consent.yahoo.com Open in urlscan Pro
54.75.86.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://zpr.io/JXdp6DTUXiBx
Effective URL:
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09
Submission: On March 04 via manual (March 4th 2024, 10:24:34 am UTC) from IN — Scanned from DE

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 25 HTTP transactions. The main IP is 54.75.86.19, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is consent.yahoo.com. The Cisco Umbrella rank of the primary domain is 57752.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 16th 2024. Valid for: 6 months.

This is the only time consent.yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.205.138.75 52.205.138.75	14618 (AMAZON-AES) (AMAZON-AES)
1 10	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	199.16.173.240 199.16.173.240	2635 (AUTOMATTIC) (AUTOMATTIC)
1 7	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	54.194.9.22 54.194.9.22	16509 (AMAZON-02) (AMAZON-02)
3	54.75.86.19 54.75.86.19	16509 (AMAZON-02) (AMAZON-02)
25	8

2 52.205.138.75 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-138-75.compute-1.amazonaws.com

zpr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:cc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gafver.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.173.240 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

shop.corpsecurity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1288:80:807::1 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB, GB)

www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.9.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-9-22.eu-west-1.compute.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.75.86.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-86-19.eu-west-1.compute.amazonaws.com

consent.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	clickfunnels.com 1 redirects gafver.clickfunnels.com app.clickfunnels.com — Cisco Umbrella Rank: 59559 images.clickfunnels.com — Cisco Umbrella Rank: 117314 assets.clickfunnels.com — Cisco Umbrella Rank: 99067	755 KB
6	yimg.com s.yimg.com — Cisco Umbrella Rank: 712	118 KB
5	yahoo.com 2 redirects www.yahoo.com — Cisco Umbrella Rank: 1749 guce.yahoo.com — Cisco Umbrella Rank: 5443 consent.yahoo.com — Cisco Umbrella Rank: 57752	30 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 973	17 KB
2	zpr.io 2 redirects zpr.io — Cisco Umbrella Rank: 953386	204 B
1	corpsecurity.org 1 redirects shop.corpsecurity.org	308 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
0	addevent.com Failed track.addevent.com Failed
25	9

	Domain	Requested by
6	s.yimg.com	consent.yahoo.com s.yimg.com
6	app.clickfunnels.com	gafver.clickfunnels.com app.clickfunnels.com
3	consent.yahoo.com	gafver.clickfunnels.com consent.yahoo.com
3	gafver.clickfunnels.com	1 redirects static.cloudflareinsights.com
2	use.fontawesome.com	gafver.clickfunnels.com
2	zpr.io	2 redirects
1	guce.yahoo.com	1 redirects
1	www.yahoo.com	1 redirects
1	shop.corpsecurity.org	1 redirects
1	assets.clickfunnels.com
1	static.cloudflareinsights.com	gafver.clickfunnels.com
1	images.clickfunnels.com	gafver.clickfunnels.com
1	fonts.googleapis.com	gafver.clickfunnels.com
0	track.addevent.com Failed	gafver.clickfunnels.com
25	14

This site contains links to these domains. Also see Links.

Domain
de.yahoo.com

Subject Issuer	Validity	Valid
clickfunnels.com Cloudflare Inc ECC CA-3	`2024-01-29` - `2024-12-31`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
consent.oath.com DigiCert SHA2 High Assurance Server CA	`2024-01-16` - `2024-07-10`	6 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-01` - `2024-04-17`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09
Frame ID: 737AB607B0EE31D1327B591A0B8253E3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yahooist Teil der Yahoo Markenfamilie

Page URL History Show full URLs

https://zpr.io/JXdp6DTUXiBx HTTP 302
https://gafver.clickfunnels.com/optinzo7ck9lg HTTP 302
https://gafver.clickfunnels.com/optin1709333324515 Page URL
https://zpr.io/VzEmCAFEDxz8 HTTP 302
https://shop.corpsecurity.org//wp-content/languages/anti/ HTTP 302
https://www.yahoo.com/ HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=T1TKsyI&done=https%3A%2F%2Fwww.yahoo.com%2F HTTP 302
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

