urlscan.io logo urlscan.io
SecurityTrails logo

red-tree-7ce1.ageefeaernktdrnp6050.workers.dev Open in urlscan Pro
2606:4700:3032::6815:144e  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Submission: On January 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3032::6815:144e, located in United States and belongs to CLOUDFLARENET, US. The main domain is red-tree-7ce1.ageefeaernktdrnp6050.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time red-tree-7ce1.ageefeaernktdrnp6050.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online) Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a04:4e42:200... 54113 (FASTLY)
1 ()
1 2620:0:890::100 54113 (FASTLY)
1 2 108.159.227.124 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2001:4998:1c:... 14779 (YAHOO)
19 12
1    2606:4700:3032::6815:144e (United States)

ASN13335 (CLOUDFLARENET, US)
red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
3    2606:4700:4400::ac40:9a6b (United States)

ASN13335 (CLOUDFLARENET, US)
codesandbox.io
3    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    (None, )

ASN- ()
red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
validated.web.app
2    108.159.227.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-159-227-124.ord56.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
1    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)
s.yimg.com
Apex Domain
Subdomains		 Transfer
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 673
59 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
77 KB
3 codesandbox.io
codesandbox.io — Cisco Umbrella Rank: 85741
48 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998
29 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
712 B
2 workers.dev
red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
293 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
7 KB
1 web.app
validated.web.app
65 KB
19 10
Domain Requested by
3 s.yimg.com validated.web.app
3 code.jquery.com red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
3 codesandbox.io red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
codesandbox.io
2 sb.scorecardresearch.com 1 redirects red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
2 red-tree-7ce1.ageefeaernktdrnp6050.workers.dev red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1 cdn.jsdelivr.net red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1 stackpath.bootstrapcdn.com red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1 ajax.googleapis.com red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1 maxcdn.bootstrapcdn.com red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1 cdnjs.cloudflare.com red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
1 validated.web.app red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
19 11

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
help.yahoo.com
login.yahoo.com
www.verizonmedia.com
Subject Issuer Validity Valid
ageefeaernktdrnp6050.workers.dev
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
codesandbox.io
E1		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
web.app
GTS CA 1D4		 2024-01-17 -
2024-04-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-22 -
2024-03-13		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Frame ID: 4B3FCE55226A161A485FE37BD717CD95
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yahoo

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

89 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

12
IPs

1
Countries

609 kB
Transfer

5824 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=794416018&ns_c=UTF-8&ns__t=1605204367576&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=794416018&ns_c=UTF-8&ns__t=1605204367576&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 64099d4a-1fb9-444c-8ca1-bc0246bc41de
red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/ 		3 MB
293 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:144e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e11f7ee1b8ec5fede4d0bfdb718440592ca12857f49256200bb57bee8c2997

