB	33ms 9ms	Document text/html	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash b5893dc1d354b1dee482fb39ebb800ff0920b7581dd75fb0ec920d38cd3b4e53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 13301 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-encoding br content-length 3795 content-type text/html; charset=UTF-8 date Tue, 01 Oct 2024 21:09:54 GMT etag "d9883a0cd3c375c109d772ded85503a6-ssl-df" server Netlify strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-nf-request-id 01J94YP3J8NRZ746G9BRA6DENR
GET H2	200	yahoo-main.css s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/	709 KB 143 KB	43ms 12ms	Stylesheet text/css	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4660f63046bec17b3778b090e2219eb4ba43d2cb161022ede12db6eb0dec3e41 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers content-encoding gzip etag "5140a2b2609fd8082ce1c7b647584047-df" age 3136519 date Mon, 26 Aug 2024 13:54:36 GMT last-modified Wed, 21 Aug 2024 16:50:05 GMT vary Origin, Accept-Encoding content-type text/css x-amz-id-2 +7D17Z2aJhpwgJDIXmO+kva6pBPqgQ73Rxi4TqX8uTR47h8ImhXDSXnENtDLcXvXwp6cHVgUHlhUNORiU9WXRRe8LoD9hm4+ strict-transport-security max-age=31536000 cache-control public,max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id H80T1V97Z283R5SS accept-ranges bytes content-length 145971 server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png s.yimg.com/rz/p/	1 KB 2 KB	70ms 40ms	Image image/png	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers etag "cd166981c96c6d0f4b5a7d798c25878e" age 30989 x-content-type-options nosniff expires Tue, 01 Oct 2024 23:00:00 GMT date Tue, 01 Oct 2024 12:33:26 GMT last-modified Mon, 30 Sep 2024 21:30:58 GMT vary Origin content-type image/png x-amz-id-2 Ddr3OIuhZShGIaSQ22VM7pFGs7GaRfzfFO1BmQ75EEIJ8hPUuFApGuGB0r6WVfMT2qololq5yJs= strict-transport-security max-age=31536000 cache-control public,max-age=86400 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id SQD6YFH28CC5E37H accept-ranges bytes content-length 1346 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png s.yimg.com/rz/p/	1 KB 2 KB	70ms 40ms	Image image/png	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers etag "dd31f56b9e4dff40eb87447c3dc55b84" age 32872 x-content-type-options nosniff expires Tue, 01 Oct 2024 23:00:00 GMT date Tue, 01 Oct 2024 12:02:03 GMT last-modified Mon, 30 Sep 2024 21:30:58 GMT vary Origin content-type image/png x-amz-id-2 pIz9WmoV5z9VSu00nLX9Rjq+YGzTdGF7tbBxdo5IkvC5Aeb8Qnmz2b7XW1TsjSW60P16rardl8M= strict-transport-security max-age=31536000 cache-control public,max-age=86400 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id T6J64ATXE4PEVZQJ accept-ranges bytes content-length 1391 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	rapid-3.53.39.js Show response s.yimg.com/ss/	50 KB 18 KB	10ms 8ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/ss/rapid-3.53.39.js Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers content-encoding gzip etag "3ad90205296656e070371a83d5201160-df" x-amz-version-id qQB6rmWhCi0nbuLvxW7W.stvcSOa1X3q age 52885 x-content-type-options nosniff date Tue, 01 Oct 2024 06:28:31 GMT last-modified Thu, 20 Oct 2022 22:18:00 GMT vary Origin, Accept-Encoding content-type application/javascript x-amz-id-2 yNG0fxpRO+QbFM88OBfaXxQ2mUh0OV5milvT5o0J0EFLMLUqQ2j7F+SWpzLrpJtDzkbAnyhzUppfbpAGDB+JFxIlTojYeg3g strict-transport-security max-age=31536000 cache-control max-age=31536000, immutable ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id KH836WNK8DB9EK06 accept-ranges bytes content-length 18263 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	bundle.js Show response s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/	177 KB 48 KB	10ms 8ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/bundle.js Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 317bb329b108e0b43240303272544a258cca0c1219a183cb44b11f856a887184 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers content-encoding gzip etag "8409d6a7bb9abb2daf9a4cf7c7a38865-df" age 699455 date Mon, 23 Sep 2024 18:52:20 GMT last-modified Thu, 19 Oct 2023 16:04:41 GMT vary Origin, Accept-Encoding content-type application/javascript x-amz-id-2 0+2qWNk5bUV8oMCoaAIc81vtvFoeliKTrQtAlbmWDkabLJ/mf270vDVEUOZ59xaimHzttjsXOnYu8tEkb+zD2vbEtwRiCwrfGMNwhqGY234= strict-transport-security max-age=31536000 cache-control public,max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id BV0XQDA780AN5KZF accept-ranges bytes content-length 48992 server ATS x-amz-server-side-encryption AES256
