e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app Open in urlscan Pro
2a05:d014:58f:6201::64  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/	14 KB 4 KB	90ms 28ms	Document text/html	2a05:d014:58f:6201::64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ebff934941220b83d6a3c5fa0e9e794144940d9fb347c9fb6b96b6a00f66877a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 645 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-encoding br content-length 3757 content-type text/html; charset=UTF-8 date Fri, 27 Sep 2024 20:08:47 GMT etag "36ed30ed9f7c46d7147acc0a28836040-ssl-df" server Netlify strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-nf-request-id 01J8THKB1PGPWAJNNX004B42DK
GET H2	200	yahoo-main.css s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/	709 KB 143 KB	170ms 55ms	Stylesheet text/css	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4660f63046bec17b3778b090e2219eb4ba43d2cb161022ede12db6eb0dec3e41 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers content-encoding gzip etag "5140a2b2609fd8082ce1c7b647584047-df" age 3201095 date Wed, 21 Aug 2024 18:57:14 GMT last-modified Wed, 21 Aug 2024 16:50:05 GMT vary Origin, Accept-Encoding content-type text/css x-amz-id-2 VPRna+qDmtqW+KjAqdCgT4rcmA9V9tjto15vSDDr1AyH8PyYapVGLZTm8LPAq3E2x6AQoRVtelaaSrz67atqCw== strict-transport-security max-age=31536000 cache-control public,max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id 59XE9VEVHPF6BZSV accept-ranges bytes content-length 145971 server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png s.yimg.com/rz/p/	1 KB 2 KB	168ms 54ms	Image image/png	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers etag "cd166981c96c6d0f4b5a7d798c25878e" age 76540 x-content-type-options nosniff expires Fri, 27 Sep 2024 23:00:00 GMT date Thu, 26 Sep 2024 22:53:09 GMT last-modified Thu, 26 Sep 2024 21:32:01 GMT vary Origin content-type image/png x-amz-id-2 U/au7vZdUvYE/fI/nu5BY9XrCKMaobEjfFjvRfuSwRBthNJFVgFmPYjprGcwTbfVOd0gDh3Ggbg= strict-transport-security max-age=31536000 cache-control public,max-age=86400 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id BVR0715EWYQ6QSDE accept-ranges bytes content-length 1346 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png s.yimg.com/rz/p/	1 KB 2 KB	167ms 52ms	Image image/png	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers etag "dd31f56b9e4dff40eb87447c3dc55b84" age 35004 x-content-type-options nosniff expires Fri, 27 Sep 2024 23:00:00 GMT date Fri, 27 Sep 2024 10:25:25 GMT last-modified Thu, 26 Sep 2024 21:32:01 GMT vary Origin content-type image/png x-amz-id-2 KV19qfyb0dspAZzzw75s79rhZ5L1eMv0RUxPc1FozkbkBzAgQrV2W7NtYtPIPIJIIZfVn8kye7s= strict-transport-security max-age=31536000 cache-control public,max-age=86400 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id 9XHMMFDP5F2EWR36 accept-ranges bytes content-length 1391 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	rapid-3.53.39.js Show response s.yimg.com/ss/	50 KB 18 KB	141ms 140ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/ss/rapid-3.53.39.js Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers content-encoding gzip etag "3ad90205296656e070371a83d5201160-df" x-amz-version-id qQB6rmWhCi0nbuLvxW7W.stvcSOa1X3q age 16757 x-content-type-options nosniff date Fri, 27 Sep 2024 15:29:32 GMT last-modified Thu, 20 Oct 2022 22:18:00 GMT vary Origin, Accept-Encoding content-type application/javascript x-amz-id-2 CCA9/kTBg2Cm0rbYWuKHTfyCgaZVvWV2BznLjBIvSRnXKK5CnJLSMqwfmr9xPuLTsb7livo42GHuSz13T2O0dOMajsJXWvWVsNRb250DxYo= strict-transport-security max-age=31536000 cache-control max-age=31536000, immutable ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id PAD9SKRSABP0FTP9 accept-ranges bytes content-length 18263 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	bundle.js Show response s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/	177 KB 48 KB	141ms 141ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/bundle.js Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 317bb329b108e0b43240303272544a258cca0c1219a183cb44b11f856a887184 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers content-encoding gzip etag "8409d6a7bb9abb2daf9a4cf7c7a38865-df" age 3813664 date Wed, 14 Aug 2024 16:47:45 GMT last-modified Thu, 19 Oct 2023 16:04:41 GMT vary Origin, Accept-Encoding content-type application/javascript x-amz-id-2 uTXllxTIoNDQ8Vshls7nTHZDoEk4Pg4bR9r/7VeMj9U3dUFau8AtZ27BV8tyWsbxOxuxJMLPekI= strict-transport-security max-age=31536000 cache-control public,max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id 0QPTHQY4MD9X2TNB accept-ranges bytes content-length 48992 server ATS x-amz-server-side-encryption AES256