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
84acdf0ccca87d06-EWR
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 25 Jan 2024 01:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6E%2FFRqq3BzIUKKOfVIRgZTzMKRQ51De009uJTmt%2BaOrLA6BYCDZTd4up%2B0%2BLj9rRtFOzOG9crv2aDIcfx5%2Ba49yUBT8b1owqiwbpdG%2BdP%2FgVYROG2ItNRtCD3Ark8ZU%2BbOqQa2LtJHlrxWW2Cqc28ERU8NoHCzbLB1Bkx2nB%2BBJcFToIgv5neBq7qj9L"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sse-hooks.350c89a8d06431c89209943b3882c89f.js
codesandbox.io/public/sse-hooks/ 		172 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/public/sse-hooks/sse-hooks.350c89a8d06431c89209943b3882c89f.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 01:51:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
4113542
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 08 Dec 2023 11:11:17 GMT
server
cloudflare
etag
W/"6572f9d5-2b197"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
84acdf1579697c7e-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner.d9cb10a38.js
codesandbox.io/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/banner.d9cb10a38.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 01:51:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
4903967
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:17:00 GMT
server
cloudflare
etag
W/"65645e8c-efa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
84acdf15796c7c7e-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 01:51:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1464573
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-ewr18182-EWR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706147490.155213,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
30, 17455
watermark-button.eeb14a97b.js
codesandbox.io/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/watermark-button.eeb14a97b.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 01:51:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
1386717
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 01 Dec 2023 10:40:01 GMT
server
cloudflare
etag
W/"6569b801-ac1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
84acdf17ca1f32d2-PHL
expires
Thu, 31 Dec 2037 23:55:55 GMT
phishing
codesandbox.io/api/v1/sandboxes/red-tree-7ce1/ 		0
0
6d0b357d-86a0-4fb6-9210-016155742dbb
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/ 		2 MB
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/6d0b357d-86a0-4fb6-9210-016155742dbb
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2182f5cf6b48b04c4c0f378d041ce4c5f351ecc78640dc037714bce67009ce1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
2067747
Content-Type
text/html
yahoo-main.css
validated.web.app/s.yimg.com/wm/mbr/53b2a2316b6797357929f67e8e301a70f6482597/ 		448 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://validated.web.app/s.yimg.com/wm/mbr/53b2a2316b6797357929f67e8e301a70f6482597/yahoo-main.css
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
589ef5ad36e122db7d91ee900b98607bfd6c90f34194b5dc1ab3ca81e0517e2e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-ewr18125-EWR
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Thu, 25 Jan 2024 01:51:36 GMT
last-modified
Sun, 18 Apr 2021 21:10:23 GMT
x-timer
S1706147496.174064,VS0,VE4
etag
"2b877ff0aec83ad183a12227a615078759150924caf751983e44cab667b12c65-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
65957
x-cache-hits
1
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 25 Jan 2024 01:51:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
11243697
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-ewr18178-EWR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706147496.161520,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
32, 141670
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=794416018&ns_c=UTF-8&ns__t=1605204367576&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1
  • https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=794416018&ns_c=UTF-8&ns__t=1605204367576&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=794416018&ns_c=UTF-8&ns__t=1605204367576&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: blob:https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/6d0b357d-86a0-4fb6-9210-016155742dbb
Protocol
H2
Server
108.159.227.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-124.ord56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 01:51:36 GMT
via
1.1 7c2bddae46164995fddee85f5e85fca2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P4
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
6eckxFF7aqF2A9SsDujTY8Vn6i3IQXADmr72w6RF4lAh8PU8ZyAd3A==