GET H2	200	cmp.js Show response consent.cmp.oath.com/	180 KB 34 KB	59ms 7ms	Script application/javascript	2606:2800:135:155a:23ba:b2a:25ff:122d EDGECAST
General Check archive.org Show headers Download Go to Full URL https://consent.cmp.oath.com/cmp.js Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECD (frb/67BF) / Resource Hash d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers x-amz-id-2 B7xPgWe22temKgMQCsxJkT/mvPKFhpN7l2Skcz+urIn6RycmjwyFbLN0bGLnQ5/uy+PU1XDNViA= cache-control max-age=3600 content-encoding gzip etag "6863ce0703ce4f482389f8a7e640e4e6+gzip" age 500 x-amz-request-id YA24RP839N4KXJSZ expires Tue, 01 Oct 2024 22:09:54 GMT accept-ranges bytes x-cache HIT content-length 34582 date Tue, 01 Oct 2024 21:09:54 GMT content-type application/javascript last-modified Thu, 08 Feb 2024 18:14:22 GMT server ECD (frb/67BF) vary Accept-Encoding
GET H2	200	opus.js Show response opus.analytics.yahoo.com/tag/	8 KB 4 KB	85ms 8ms	Script application/javascript	152.199.23.180 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://opus.analytics.yahoo.com/tag/opus.js Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.180 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CA3) / Resource Hash e30b827cdefdcc2ff2e3fb69d1d0b30e7a9e679b18a2385b3c85ff345fddbb46 Security Headers Name Value Content-Security-Policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline' Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers x-amz-id-2 KWBW2IzDri4+tMHXAGNKrjsv9PT0xcjfixZHHPifEQUr+RZTQI/cv0EwYFmgvQLzFynw5VkWRuuZIGnFtGsddqRm+a5TGkWT content-security-policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline' content-encoding gzip etag "36fe94e917e5dc731081ce2ed65a7ca7+gzip" age 25495 x-amz-request-id ND0K955GT4E14VF4 x-cache HIT content-length 3214 date Tue, 01 Oct 2024 21:09:54 GMT content-type application/javascript last-modified Tue, 24 Sep 2024 14:03:19 GMT server ECAcc (frc/4CA3) vary Accept-Encoding
GET H2	200	sandbox gpt.mail.yahoo.net/ Frame 743B	0 0	78ms 38ms	Document text/html	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1 Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https:; script-src 'nonce-4nKMk18BgsR0fpkYPaPytQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers age 0 content-encoding gzip content-security-policy base-uri 'none'; connect-src https:; script-src 'nonce-4nKMk18BgsR0fpkYPaPytQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam content-type text/html; charset=utf-8 date Tue, 01 Oct 2024 21:09:54 GMT expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only referrer-policy no-referrer-when-downgrade server ATS strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-envoy-upstream-service-time 3 x-omg-env norrin-blue--gam-production-ir2-6bcd7db847-5n9gf x-xss-protection 1; mode=block
GET H2	200	phone-otp-v0.0.1.svg s.yimg.com/wm/mbr/images/yahoo/	22 KB 7 KB	12ms 12ms	Image image/svg+xml	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/wm/mbr/images/yahoo/phone-otp-v0.0.1.svg Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 43c4090bf80305926a6fb9a8a75423ee8ff75c9eaf679d5d65ddd054a1d13c3c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Response headers content-encoding gzip etag "4f3bb1a3d64eea60033dcd272ead6c83-df" age 870264 date Sat, 21 Sep 2024 19:25:32 GMT last-modified Tue, 25 Jun 2019 21:20:35 GMT vary Origin, Accept-Encoding content-type image/svg+xml x-amz-id-2 NY6Em89a5fJu02RDJikdR3x68+jbljKwBzlnNRRgNYZjp2i1/0vJr3AdYfyEPADr0nU8WkFcjlg= strict-transport-security max-age=31536000 cache-control public,max-age=315360000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id EAZQGH1BZQ58FVZY accept-ranges bytes content-length 7005 server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo-sans-cr4-vf.woff2 s.yimg.com/bw/fonts/	34 KB 34 KB	22ms 9ms	Font binary/octet-stream	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/bw/fonts/yahoo-sans-cr4-vf.woff2 Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 318d39388d650f931cfd5283ab5da11570bc0c6b1a85360bcbf03d3656d2ea8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app