Report - 38yahoo.com/mdt.php?ns=1&tt=07c3317fefe67970199c9dc6e45bf341

Report Overview

Submitted URL
38yahoo.com/mdt.php?ns=1&tt=07c3317fefe67970199c9dc6e45bf341
IP
192.64.147.150
ASN
#19867 VOODOO1
Submitted
2022-09-29 09:09:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.83.91.138
38yahoo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.5 kB	37 kB	192.64.147.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	61 kB	142.250.74.3
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	667 B	69 kB	142.250.74.170
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
afs.googleusercontent.com	12123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	861 B	2.3 kB	142.250.74.1
partner.googleadservices.com	798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	842 B	172.217.21.162
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	59 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	38yahoo.com/cf.php	Phishing
2022-09-29	medium	38yahoo.com/js/coza-banner.js	Phishing
2022-09-29	medium	38yahoo.com/js/caf.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
54 kB (54436 bytes)
Hash
0adf3c8e09f66bac31c5c58a51b2ca4e
ac38e86bed81ae5a7227da4ca60f71ef657408cb
4ee1a5c3c264d6a5b2f6785dbbf3d2dd190d9e224959e36b368274fd18b2b51f

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (14)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js	94 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-19 19:07:41 Times Seen16189 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	38yahoo.com/cf.php	42 B	2023-03-07	2023-03-26
Pretty URL 38yahoo.com/cf.php IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:03 Last Seen2023-03-26 01:44:19 Times Seen3 Hash 00d5d233c50e1d6d7611b350dd2bfc9b 39a031fa923a9ca482ab2b21bf461765053ee5dd 04c926993f541d674a49230f2e6e9ac1211e2ea34542028bd17b599d639604fd Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=38yahoo.com&client=dp-voodoo41_3ph&product=SAS&callback=__sasCookie	188 B	2023-03-08	2023-03-08
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=38yahoo.com&client=dp-voodoo41_3ph&product=SAS&callback=__sasCookie IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:24:39 Last Seen2023-03-08 03:24:39 Times Seen1 Hash 77170f53ae89d9bb81033aac40b0ae32 63f3dda0da425283cf0119af2b70a8ddc379b46a eefa7cdd464e0217be6e508aac3b0c775f2936a47936a53836140c7946f8b83e Loading...

	38yahoo.com/?exses=1&dt=&dm=&ch=&et=	220 B	2023-03-07	2023-03-26
Pretty URL 38yahoo.com/?exses=1&dt=&dm=&ch=&et= IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:03 Last Seen2023-03-26 03:55:11 Times Seen4 Hash 40d608c93cbeffe028d9f906419ca946 2108040193cd8fbf075d9f4ae466858a80b58eb5 ce77932d48f0e8407c3e45da78f21635b7d0414a9f91fbe39fe1f0f7aaea27e1 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js	95 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-19 17:28:11 Times Seen13706 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	38yahoo.com/cf.php	2.5 kB	2023-03-08	2023-03-08
Pretty URL 38yahoo.com/cf.php IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:24:39 Last Seen2023-03-08 03:24:39 Times Seen1 Hash d858ad1295a226ff762e1dd70755141d 652508285243a711bcc114a054ac2f7060da510c a959a56c81473e20a710b9ae0098020b542d378137943f0fe719152994dc8d4b Loading...

	38yahoo.com/cf.php	195 B	2023-03-07	2023-03-26
Pretty URL 38yahoo.com/cf.php IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:03 Last Seen2023-03-26 01:44:19 Times Seen3 Hash 443befc9c02917f7b6b6930d12bdab50 f280b9a36286ea4123d1fcaa3ece8c49063f58ff 69d806e60fda1ffff512182ef7f299a456d940d351b335f443020408f68dfa22 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:08:48 Last Seen2023-03-08 07:11:11 Times Seen1 Hash 34aa05c10fec062541b49faabc039edc 4bd5c96688f6a7a03ee3c7aecff1b63d80b0caa5 5e071ef84eba125fbcb28f20d63fb82037e08330c24774e9e6c9049fd4279112 Loading...

	38yahoo.com/cf.php	10 B	2023-03-07	2023-03-26
Pretty URL 38yahoo.com/cf.php IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:03 Last Seen2023-03-26 01:44:19 Times Seen3 Hash b0d55e736351a32810903d2009530817 d58769ab282c677c013d2e8a28b2ce1e32e2ac83 52171161d968ad02252ab3dd858f17ff11075d50444b007e03eb5b64dc69d593 Loading...

	38yahoo.com/js/caf.js	7.9 kB	2023-03-07	2023-11-24
Pretty URL 38yahoo.com/js/caf.js IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:03 Last Seen2023-11-24 05:09:18 Times Seen26 Hash 376826c0853519fc9765512c60c8a3ce 699d7b74effc88890c22be602b878a2bfa5994e4 5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d Loading...