Redirect headers

date
Thu, 25 Jan 2024 01:51:36 GMT
via
1.1 7c2bddae46164995fddee85f5e85fca2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P4
x-cache
Miss from cloudfront
location
/p2?c1=2&c2=7241469&c5=794416018&ns_c=UTF-8&ns__t=1605204367576&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1
content-length
0
x-amz-cf-id
2p830LBqX8Zm3JNXYeLie64njPmK26ahL3V8vO6d63evoJAupa_0Fg==
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 25 Jan 2024 01:51:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
453517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G5bxD6Xe%2B%2F4CfkJ%2FjdQ%2FwfFTHD1v0t6OQl5AtafmHp7x0H9kTM2sh3ufGpYw9u5vOQuVAe%2BnxYGhdXvVDE1vdn9CuQBiyzUx8XE2rb0KBdCL2nsVvlorIGwHIaAf5tUrzyQF%2BcRzLDROQCDtws2huW%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84acdf3b1ff51a38-EWR
expires
Tue, 14 Jan 2025 01:51:36 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 25 Jan 2024 01:51:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
1039020
cdn-cachedat
10/31/2023 18:51:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
99c2c900d562ae92fc9e145f9eb2504c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84acdf3b1af87c82-EWR
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 24 Jan 2024 23:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 23:49:55 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 25 Jan 2024 01:51:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1048
age
1369024
cdn-cachedat
10/31/2023 18:58:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f4f838df79fc133911a060d7c6bb0f5c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84acdf3b1a5b7d0e-EWR
cdn-requestpullsuccess
True
jquery.session.min.js
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jan 2024 01:51:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
9849510
x-jsd-version
1.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
983
x-served-by
cache-fra-eddf8230025-FRA, cache-ewr18125-EWR
x-jsd-version-type
version
etag
W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
Yahoo_Sans-Regular.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
Requested by
Host: validated.web.app
URL: https://validated.web.app/s.yimg.com/wm/mbr/53b2a2316b6797357929f67e8e301a70f6482597/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://validated.web.app/
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Wed, 20 Dec 2023 21:40:14 GMT
strict-transport-security
max-age=31536000
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:51 GMT
x-content-type-options
nosniff
x-amz-request-id
9NJMQ9X28AKEQSE3
age
3039083
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011771545398
content-length
28860
x-amz-id-2
rogTFGPzP2qySxzyfXYyZn17UloaPemLCFr1fd+1eRZytsyutryHs9AhCEU+90P8o1h8jQbFpU8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 19:06:41 GMT
server
ATS
etag
"a99b283070afc519f4816e4300c515d2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-access
public
expires
Sat, 05 Sep 2026 00:00:00 GMT
checkbox-checked.svg
s.yimg.com/wm/mbr/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/wm/mbr/images/checkbox-checked.svg
Requested by
Host: validated.web.app
URL: https://validated.web.app/s.yimg.com/wm/mbr/53b2a2316b6797357929f67e8e301a70f6482597/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
11b4310df6e27428e7cf86f316abdc10148ac5cf3c8bbbd5b85c88b9f6290c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://validated.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Sat, 20 Jan 2024 16:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
MFR1XTSWKC4NVM18
age
378738
x-amz-server-side-encryption
AES256
content-length
659
x-amz-id-2
cob521WU5pvcth08+KEX8JJV5MibEnOJpaf6c2+4YfACySNaz3kRR9L6MVHrM/rKDnxGDgPUQ1w=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Apr 2020 17:13:52 GMT
server
ATS
etag
"ac8c4fbeda6efad9549cb41b992a8b3a-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=315360000
accept-ranges
bytes
Yahoo_Sans-Medium.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
Requested by
Host: validated.web.app
URL: https://validated.web.app/s.yimg.com/wm/mbr/53b2a2316b6797357929f67e8e301a70f6482597/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://validated.web.app/
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Thu, 28 Dec 2023 19:58:30 GMT
strict-transport-security
max-age=31536000
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:52 GMT
x-content-type-options
nosniff
x-amz-request-id
D03RF8D79SYA9Q9V
age
2353987
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011772247755
content-length
29228
x-amz-id-2
pJstpjGjtAzwi96VxfdL8kDd8AxZQpWOCtOi0HBk9r1dNG9GiU9Ef9pbr2IvFJbeHFzWCKOv4bs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 16:25:50 GMT
server
ATS
etag
"7c7c02dcee2bf1c2528db6092d4ad1fa"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-access
public
expires
Sat, 05 Sep 2026 00:00:00 GMT
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
URL: blob:https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/6d0b357d-86a0-4fb6-9210-016155742dbb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
Origin
https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 01:51:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
11243698
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-ewr18178-EWR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706147497.889393,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
32, 141672

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
codesandbox.io
URL
https://codesandbox.io/api/v1/sandboxes/red-tree-7ce1/phishing

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online) Generic Email (Online)