Referer https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Response headers x-amz-version-id WkgxPbZwJF4WkJjtpMrUGccT4d.GnFPQ etag "492a0a160b8da9414134282ef8b62f78" age 13064 x-content-type-options nosniff date Tue, 01 Oct 2024 17:32:11 GMT last-modified Thu, 11 Jul 2024 15:03:00 GMT content-type binary/octet-stream vary Origin x-amz-id-2 UOXvLhp1BIgLHHxI0wr7qeAl+k2VyUOGAXe87qa6tjVDxXHZErd0LXof2+KHCbpe+OoXKvcyxdOKuVAJYJI33KZ2+Qtd3yqrYNjDr3aKKbU= strict-transport-security max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id H8F1BB3ZPC184JJ6 accept-ranges bytes access-control-allow-origin * content-length 34588 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	centra-no2-bold.woff2 s.yimg.com/bw/fonts/	39 KB 39 KB	30ms 17ms	Font font/woff2	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/bw/fonts/centra-no2-bold.woff2 Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 22aca3530f993651436788f0effab7c09d3ac03bb0cdfcc8d809629e24cd54c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app Referer https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Response headers x-amz-version-id qDegSYWb9M7tgdPp_cUvHAGtT5pbzmjd etag "f7ffc5f925d3b186f552cde1c3e99691" age 13012 x-content-type-options nosniff date Tue, 01 Oct 2024 17:33:03 GMT last-modified Sat, 13 Jul 2024 00:12:23 GMT content-type font/woff2 vary Origin x-amz-id-2 RZDHhrJ0rTH6Uq3y2CcinNoqqCc9TX22SLO3L9eQ7ehe0Wn/xC23Fof2dasDod2dQswubVcG6PLvIGGCR+9IMOmJa3YY6lhEY0GFCD4yq1Y= strict-transport-security max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id Q7NE71QCET78JA9T accept-ranges bytes access-control-allow-origin * content-length 39888 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
POST H2	204	yql Show response 3p-udc.yahoo.com/v2/public/	0 386 B	138ms 38ms	XHR text/plain	2a00:1288:110:c204::b000 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794244015&yhlCT=2&yhlBTMS=1727816994510&yhlClientVer=3.53.39&yhlRnd=JfjB5kXSElqwRW6p&yhlCompressed=0 Requested by Host: s.yimg.com URL: https://s.yimg.com/ss/rapid-3.53.39.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers strict-transport-security max-age=31536000 cache-control no-store, no-cache, private, max-age=0 pragma no-cache x-envoy-upstream-service-time 1 age 0 access-control-allow-credentials true expires -1 access-control-allow-origin https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app p3p policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" date Tue, 01 Oct 2024 21:09:54 GMT vary Origin server ATS
POST H2	204	csp csp.yahoo.com/beacon/	0 441 B	205ms 121ms	Other text/plain	2a00:1288:110:c204::b000 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://csp.yahoo.com/beacon/csp?src=mail-gam Requested by Host: 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/csp-report Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers strict-transport-security max-age=31536000 cache-control no-store, no-cache, private, max-age=0 etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" x-envoy-upstream-service-time 1 age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only referrer-policy no-referrer-when-downgrade x-content-type-options nosniff content-security-policy-report-only default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com expires -1 x-xss-protection 1; mode=block date Tue, 01 Oct 2024 21:09:54 GMT x-powered-by Express server ATS x-frame-options SAMEORIGIN
GET H2	200	yahoo-favicon-img-v0.0.2.ico s.yimg.com/wm/mbr/images/	1 KB 2 KB	9ms 8ms	Other image/vnd.microsoft.icon	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers etag "b6814ae5582d7953821acbd76e977bb4" age 9062 x-content-type-options nosniff date Tue, 01 Oct 2024 18:38:53 GMT last-modified Wed, 11 Sep 2019 18:01:04 GMT vary Origin content-type image/vnd.microsoft.icon x-amz-id-2 K/ugvsOgppOghmDTZTXebhuBCrSEDkDjg463iDggX8vITjOjCrGZ0i7d+q3khZfz5TQuskhWyq7xg+aN3xFGSFtlrH3mSXCI strict-transport-security max-age=31536000 cache-control public,max-age=315360000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id 19P2JQZEECZDHZ2E accept-ranges bytes content-length 1406 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo-favicon-img-v0.0.2.ico s.yimg.com/wm/mbr/images/	1 KB 0	0ms 0ms	Other image/vnd.microsoft.icon	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers etag "b6814ae5582d7953821acbd76e977bb4" age 9062 x-content-type-options nosniff date Tue, 01 Oct 2024 18:38:53 GMT last-modified Wed, 11 Sep 2019 18:01:04 GMT vary Origin content-type image/vnd.microsoft.icon x-amz-id-2 K/ugvsOgppOghmDTZTXebhuBCrSEDkDjg463iDggX8vITjOjCrGZ0i7d+q3khZfz5TQuskhWyq7xg+aN3xFGSFtlrH3mSXCI cache-control public,max-age=315360000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id 19P2JQZEECZDHZ2E accept-ranges bytes content-length 1406 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
