urlscan.io logo urlscan.io
SecurityTrails logo

techie-tell-8b3983c6.s3.us-east-2.amazonaws.com Open in urlscan Pro
52.219.84.24  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3qlfzSV
Effective URL: https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Submission Tags: phishing
Submission: On March 04 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 52.219.84.24, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is techie-tell-8b3983c6.s3.us-east-2.amazonaws.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on January 14th 2021. Valid for: a year.
This is the only time techie-tell-8b3983c6.s3.us-east-2.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 52.219.84.24 16509 (AMAZON-02)
8 2a00:1288:80:... 203220 (YAHOO-DEB)
9 2
Apex Domain
Subdomains		 Transfer
8 yimg.com
s.yimg.com
180 KB
1 amazonaws.com
techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
79 KB
1 bit.ly
bit.ly
284 B
9 3
Domain Requested by
8 s.yimg.com techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
s.yimg.com
1 techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
1 bit.ly 1 redirects
9 3

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
help.yahoo.com
Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-14 -
2022-01-18		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-21 -
2021-04-06		 a month crt.sh

This page contains 2 frames:

Primary Page: https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Frame ID: 8810FF9ACF7F6238CCB365ABEF19CAE9
Requests: 7 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-7-1/html/r-sf.html
Frame ID: 7BD1D45863EB7D53C5017ED1F222CD5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3qlfzSV HTTP 301
    https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

260 kB
Transfer

656 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3qlfzSV HTTP 301
    https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/
Redirect Chain
  • https://bit.ly/3qlfzSV
  • https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
79 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.84.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
a4f2fda75be54edc17ff7c1378b26583ed6615bfbe285a5ccd862d85090dd98f

Request headers

Host
techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

x-amz-id-2
O4fkQ8bMMG0PwCCLIMQZMP2H82oIWXvmxS/ARd0yxOuxVy0aVLYizJSjgggVd++bnXaig5fIu4Y=
x-amz-request-id
K9PQYT4V0JNCF1A9
Date
Thu, 04 Mar 2021 17:30:10 GMT
Last-Modified
Thu, 04 Mar 2021 10:13:40 GMT
ETag
"d11701bc330bd697cff0784f18dab948"
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
80810
Server
AmazonS3

Redirect headers

server
nginx
date
Thu, 04 Mar 2021 17:30:08 GMT
content-type
text/html; charset=utf-8
content-length
161
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
referrer-policy
unsafe-url
set-cookie
_bit=l24hu8-3b1591e7d3983915e0-00t; Domain=bit.ly; Expires=Tue, 31 Aug 2021 17:30:08 GMT
via
1.1 google
alt-svc
clear
yahoo-main.css
s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/ 		451 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
Requested by
Host: techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
URL: https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e459da7ddb57e6cc620d9527867c860a42bbf9f2024576acf109ceb9d4a08676
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 02 Mar 2021 16:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175626
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
2DBE3CF430415B89
x-amz-id-2
E2+cS9t6o5j5AV78YkNtJhc46jT3b0zoo2BLMIYI4ORxz1lHg/k0hOx9kS48qxBd1GsP4MOhJws=
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Jan 2021 00:22:18 GMT
server
ATS
etag
"093dc3f0557cf1b76e3f73711b6d36e6-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public,max-age=315360000
accept-ranges
bytes
yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
Requested by
Host: techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
URL: https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Thu, 04 Mar 2021 00:33:13 GMT
x-content-type-options
nosniff
age
61017
x-amz-server-side-encryption
AES256
vary
Origin
content-length
1346
x-amz-id-2
IwWQTLJUW87zQfPCPaNpkQ60X8/jEVxRhPsc3/oToI9fqhQ4+iNPIECO42CIREax8WKdoEkC+7Q=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 21 Feb 2021 21:31:58 GMT
server
ATS
etag
"cd166981c96c6d0f4b5a7d798c25878e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
794ECSRWCGQZ9P3R
x-xss-protection
1; mode=block
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
image/png
expires
Tue, 23 Feb 2021 00:00:00 GMT
yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
Requested by
Host: techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
URL: https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Thu, 04 Mar 2021 03:29:50 GMT
x-content-type-options
nosniff
age
50420
x-amz-server-side-encryption
AES256
vary
Origin
content-length
1391
x-amz-id-2
YoghLzHhboq9bvYoWv4o1PgWJhpvljKFV0pCto6qUz4VEByniPjBYTUx3hEHNcLcJOHrr29iXDQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 21 Feb 2021 21:31:58 GMT
server
ATS
etag
"dd31f56b9e4dff40eb87447c3dc55b84"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
CZFWG12P852FTYFN
x-xss-protection
1; mode=block
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
image/png
expires
Tue, 23 Feb 2021 00:00:00 GMT
Yahoo_Sans-Regular.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
Referer
https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Sun, 14 Feb 2021 18:27:46 GMT
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:51 GMT
age
1551744
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011771545398
strict-transport-security
max-age=15552000
x-amz-request-id
A955E18BACE2F2B3
x-amz-id-2
3qBDK0KeQAcS4JYfrDf7HsA9qMoDfR+hApLgthz2lIB5G1ih7rgUeBZ6N0FMReADv5NbuC85Kg4=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 19:06:41 GMT
server
ATS
etag
"a99b283070afc519f4816e4300c515d2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,public
content-length
28860
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-content-type-options
nosniff
expires
Sat, 05 Sep 2026 00:00:00 GMT
r-sf.html
s.yimg.com/rq/darla/4-7-1/html/ Frame 7BD1 		2 KB
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/4-7-1/html/r-sf.html
Requested by
Host: techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
URL: https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/cooking/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
s.yimg.com
:scheme
https
:path
/rq/darla/4-7-1/html/r-sf.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com/