GET H2	200	cmp.js Show response consent.cmp.oath.com/	180 KB 34 KB	112ms 24ms	Script application/javascript	2606:2800:135:155a:23ba:b2a:25ff:122d EDGECAST
General Check archive.org Show headers Download Go to Full URL https://consent.cmp.oath.com/cmp.js Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECD (frb/67BF) / Resource Hash d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers x-amz-id-2 Z1+GNnJp/97dSS70h1KmIWQ7xqiuCzcS5YjAbOlnqi72SiQKA4nxMDFWj6EOsU1o6YX/Lj8JFdc= cache-control max-age=3600 content-encoding gzip etag "6863ce0703ce4f482389f8a7e640e4e6+gzip" age 434 x-amz-request-id R1AWDYEQ4WCEX2XZ expires Fri, 27 Sep 2024 21:08:48 GMT accept-ranges bytes x-cache HIT content-length 34582 date Fri, 27 Sep 2024 20:08:48 GMT content-type application/javascript last-modified Thu, 08 Feb 2024 18:14:22 GMT server ECD (frb/67BF) vary Accept-Encoding
GET H2	200	opus.js Show response opus.analytics.yahoo.com/tag/	8 KB 3 KB	146ms 35ms	Script application/javascript	152.199.23.180 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://opus.analytics.yahoo.com/tag/opus.js Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.180 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CA3) / Resource Hash e30b827cdefdcc2ff2e3fb69d1d0b30e7a9e679b18a2385b3c85ff345fddbb46 Security Headers Name Value Content-Security-Policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline' Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers x-amz-id-2 Q3aSldGG8/vAl+aDwFuZutQpBulJqMVsQtjUrkScylIdIk426Z8hxReGaFPs1vkCBkpssGAxQb0= content-security-policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline' content-encoding gzip etag "36fe94e917e5dc731081ce2ed65a7ca7+gzip" age 281029 x-amz-request-id 266N8GY678VC9GGY x-cache HIT content-length 3214 date Fri, 27 Sep 2024 20:08:48 GMT content-type application/javascript last-modified Tue, 24 Sep 2024 14:03:19 GMT server ECAcc (frc/4CA3) vary Accept-Encoding
GET		sandbox gpt.mail.yahoo.net/ Frame EA0A	0 0
GET H2	200	phone-otp-v0.0.1.svg s.yimg.com/wm/mbr/images/yahoo/	22 KB 7 KB	49ms 48ms	Image image/svg+xml	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/wm/mbr/images/yahoo/phone-otp-v0.0.1.svg Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 43c4090bf80305926a6fb9a8a75423ee8ff75c9eaf679d5d65ddd054a1d13c3c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Response headers content-encoding gzip etag "4f3bb1a3d64eea60033dcd272ead6c83-df" age 1201649 date Fri, 13 Sep 2024 22:21:20 GMT last-modified Tue, 25 Jun 2019 21:20:35 GMT vary Origin, Accept-Encoding content-type image/svg+xml x-amz-id-2 LROX3is3BZGV035gp/Zv5PIEHnjuVDTfXUjV7iI1VxpEF/HL1wI8eC2QbBfj5gy4z+DcAdBzrD8= strict-transport-security max-age=31536000 cache-control public,max-age=315360000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id 0VBQDKD9WTAKT83E accept-ranges bytes content-length 7005 server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo-sans-cr4-vf.woff2 s.yimg.com/bw/fonts/	34 KB 34 KB	148ms 53ms	Font binary/octet-stream	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/bw/fonts/yahoo-sans-cr4-vf.woff2 Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 318d39388d650f931cfd5283ab5da11570bc0c6b1a85360bcbf03d3656d2ea8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app Referer https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Response headers x-amz-version-id WkgxPbZwJF4WkJjtpMrUGccT4d.GnFPQ etag "492a0a160b8da9414134282ef8b62f78" age 9402 x-content-type-options nosniff date Fri, 27 Sep 2024 17:32:07 GMT last-modified Thu, 11 Jul 2024 15:03:00 GMT content-type binary/octet-stream vary Origin x-amz-id-2 JsWew7IUj63pWBNHzi2EBc3qWo5Jcyf4VJ/25NCOTzubnpV38N6/CDZVy24rsaBLCiBDaC5rYdc= strict-transport-security max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id V2Q94D75PF1W87K9 accept-ranges bytes access-control-allow-origin * content-length 34588 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