25
Requests

92 %
HTTPS

60 %
IPv6

9
Domains

14
Subdomains

8
IPs

4
Countries

929 kB
Transfer

3495 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://de.yahoo.com/
Title: guce

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://zpr.io/JXdp6DTUXiBx HTTP 302
https://gafver.clickfunnels.com/optinzo7ck9lg HTTP 302
https://gafver.clickfunnels.com/optin1709333324515 Page URL
https://zpr.io/VzEmCAFEDxz8 HTTP 302
https://shop.corpsecurity.org//wp-content/languages/anti/ HTTP 302
https://www.yahoo.com/ HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=T1TKsyI&done=https%3A%2F%2Fwww.yahoo.com%2F HTTP 302
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://zpr.io/JXdp6DTUXiBx HTTP 302
https://gafver.clickfunnels.com/optinzo7ck9lg HTTP 302
https://gafver.clickfunnels.com/optin1709333324515

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

optin1709333324515 Show response
gafver.clickfunnels.com/
Redirect Chain

https://zpr.io/JXdp6DTUXiBx
https://gafver.clickfunnels.com/optinzo7ck9lg
https://gafver.clickfunnels.com/optin1709333324515

37 KB
9 KB

242ms
242ms

Document
text/html

2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 0f3b233ad87e68f63f54b6b366034da7caea41ad73506de2a7e28c315397aa5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: REVALIDATED
cf-ray: 85f12826382a9208-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 10:24:29 GMT
last-modified: Fri, 01 Mar 2024 22:58:10 GMT
server: cloudflare
status: 200 OK
vary: Accept-Encoding
x-content-digest: 526a2e33945bc0051617c0b2dfec9dd703fa115a
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, invalid, store
x-request-id: 8493e6faef011e07f2324f2924a432a5
x-runtime: 0.098882

Redirect headers

cache-control: no-cache
cf-cache-status: MISS
cf-ray: 85f12824bf489208-FRA
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 10:24:29 GMT
location: https://gafver.clickfunnels.com/optin1709333324515
server: cloudflare
status: 302 Found
vary: Accept-Encoding
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: d0742d2ac86b56c77fd3e7f82bc4b108
x-runtime: 0.055817

GET
H2 200 lander.css
app.clickfunnels.com/assets/ 425 KB
70 KB 202ms
185ms Stylesheet
text/css 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/assets/lander.css
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Feb 2024 15:12:33 GMT
server: cloudflare
age: 49
etag: W/"65df4d61-6a514"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1200
cf-ray: 85f12827d9379208-FRA
expires: Mon, 04 Mar 2024 10:44:29 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
12 KB 63ms
30ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2103927
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJSf%2FvQEx2Ti6M0hY9YECEz8MoHSPvozHibW6NZzF%2BA%2FAZ4EoqFWXrz%2BREcv1u3WxEQL9%2FKKwblCfX6YBaYGphEXRMpihrlg0oPDIo8qw1IusHmklZXMIzi7rfWQSt43C4J%2BFlqLclVFxfVzDRY3dKyV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85f128280f2cd2e1-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 62ms
29ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 210528
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SqKLs374eg2g1EJ1sd0spqo7hGMjO6Fphvh2lsngG0cNl2LoZgzNc%2BIyRdDgOtiLsY7SrN%2F0MgCYE3pceG8cVfIqFU6G%2BqLEczDpZjuY35r8K1Wz7c0S8djIfDatqOsGlcT4upKBX5WSpi%2BbXACUoL5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85f12827ff28d2e1-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5358172b33d93b41591ef7f9b0c652d6eb4fa488c66c0f7286d5d8c43928be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 09:43:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 10:24:29 GMT

GET
H2 200 application.js Show response
app.clickfunnels.com/assets/userevents/ 5 KB
2 KB 55ms
55ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/assets/userevents/application.js
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Feb 2024 15:12:33 GMT
server: cloudflare
age: 53
etag: W/"65df4d61-147c"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 85f12828d9fd9208-FRA
expires: Mon, 04 Mar 2024 10:44:29 GMT