	38yahoo.com/js/coza-banner.js	1.2 kB	2023-03-07	2023-11-24
Pretty URL 38yahoo.com/js/coza-banner.js IP 192.64.147.150 ASN #19867 VOODOO1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:03 Last Seen2023-11-24 05:09:18 Times Seen25 Hash bd9ab0f2a2f79f0ccb8d8d48e4cc9c4e edc2e937cc8b1523da8f1df3b1c2993d74dabf81 b33e6ee26b1c2734b574d9c03c61a73c8398021f7d20480283ec57763961d0b6 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:31:32 Last Seen2023-03-08 05:14:11 Times Seen1 Hash ec52b1679ab8603c6a5093dbbede3240 ef42880ab250164e5e7021b54a4ba30fc7945915 0e97072507cac26ad796e8bf5b6e5a9134e3b757f9292eb0ffb1ccb88eae7c90 Loading...

	www.google.com/afs/ads/i/iframe.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.google.com/afs/ads/i/iframe.html IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:11:22 Times Seen1911 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	www.google.com/afs/ads?adtest=off&channel=000129&domain_name=38yahoo.com&client=dp-voodoo41_3ph&r=m&hl=no&max_radlink_len=32&type=3&uiopt=true&swp=as-drid-2965748594334702&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r5%7Cr5&nocache=7281664442589227&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1664442589247&u_w=1280&u_h=1024&biw=1280&bih=939&isw=1280&ish=939&psw=1280&psh=939&frm=1&uio=--&cont=related-1%7Crelated-2&jsid=caf&jsv=476880816&rurl=http%3A%2F%2F38yahoo.com%2Fcf.php&referer=http%3A%2F%2F38yahoo.com%2F%3Fexses%3D1%26dt%3D%26dm%3D%26ch%3D%26et%3D&adbw=slave-1-1%3A480%2Cmaster-1%3A480	7.3 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/afs/ads?adtest=off&channel=000129&domain_name=38yahoo.com&client=dp-voodoo41_3ph&r=m&hl=no&max_radlink_len=32&type=3&uiopt=true&swp=as-drid-2965748594334702&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r5%7Cr5&nocache=7281664442589227&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1664442589247&u_w=1280&u_h=1024&biw=1280&bih=939&isw=1280&ish=939&psw=1280&psh=939&frm=1&uio=--&cont=related-1%7Crelated-2&jsid=caf&jsv=476880816&rurl=http%3A%2F%2F38yahoo.com%2Fcf.php&referer=http%3A%2F%2F38yahoo.com%2F%3Fexses%3D1%26dt%3D%26dm%3D%26ch%3D%26et%3D&adbw=slave-1-1%3A480%2Cmaster-1%3A480 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:24:39 Last Seen2023-03-08 03:24:39 Times Seen1 Hash e38caeadb5d954af3b5b1f0cd188967f 51aec5cf1e1e8805161b26ca2042f84bce8aed15 b0fb4eabf444dd2514cdd234bfdcc0fe4826e8454ae5b3a8e5f8b35877ce56a3 Loading...

HTTP Transactions (53)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12177
Expires: Thu, 29 Sep 2022 12:32:45 GMT
Date: Thu, 29 Sep 2022 09:09:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 08:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4SX6Ph5OTEM7wliHXBK0REIxRIjE8wW0ISBhzm1GKNArf7kJCzxxeA==
Age: 3236

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7520
Expires: Thu, 29 Sep 2022 11:15:08 GMT
Date: Thu, 29 Sep 2022 09:09:48 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5jWAf3q6vdQGb97oe384zbfw3VeQFvFZWxAc4ntM4yVP1+EsKYjLZIwmQQugC3ayzzSSftv2cYk=
x-amz-request-id: 2EANXHNNPSW535HN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 08:50:31 GMT
age: 1157
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:09:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 08:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 08:40:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6Yj-78mbnt5yZg4bSHOp4i4klbUYFWzyBDloEVWCSrshhgxzRQV_8Q==
Age: 2416

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:49 GMT
Last-Modified: Thu, 29 Sep 2022 07:47:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.83.91.138

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.91.138:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9HfA2W7pQv7oCO+pwAzGNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XRQ1j9krld4voTXCOUNlCkl6YKs=

38yahoo.com/mdt.php?ns=1&tt=07c3317fefe67970199c9dc6e45bf341

192.64.147.150

302 Found

20 B

URL HTTP/1.1
38yahoo.com/mdt.php?ns=1&tt=07c3317fefe67970199c9dc6e45bf341
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /mdt.php?ns=1&tt=07c3317fefe67970199c9dc6e45bf341 HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 29 Sep 2022 09:09:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Location: http://38yahoo.com/?exses=1&dt=&dm=&ch=&et=
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 20
Connection: close
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:09:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:09:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:09:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:09:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9654 bytes)
Hash
36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 17350
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4235 bytes)
Hash
30471179bd7cdeecea2fa4ea98701aef
2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:55 GMT
age: 39895
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10023 bytes)
Hash
f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 39892
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14073 bytes)
Hash
11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 40808
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8508 bytes)
Hash
515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:42:49 GMT
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
age: 37621
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3332 bytes)
Hash
6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 57100
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