GET H2	200	centra-no2-bold.woff2 s.yimg.com/bw/fonts/	39 KB 39 KB	200ms 105ms	Font font/woff2	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/bw/fonts/centra-no2-bold.woff2 Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 22aca3530f993651436788f0effab7c09d3ac03bb0cdfcc8d809629e24cd54c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app Referer https://s.yimg.com/wm/mbr/7b1003d0174c3eab46fc42426bc8ce5180d8b675/yahoo-main.css Response headers x-amz-version-id qDegSYWb9M7tgdPp_cUvHAGtT5pbzmjd etag "f7ffc5f925d3b186f552cde1c3e99691" age 9350 x-content-type-options nosniff date Fri, 27 Sep 2024 17:32:59 GMT last-modified Sat, 13 Jul 2024 00:12:23 GMT content-type font/woff2 vary Origin x-amz-id-2 dgFS2H3emt1nL8kL4kkqxoAQqgWLuv+Od5oiFFxtqW6X/ElXIrLvv/bkfvR0spoJKhxvJWm5gM/4qPNFw7kbKspR34cvsp0t strict-transport-security max-age=31536000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id N9VZS859PA14YFG5 accept-ranges bytes access-control-allow-origin * content-length 39888 x-xss-protection 1; mode=block server ATS x-amz-server-side-encryption AES256
POST H2	204	yql Show response 3p-udc.yahoo.com/v2/public/	0 385 B	168ms 53ms	XHR text/plain	2a00:1288:110:c204::b000 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794244015&yhlCT=2&yhlBTMS=1727467728282&yhlClientVer=3.53.39&yhlRnd=44hn5iz9YLLAq6x6&yhlCompressed=0 Requested by Host: s.yimg.com URL: https://s.yimg.com/ss/rapid-3.53.39.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers strict-transport-security max-age=31536000 cache-control no-store, no-cache, private, max-age=0 pragma no-cache x-envoy-upstream-service-time 1 age 0 access-control-allow-credentials true expires -1 access-control-allow-origin https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app p3p policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" date Fri, 27 Sep 2024 20:08:48 GMT vary Origin server ATS
GET H2	200	sandbox gpt.mail.yahoo.net/ Frame EA0A	0 0	93ms 93ms	Document text/html	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1 Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/c20691e65257c4b486f33fa0cb8663db35871772/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https:; script-src 'nonce-J15kyvABG2YjepUOUIuxhg==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers age 0 content-encoding gzip content-security-policy base-uri 'none'; connect-src https:; script-src 'nonce-J15kyvABG2YjepUOUIuxhg==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; sandbox allow-forms allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts; block-all-mixed-content; frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080; report-uri https://csp.yahoo.com/beacon/csp?src=mail-gam content-type text/html; charset=utf-8 date Fri, 27 Sep 2024 20:08:48 GMT expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only referrer-policy no-referrer-when-downgrade server ATS strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-envoy-upstream-service-time 2 x-omg-env norrin-green--gam-production-ir2-86566747cd-zkzxf x-xss-protection 1; mode=block
POST H2	204	csp csp.yahoo.com/beacon/	0 441 B	234ms 126ms	Other text/plain	2a00:1288:110:c204::b000 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://csp.yahoo.com/beacon/csp?src=mail-gam Requested by Host: e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/csp-report Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers strict-transport-security max-age=31536000 cache-control no-store, no-cache, private, max-age=0 etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" x-envoy-upstream-service-time 0 age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only referrer-policy no-referrer-when-downgrade x-content-type-options nosniff content-security-policy-report-only default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com expires -1 x-xss-protection 1; mode=block date Fri, 27 Sep 2024 20:08:48 GMT x-powered-by Express server ATS x-frame-options SAMEORIGIN