Response headers

x-amz-id-2
raXaAwMDLsZaQ3CzmCway4d8Hhikdvvw0mSEZ0YtF9yF6lUpdgTTP9mDN45iyd0pz0Eo+VNuCCo=
x-amz-request-id
61153849F5661747
date
Mon, 22 Feb 2021 20:46:43 GMT
last-modified
Mon, 11 Jan 2021 18:24:43 GMT
etag
"38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption
AES256
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
text/html; charset=utf-8
server
ATS
referrer-policy
no-referrer-when-downgrade
vary
Origin, Accept-Encoding
age
852208
ats-carp-promotion
1
content-encoding
gzip
content-length
753
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
checkbox-checked.svg
s.yimg.com/wm/mbr/images/ 		1 KB
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/wm/mbr/images/checkbox-checked.svg
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
11b4310df6e27428e7cf86f316abdc10148ac5cf3c8bbbd5b85c88b9f6290c59
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Tue, 09 Feb 2021 22:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1969557
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
659
x-amz-id-2
sFRr1RcR+czYBYsbmMp/okUtqL56TIqvHPaBcl+6ly/9vAnbHK8vBb77dRvehtMC8QbGOsJarX0=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Apr 2020 17:13:52 GMT
server
ATS
etag
"ac8c4fbeda6efad9549cb41b992a8b3a-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
64CFC60742765A5F
x-xss-protection
1; mode=block
cache-control
public,max-age=315360000
accept-ranges
bytes
content-type
image/svg+xml
Yahoo_Sans-Medium.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://techie-tell-8b3983c6.s3.us-east-2.amazonaws.com
Referer
https://s.yimg.com/wm/mbr/5559811e4fa050d74c5c521311eebe120b64bbc4/yahoo-main.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Mon, 22 Feb 2021 06:13:57 GMT
x-amz-meta-created-date
Tue, 03 Oct 2017 06:22:52 GMT
age
904574
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1507011772247755
strict-transport-security
max-age=15552000
x-amz-request-id
A4F783B4A7EBDF59
x-amz-id-2
7nkJZta1WZBjm0ANZ3nI7JvF8LLL0WLURZLg21ZEw5nCHwNRyF7iFEXoNV/1lvXtFpQ1ThCoMSk=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Apr 2018 16:25:50 GMT
server
ATS
etag
"7c7c02dcee2bf1c2528db6092d4ad1fa"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
font/woff2
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,public
content-length
29228
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-content-type-options
nosniff
expires
Sat, 05 Sep 2026 00:00:00 GMT
sfext-min.js
s.yimg.com/rq/darla/4-7-1/js/ Frame 7BD1 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/4-7-1/js/sfext-min.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-7-1/html/r-sf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/rq/darla/4-7-1/html/r-sf.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion
1
date
Fri, 12 Feb 2021 20:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1718604
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
27596
x-amz-id-2
8heKN96EbdLFaBpZMhevtVDZUuPuSHVxUqGWJRvHEc4pYOKFBgcU3ZD5lVtidEJ3gvtG03t1bdI=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Jan 2021 18:24:45 GMT
server
ATS
etag
"a84b48cbebd5379f03b1e428526ec262-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
22ED39F2BE963E8A
x-xss-protection
1; mode=block
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _0x1935 function| _0x31bf object| Zlib function| templatePage

0 Cookies