GET
H2 200 lander.js Show response
app.clickfunnels.com/assets/ 2 MB
660 KB 73ms
57ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/assets/lander.js
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7030ba86e37b6d4510c4008e0fcf83306fa114ec6dd047ea6ca2f81c33b8fd53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Feb 2024 15:13:40 GMT
server: cloudflare
age: 49
etag: W/"65df4da4-237565"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=1200
cf-ray: 85f12827d9399208-FRA
expires: Mon, 04 Mar 2024 10:44:29 GMT

GET
H2 200 ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 5 KB
6 KB 51ms
35ms Image
image/webp 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
cf-cache-status: HIT
x-amz-request-id: D6VES5GKB4Q4WQ7V
age: 2763
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
content-length: 5276
x-amz-id-2: qk+LloJBQzTr7GoscHEXOPSwhpP2jAjZfyV5Ew65rDLhBn5760I+OaFDpV//3maWa51NhPloER3wopaeimvSnnx9FHOUzVQ7VaOPoA2uBAg=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
server: cloudflare
etag: "a633777156a5ffeb58c92d3d59fa4e34"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 85f12827d93a9208-FRA
expires: Thu, 28 Mar 2024 10:24:29 GMT

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
454 B 64ms
64ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/assets/pushcrew.js
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Feb 2024 15:12:32 GMT
server: cloudflare
age: 934
etag: W/"65df4d60-27d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=1200
cf-ray: 85f128291a299208-FRA
expires: Mon, 04 Mar 2024 10:44:29 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 58ms
41ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://gafver.clickfunnels.com/
Origin: https://gafver.clickfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85f12829386b1e1c-FRA

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cf.js Show response
app.clickfunnels.com/ 18 KB
6 KB 34ms
34ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/cf.js
Requested by: Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Feb 2024 15:12:33 GMT
server: cloudflare
age: 1928
etag: W/"65df4d61-476a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=FiZNAJitMxdTwJUoJKE26fNQna5Ez3uKOZ3TDauVU6o-1709547869-1.0.1.1-Iamt.KLIx45Hh16XWQCHdYGf_eaQ298KOBllqwLqi3zGDQFl9CTr1pJPN3XAoQ_FfveO8OUWU1_qIGOYgLD.h9Mp_ivAVoquIcjvoP49VgfxEBH7RnFdRW8BS12Z_t4rWYQu8kg3YQYbRu6SgKSHjLEyt9MUKS_F4p2vUdfrl1Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/x-javascript
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FiZNAJitMxdTwJUoJKE26fNQna5Ez3uKOZ3TDauVU6o-1709547869-1.0.1.1-Iamt.KLIx45Hh16XWQCHdYGf_eaQ298KOBllqwLqi3zGDQFl9CTr1pJPN3XAoQ_FfveO8OUWU1_qIGOYgLD.h9Mp_ivAVoquIcjvoP49VgfxEBH7RnFdRW8BS12Z_t4rWYQu8kg3YQYbRu6SgKSHjLEyt9MUKS_F4p2vUdfrl1Q; report-to cf-csp-endpoint
cf-ray: 85f12829aa989208-FRA

GET /
track.addevent.com/atc/ 0
0

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
906 B 56ms
40ms Image
image/webp 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.clickfunnels.com/images/closemodal.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
cf-cache-status: HIT
age: 895091
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Wed, 27 Dec 2023 15:17:42 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "658c4016-314"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f1282a0adc9208-FRA
expires: Thu, 04 Apr 2024 10:24:29 GMT

GET
H2 200 track Show response
app.clickfunnels.com/v1/ 118 B
826 B 212ms
194ms XHR
text/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/v1/track?_unique=0.5301480989696199&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//gafver.clickfunnels.com/optin1709333324515&_title=Free%20Report%20-%20Sign%20Up&_key=7ekkjmxi&_page_key=cqejxuybexq7ng2u&_fid=13368810&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://gafver.clickfunnels.com/optin1709333324515&_referrer=
Requested by: Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: d544444205061dcdd7e258f28b249bc95114b3dd90cf0e2960e92932656b4449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gafver.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
access-control-request-method: *
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: 20072476bb7f1999b2ba0cb5a0a9cd1b
x-runtime: 0.020273
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 85f1282a0a031c17-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-rack-cache: miss