GET H2	200	yahoo-favicon-img-v0.0.2.ico s.yimg.com/wm/mbr/images/	1 KB 2 KB	51ms 50ms	Other image/vnd.microsoft.icon	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers etag "b6814ae5582d7953821acbd76e977bb4" age 571546 date Sat, 21 Sep 2024 05:23:03 GMT last-modified Wed, 11 Sep 2019 18:01:04 GMT vary Origin content-type image/vnd.microsoft.icon x-amz-id-2 N/mK7OFHeQJvnPVsNAwJeWBn4VUx/xgQLzr6M5kHP37olM5tZbOkQaD6jdNhC0DXv/yY0EvfP1Kb66nsbQg5Dg== strict-transport-security max-age=31536000 cache-control public,max-age=315360000 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id JF8MJM421RSWDR74 accept-ranges bytes content-length 1406 server ATS x-amz-server-side-encryption AES256
GET H2	200	yahoo-favicon-img-v0.0.2.ico s.yimg.com/wm/mbr/images/	1 KB 0	0ms 0ms	Other image/vnd.microsoft.icon	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/ Response headers x-amz-id-2 N/mK7OFHeQJvnPVsNAwJeWBn4VUx/xgQLzr6M5kHP37olM5tZbOkQaD6jdNhC0DXv/yY0EvfP1Kb66nsbQg5Dg== vary Origin cache-control public,max-age=315360000 etag "b6814ae5582d7953821acbd76e977bb4" age 571546 ats-carp-promotion 1, 1 referrer-policy no-referrer-when-downgrade x-amz-request-id JF8MJM421RSWDR74 accept-ranges bytes content-length 1406 date Sat, 21 Sep 2024 05:23:03 GMT last-modified Wed, 11 Sep 2019 18:01:04 GMT content-type image/vnd.microsoft.icon server ATS x-amz-server-side-encryption AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

gpt.mail.yahoo.net

URL

https://gpt.mail.yahoo.net/sandbox?client=login&version=0.1&limited=0&headerBidder=1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 number| pageStartTime boolean| isGoodJS object| YUI_config object| I13N_config string| COMET_URL string| gamIframeUrl object| challenge object| phoneVerifyData function| mbrSendError object| YAHOO object| rapidInstance object| jsModules boolean| mbrJSLoaded function| checkAssets function| __uspapi function| __tcfapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp number| lastApvTime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/(Line 152) Message: Unrecognized feature: 'document-domain'.
other	warning	URL: https://e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app/(Line 152) Message: Unrecognized feature: 'speaker-selection'.
security	error	Message: Refused to frame 'https://gpt.mail.yahoo.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://mail.yahoo.com https://*.mail.yahoo.com https://mail.aol.com https://*.mail.aol.com https://login.yahoo.com https://*.login.yahoo.com https://login.aol.com https://*.login.aol.com https://devbox.login.aol.com:8080 https://devbox.login.yahoo.com:8080".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3p-udc.yahoo.com
consent.cmp.oath.com
csp.yahoo.com
e72ab6ya0h100ma9i92l300dec9920ioc9.netlify.app
gpt.mail.yahoo.net
opus.analytics.yahoo.com
s.yimg.com
gpt.mail.yahoo.net
152.199.23.180
2606:2800:135:155a:23ba:b2a:25ff:122d
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1288:80:807::2
2a05:d014:58f:6201::64
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
22aca3530f993651436788f0effab7c09d3ac03bb0cdfcc8d809629e24cd54c7
317bb329b108e0b43240303272544a258cca0c1219a183cb44b11f856a887184
318d39388d650f931cfd5283ab5da11570bc0c6b1a85360bcbf03d3656d2ea8a
322863efdb222250f660a04127f8ac343cc74ded9ee6dea49e88605c80f46ee1
43c4090bf80305926a6fb9a8a75423ee8ff75c9eaf679d5d65ddd054a1d13c3c
4660f63046bec17b3778b090e2219eb4ba43d2cb161022ede12db6eb0dec3e41
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
d08dedfb38aa5ae7dedadcae8425f632c17ce61aba51990d9275fb71a2b28387
e30b827cdefdcc2ff2e3fb69d1d0b30e7a9e679b18a2385b3c85ff345fddbb46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebff934941220b83d6a3c5fa0e9e794144940d9fb347c9fb6b96b6a00f66877a