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| s string| m function| lLIi6y4Ca56Nc1o2nfu6se6iiii function| llLi6y4Ca56Nc1o2nfu6se6iiii object| u5eP316 function| t6QhW6 object| u8e1H0 number| giDIiS object| jJnxu1 string| Sc5LfdB string| r80bBL string| pwgqxZ string| I8_KOJC string| XRUmWWw string| QVi9bV string| Mh6tvb string| JSsLhj string| pMvyhmL string| fzIhVo string| GUOmxF string| By67NWB string| UODN81Q string| Xck0pIT string| A9H5sg string| urwY_L2 string| Dh7Nmpi string| emsJSh string| inJH0iT string| SSg2Wx string| NcnVpS string| PRHcJC string| qAEwh3C string| XtKl3f string| VPWh21a string| KkPPHfT string| IM6nvg string| kuNkyk2 string| qFM89P string| i_E24hC string| MQGPZ3S string| kuojs8 string| y1XaHE string| A3yC1z string| Ykbb8b string| Kt70nh string| z2_uULN object| p5qklj object| rGYfcNg object| fYyMek object| ehWWWO function| EwX4H5Y function| O7oIChe function| liii6y4ca56nc1o2nfu6se6iiii boolean| xlVgXp object| RE3iCh number| dZIYDY number| FFUmww number| zRGKYBn function| v_smAw string| GnfbGW8 string| pshDmH string| ayOA_5G string| ZlfWFE string| MhAfwVK string| xGg8GU number| KOhJhX3 string| ShK4bP string| b3N4BR number| tv9fO6D function| GcFxZJU function| EfhCnx function| y6aUC3i function| T9nLj_E function| jNoRbDQ function| llli6y4ca56nc1o2nfu6se6iiii function| llii6y4ca56nc1o2nfu6se6iiii function| e2j2WP function| UyyEAc function| ADWa1zk function| iiii6y4ca56nc1o2nfu6se6iiii function| $ function| jQuery function| Popper object| bootstrap function| LLLLl6Y4CA56nc1o2nfu6se6llll function| lllll6y4ca56nc1o2nfu6se6llll function| lLII6y4CA56Nc1o2nfu6se6iiii object| g9dBLsj function| ViM5Inz object| FI4wJ7r number| _rafzJ object| KnJq71 string| Kmd2B1B string| onHXIWK string| K_22xOK string| ibVsxiq string| fF2bXD6 string| d9nDWJX string| wQ5XOS9 string| JVsiIx string| VjJtzWp string| HXYcH6C string| deTLbQ string| IS5kDpF string| ubIiQep string| Xq2GK4 string| kNTD77u string| bW_WS7Q string| rRAo6Hd string| kkX7WJ string| kI7l9O string| iufs_t string| fhQGTmO string| HYMOiS string| bT4Cxm2 string| wK0dnZl string| P626JD string| LHaUBAs string| o9hgEp5 string| prd02P string| RzAHMn_ string| wPRhjk string| Ezs4aZh string| d5y9ZqV string| hRaGsZ string| rVLqFkr string| F7WyPP string| w_g6jvm string| m19Kh5Z string| _7pr_6b string| je7_lVu string| tfVXiiy string| DvsFYET string| XDotUj string| B4YdGMw string| MmhCLh string| mXB_QB string| RgWXHd string| c2yFwZO string| mm2QIYJ string| YomGcC string| cNrTkX string| LSI59Yp string| xmivql string| TyKzFy string| QEMAE3P string| PNSihh string| TKbJ2N string| yjly2xp string| Dwbkmnf string| r_krNIC string| AEG9zL string| izXaHf string| fdUMea string| hhni_EB string| EEjCvS object| NcYwCmR object| qL81eV object| bV8hsKB object| AHXaIB function| bXqPptU function| KsAJO9 function| llll6y4ca56nc1o2nfu6se6lii undefined| ZI0Dst function| NXnh84B function| w1mzbTB function| casA0_ function| Fu4gUC function| qhnyYa function| ysyKPg function| YAAp6e function| e1xnWn

3 Cookies

Domain/Path Name / Value
.codesandbox.io/ Name: _cfuvid
Value: rpbv2QBSecKHF9UlMyEamwe7ceMrue6N4wqsh3A.L8U-1706147490177-0-604800000
.scorecardresearch.com/ Name: UID
Value: 14B2d8305be183a33712e561706147496
/ Name: __session:0.35332339296258275:
Value: blob:

10 Console Messages

Source Level URL
Text
javascript error URL: https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev/64099d4a-1fb9-444c-8ca1-bc0246bc41de
Message:
Access to fetch at 'https://codesandbox.io/api/v1/sandboxes/red-tree-7ce1/phishing' from origin 'https://red-tree-7ce1.ageefeaernktdrnp6050.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://codesandbox.io/api/v1/sandboxes/red-tree-7ce1/phishing
Message:
Failed to load resource: net::ERR_FAILED
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
codesandbox.io
maxcdn.bootstrapcdn.com
red-tree-7ce1.ageefeaernktdrnp6050.workers.dev
s.yimg.com
sb.scorecardresearch.com
stackpath.bootstrapcdn.com
validated.web.app
codesandbox.io

108.159.227.124
2001:4998:1c:800::1001
2606:4700:3032::6815:144e
2606:4700:4400::ac40:9a6b
2606:4700::6811:190e
2606:4700::6812:acf
2607:f8b0:4004:c07::5f
2620:0:890::100
2a04:4e42:200::649
2a04:4e42:400::485
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
11b4310df6e27428e7cf86f316abdc10148ac5cf3c8bbbd5b85c88b9f6290c59
2182f5cf6b48b04c4c0f378d041ce4c5f351ecc78640dc037714bce67009ce1f
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
589ef5ad36e122db7d91ee900b98607bfd6c90f34194b5dc1ab3ca81e0517e2e
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d1e11f7ee1b8ec5fede4d0bfdb718440592ca12857f49256200bb57bee8c2997
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560