POST
H2 204 rum Show response
gafver.clickfunnels.com/cdn-cgi/ 0
168 B 11ms
11ms XHR
text/plain 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gafver.clickfunnels.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gafver.clickfunnels.com/optin1709333324515
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Mon, 04 Mar 2024 10:24:29 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://gafver.clickfunnels.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85f1282a9b469208-FRA

GET
H/1.1

200
OK

Primary Request collectConsent Show response
consent.yahoo.com/v2/
Redirect Chain

https://zpr.io/VzEmCAFEDxz8
https://shop.corpsecurity.org//wp-content/languages/anti/
https://www.yahoo.com/
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=T1TKsyI&done=https%3A%2F%2Fwww.yahoo.com%2F
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

189 KB
28 KB

313ms
130ms

Document
text/html

54.75.86.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Requested by

Host: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/optin1709333324515

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-86-19.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

62c525adda61023501c0a84accc2d074e55f3fd64c2f3f1393e9b7d49c6736bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gafver.clickfunnels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-nmNmZMRB4yHO+uUAMW58tssWzFSaNQEe' https://s.yimg.com; style-src 'self' 'nonce-nmNmZMRB4yHO+uUAMW58tssWzFSaNQEe' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Content-Type: text/html;charset=UTF-8
Date: Mon, 04 Mar 2024 10:24:31 GMT
Expires: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 04 Mar 2024 10:24:31 GMT
Location: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST rum
gafver.clickfunnels.com/cdn-cgi/ 0
0

GET
H2 200 site-ltr-6badd023.css
s.yimg.com/oa/build/css/ 223 KB
36 KB 26ms
10ms Stylesheet
text/css 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/oa/build/css/site-ltr-6badd023.css

Requested by

Host: consent.yahoo.com
URL: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0b4f2e41f19af5d7fe0d11e6048be4ab6a0f32350b94b6daa79a1e5b038fcbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 02 Mar 2024 09:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: P0PEA2MPJWWCQK3X
age: 176673
x-amz-server-side-encryption: AES256
content-length: 36521
x-amz-id-2: J9y7vM5eZUSbpKfxvh2JKT+zxcFskNHQtokEJGEOPPL+yOYfGm/P5MOkWSN/KwHbWSOSDLgaT9U=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Mar 2024 20:58:18 GMT
server: ATS
etag: "5f8bfe3eb6c1026884c9b0691c0fa144"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: text/css
cache-control: max-age=31536000; immutable
accept-ranges: bytes

GET
H2 200 yahoo_frontpage_en-US_s_f_p_bestfit_frontpage.png
s.yimg.com/rz/p/ 760 B
1 KB 38ms
22ms Image
image/png 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage.png

Requested by

Host: consent.yahoo.com
URL: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8a781f94157287ada91708b4baf12712cedf808ce49c58c194fc9873f4fa7a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 03 Mar 2024 18:03:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 2TTH0M4H8CJ7ZGHK
age: 58874
x-amz-server-side-encryption: AES256
content-length: 760
x-amz-id-2: wzCvPh8FeI0V5AtpKn1dRHPGnNPZNKfUI3VrsS/CnbhwGRQ0ObUiHMNcNvLmnFfIWt9iuLh5JPU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Mar 2024 21:31:51 GMT
server: ATS
etag: "7e72897bf7bdaecf5fec47f028de6aac"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Sun, 03 Mar 2024 00:00:00 GMT

GET
H2 200 yahoo_frontpage_en-US_s_f_w_bestfit_frontpage.png
s.yimg.com/rz/p/ 810 B
1008 B 38ms
23ms Image
image/png 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage.png

Requested by

Host: consent.yahoo.com
URL: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1b119e32e848339740c549d02aa62d5fd21451d5ce468225922faae86555a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 03 Mar 2024 11:59:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 08PW7ZV7RXY8P5PY
age: 80699
x-amz-server-side-encryption: AES256
content-length: 810
x-amz-id-2: 4WCyQuMXmhARKi1qFmi0MzAGp9i7w8jDy6DqUNdE3V3BtOV3uDPTubHPKu/FJnNBRBo2wRQBlRM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Mar 2024 21:31:51 GMT
server: ATS
etag: "119157c5c80d9db38f0da8098a35b53a"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Sun, 03 Mar 2024 00:00:00 GMT