POST H2	204	csp csp.yahoo.com/beacon/	0 25 B	158ms 122ms	Other text/plain	2a00:1288:110:c204::b000 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://csp.yahoo.com/beacon/csp?src=mail-gam Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/csp-report Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ Response headers strict-transport-security max-age=31536000 cache-control no-store, no-cache, private, max-age=0 etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" x-envoy-upstream-service-time 1 age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only referrer-policy no-referrer-when-downgrade x-content-type-options nosniff content-security-policy-report-only default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com expires -1 x-xss-protection 1; mode=block date Tue, 01 Oct 2024 21:09:54 GMT x-powered-by Express server ATS x-frame-options SAMEORIGIN
GET H2	404	logads Show response 0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/	3 KB 1 KB	9ms 9ms	XHR text/html	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/logads?adType=gam&delay=timeout&spid=794244015 Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/ X-Requested-With XMLHttpRequest Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public,max-age=0,must-revalidate content-encoding br etag 1727802874-ssl-df age 8095 content-length 1284 x-nf-request-id 01J94YP8NQEZXT07BCHTDAHPWV cache-status "Netlify Edge"; hit date Tue, 01 Oct 2024 21:09:59 GMT content-type text/html; charset=utf-8 vary Accept-Encoding server Netlify

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 number| pageStartTime boolean| isGoodJS object| YUI_config object| I13N_config string| COMET_URL string| gamIframeUrl object| challenge object| phoneVerifyData function| mbrSendError object| YAHOO object| rapidInstance object| jsModules boolean| mbrJSLoaded function| checkAssets function| __uspapi function| __tcfapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp number| lastApvTime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/(Line 152) Message: Unrecognized feature: 'document-domain'.
other	warning	URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/(Line 152) Message: Unrecognized feature: 'speaker-selection'.
security	error	Message: Refused to frame 'https://gpt.mail.yahoo.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080".
security	error	Message: Refused to frame 'https://gpt.mail.yahoo.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080".
network	error	URL: https://0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app/logads?adType=gam&delay=timeout&spid=794244015 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e8bc3ya0h0e304oio2q340se233a43ir5s.netlify.app
3p-udc.yahoo.com
consent.cmp.oath.com
csp.yahoo.com
gpt.mail.yahoo.net
opus.analytics.yahoo.com
s.yimg.com
152.199.23.180
2606:2800:135:155a:23ba:b2a:25ff:122d
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1288:80:807::2
2a05:d014:275:cb00::c8
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
22aca3530f993651436788f0effab7c09d3ac03bb0cdfcc8d809629e24cd54c7
317bb329b108e0b43240303272544a258cca0c1219a183cb44b11f856a887184
318d39388d650f931cfd5283ab5da11570bc0c6b1a85360bcbf03d3656d2ea8a
322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1
43c4090bf80305926a6fb9a8a75423ee8ff75c9eaf679d5d65ddd054a1d13c3c
4660f63046bec17b3778b090e2219eb4ba43d2cb161022ede12db6eb0dec3e41
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867
b5893dc1d354b1dee482fb39ebb800ff0920b7581dd75fb0ec920d38cd3b4e53
d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387
e30b827cdefdcc2ff2e3fb69d1d0b30e7a9e679b18a2385b3c85ff345fddbb46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855