GET
H/1.1 200
OK close.svg
consent.yahoo.com/static/images/ 1 KB
1003 B 31ms
31ms Image
image/svg+xml 54.75.86.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.yahoo.com/static/images/close.svg

Requested by

Host: consent.yahoo.com
URL: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-86-19.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

8f0baedf119a144b8b4fe597eb02a91fc47d89284aa6cdcc12097cb109598796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 10:24:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Sat, 02 Mar 2024 04:38:49 GMT
Server: guce
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 703

GET
H2 200 site-4185c23b.js Show response
s.yimg.com/oa/build/js/ 87 KB
16 KB 30ms
23ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/oa/build/js/site-4185c23b.js

Requested by

Host: consent.yahoo.com
URL: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

428e2ed6c8f7eb9fcf6ff4c5a81e5b88563832a201ac54362359c0443ed11a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 02 Mar 2024 10:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 5CZR1CMN9JQHGC4R
age: 171015
x-amz-server-side-encryption: AES256
content-length: 16387
x-amz-id-2: 4YP4mEUH/yFbLPQiRkv0McfaAcYRvUmXh1FffZ2w+X4nI5BgqpVyDeO4wFor1eA/cYk267sh89M=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Mar 2024 20:58:18 GMT
server: ATS
etag: "53548c87f54abfc4c69fcae6e9768088"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000; immutable
accept-ranges: bytes

GET
H/1.1 204
No Content beacon
consent.yahoo.com/ 0
142 B 66ms
34ms Image
text/plain 54.75.86.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.yahoo.com/beacon?tag=TCF2&step=Layer1-View&brandDomain=www.yahoo.com&brandBid=&userType=nonreg&sdk=false&tos=de-DE&country=DE&sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Requested by

Host: consent.yahoo.com
URL: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-86-19.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ec9f519e-86f9-45ab-a150-ce2ec373be09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 04 Mar 2024 10:24:31 GMT
Server: guce

GET
H2 200 de-DE-home_dc5c8ba8f514ca94.jpeg
s.yimg.com/oa/build/images/ 77 KB
62 KB 8ms
8ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/oa/build/images/de-DE-home_dc5c8ba8f514ca94.jpeg

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/oa/build/css/site-ltr-6badd023.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

072f0ea33fc4fab674a42b381477782b7231016d428ef8c693493f105845d07a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/oa/build/css/site-ltr-6badd023.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 10:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: BH4ZHA406W8TJ75G
age: 3887247
x-amz-server-side-encryption: AES256
content-length: 63017
x-amz-id-2: fIZErIqhfOZD139CDMAkCSNlD/LEq7KxfDpIradtKyQVGdUie4qXLOpqjjM0wnixO2z49n0fc7Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Jan 2024 09:46:38 GMT
server: ATS
etag: "f066dabe148bce0242769fdb27d6654d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000; immutable
accept-ranges: bytes

GET
H2 200 help-circle-solid-black_f68609a66d5b78e7.svg
s.yimg.com/oa/build/images/ 3 KB
2 KB 14ms
14ms Image
image/svg+xml 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/oa/build/images/help-circle-solid-black_f68609a66d5b78e7.svg

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/oa/build/css/site-ltr-6badd023.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9284f7fb38c8d02a4bd0e156987de0ececfb3b7aab4a0a004591fc784f1d01b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/oa/build/css/site-ltr-6badd023.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 28 Feb 2024 05:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: ES11KCA0XV3X8EJT
age: 449773
x-amz-server-side-encryption: AES256
content-length: 1312
x-amz-id-2: XECKSTKIPufKDtgPvrJ4fPmp5b4PsuGMM7STzq5wbyk3rDMh9tJg1/dp1AtEpMttVlndnKu7bNk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 27 Feb 2024 15:36:55 GMT
server: ATS
etag: "db8ae5c3af867c288f5acd55550ff4c9"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/svg+xml
cache-control: max-age=31536000; immutable
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=ddca7412-ecb0-48e3-e91d-37ad619790d3&url=https%3A%2F%2Fgafver.clickfunnels.com%2Foptin1709333324515&cache=1709547869705

Domain: gafver.clickfunnels.com
URL: https://gafver.clickfunnels.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clickfunnels.com/	1970-01-20 18:52:29	Name: __cf_bm Value: 7ZpVkAv9O5NDwAo62cWdsp6GyB5wzwoNwkCIQecxH1I-1709547869-1.0.1.1-VQKy7H.9aQvFdU8HHGT4210IxrpesgRIdJWAWmiW39fqYf_dFxjG7zKoR.xXJMsiLnN2rS_.iI6xOHlbpvmHjimHAIu9edZ7rVfaYvag.tw
.clickfunnels.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 9RK9wfCMYWupxkPWeiV2xFJzPIY1GGrI5dd0XL60cAA-1709547869145-0.0.1.1-604800000
gafver.clickfunnels.com/	1970-01-21 03:38:03	Name: addevent_track_cookie Value: ddca7412-ecb0-48e3-e91d-37ad619790d3
gafver.clickfunnels.com/	1969-12-31 23:59:59	Name: is_eu Value: true
gafver.clickfunnels.com/	1970-01-21 03:38:03	Name: cqejxuybexq7ng2u Value: true
gafver.clickfunnels.com/	1970-01-21 03:38:03	Name: 13368810_viewed_1 Value: 1
shop.corpsecurity.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 688251ebeadbc4223ad5859624ee2e3b
.yahoo.com/	1970-01-20 18:52:29	Name: GUCS Value: AU9UyrMi

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=ddca7412-ecb0-48e3-e91d-37ad619790d3&url=https%3A%2F%2Fgafver.clickfunnels.com%2Foptin1709333324515&cache=1709547869705 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
assets.clickfunnels.com
consent.yahoo.com
fonts.googleapis.com
gafver.clickfunnels.com
guce.yahoo.com
images.clickfunnels.com
s.yimg.com
shop.corpsecurity.org
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
www.yahoo.com
zpr.io
gafver.clickfunnels.com
track.addevent.com
199.16.173.240
2606:4700::6810:10c2
2606:4700::6810:3865
2606:4700::6810:cc2
2606:4700:e6::ac40:cf26
2a00:1288:80:807::1
2a00:1450:4001:81c::200a
52.205.138.75
54.194.9.22
54.75.86.19
072f0ea33fc4fab674a42b381477782b7231016d428ef8c693493f105845d07a
0b4f2e41f19af5d7fe0d11e6048be4ab6a0f32350b94b6daa79a1e5b038fcbf9
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0f3b233ad87e68f63f54b6b366034da7caea41ad73506de2a7e28c315397aa5b
1b119e32e848339740c549d02aa62d5fd21451d5ce468225922faae86555a68d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
428e2ed6c8f7eb9fcf6ff4c5a81e5b88563832a201ac54362359c0443ed11a5d
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62c525adda61023501c0a84accc2d074e55f3fd64c2f3f1393e9b7d49c6736bd
7030ba86e37b6d4510c4008e0fcf83306fa114ec6dd047ea6ca2f81c33b8fd53
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
8a781f94157287ada91708b4baf12712cedf808ce49c58c194fc9873f4fa7a30
8f0baedf119a144b8b4fe597eb02a91fc47d89284aa6cdcc12097cb109598796
9284f7fb38c8d02a4bd0e156987de0ececfb3b7aab4a0a004591fc784f1d01b5
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
d544444205061dcdd7e258f28b249bc95114b3dd90cf0e2960e92932656b4449
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5358172b33d93b41591ef7f9b0c652d6eb4fa488c66c0f7286d5d8c43928be8
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

consent.yahoo.com Open in urlscan Pro 54.75.86.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

60 %IPv6

9 Domains

14 Subdomains

8 IPs

4 Countries

929 kBTransfer

3495 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

consent.yahoo.com Open in urlscan Pro
54.75.86.19 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

60 %
IPv6

9
Domains

14
Subdomains

8
IPs

4
Countries

929 kB
Transfer

3495 kB
Size

8
Cookies

25 HTTP transactions
1 data transactions