38yahoo.com/?exses=1&dt=&dm=&ch=&et=

192.64.147.150

200 OK

497 B

URL HTTP/1.1
38yahoo.com/?exses=1&dt=&dm=&ch=&et=
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
497 B (497 bytes)
Hash
f8e87e9cc122b2b4e217ce7836db411f
7a14d19cee12b47ba5b659f44d6550dd51b8cf9e
247a5826e37e580de80baf3be4ed4eee394cd84e166ba81d5cd7c4eeb2fa336d

HTTP Headers

GET /?exses=1&dt=&dm=&ch=&et= HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:50 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=c62ec110751c6a53f0a1ea08e183ad44; expires=Thu, 29-Sep-2022 09:39:50 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 497
Connection: close
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

142.250.74.170

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65483)
Size
34 kB (33593 bytes)
Hash
a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830

HTTP Headers

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38yahoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 06:15:30 GMT
expires: Sun, 24 Sep 2023 06:15:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 442461
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

38yahoo.com/favicon.ico

192.64.147.150

200 OK

356 B

URL HTTP/1.1
38yahoo.com/favicon.ico
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
356 B (356 bytes)
Hash
ed968d3582f43c1c0cd0b48a2287db8d
6dea034f724c7877365c03fb9f26ba7c56d1f99f
9a1195edbd318280e3a97d9994abb118df533a67434ce68b19f3d8990bea62ac

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/?exses=1&dt=&dm=&ch=&et=
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 03 Jul 2019 18:59:02 GMT
ETag: "47e-58ccb745c2980"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Content-Length: 356
Connection: close
Content-Type: text/plain; charset=UTF-8

38yahoo.com/bh.php?dm=38yahoo.com&kw=&tt=c62ec110751c6a53f0a1ea08e183ad44&ty=false

192.64.147.150

200 OK

319 B

URL HTTP/1.1
38yahoo.com/bh.php?dm=38yahoo.com&kw=&tt=c62ec110751c6a53f0a1ea08e183ad44&ty=false
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
319 B (319 bytes)
Hash
781ba60bb5df531f0c7ae3dccf379581
e3a200fe2f59d52260e7a6e34af9258fed2bccf1
aa41377fd7f851d7c57bff6467882ec52bd7e11349783eefedcfdf46a3e1d485

HTTP Headers

GET /bh.php?dm=38yahoo.com&kw=&tt=c62ec110751c6a53f0a1ea08e183ad44&ty=false HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/?exses=1&dt=&dm=&ch=&et=
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 319
Connection: close
Content-Type: text/html; charset=UTF-8

38yahoo.com/cf.php

192.64.147.150

200 OK

2.2 kB

URL HTTP/1.1
38yahoo.com/cf.php
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (679)
Size
2.2 kB (2213 bytes)
Hash
5773eeb2e70cf168473b1653a29c1cf9
698169f2c8dea66df1fa4d10574a9a09935cd052
114fb947a2f35c9b75a987204e2f35943e02b7c9809b40553bd9c47b0932e3be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cf.php HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/?exses=1&dt=&dm=&ch=&et=
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=c62ec110751c6a53f0a1ea08e183ad44; expires=Thu, 29-Sep-2022 09:39:51 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 2213
Connection: close
Content-Type: text/html; charset=UTF-8

ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

142.250.74.170

200 OK

34 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33845 bytes)
Hash
d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716

HTTP Headers

GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 09:57:07 GMT
Expires: Thu, 28 Sep 2023 09:57:07 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 83564

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53830 bytes)
Hash
feab1629b3042ddbed055aef3d0f2ef9
0378e58efeb8e28145504014dc7203cf68428c5c
610ceafd499b48d306216e416db458962ea41caa8d799f38afb04974298b3162

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 29 Sep 2022 09:09:51 GMT
Expires: Thu, 29 Sep 2022 09:09:51 GMT
Cache-Control: private, max-age=3600
ETag: "17437533527054605513"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

38yahoo.com/style/master.css

192.64.147.150

200 OK

1.4 kB

URL HTTP/1.1
38yahoo.com/style/master.css
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
ASCII text
Size
1.4 kB (1413 bytes)
Hash
bd89b7f89176d4c65f83923c0b0b99b9
556f3a43275b73b959337651ee258a8434c6d82f
37808f7d3175111a33705adefe262cd7d8bcec2998d5c86eab3e4587e0be2db9

HTTP Headers

GET /style/master.css HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Content-Length: 1413
Connection: close
Content-Type: text/css

38yahoo.com/js/coza-banner.js

192.64.147.150

200 OK

675 B

URL HTTP/1.1
38yahoo.com/js/coza-banner.js
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
ASCII text
Size
675 B (675 bytes)
Hash
a56c7279200906bac46672855a3b9036
132de8c49ba8409838cae874cb926e53dd91a7ca
a223be35e81d35a6d7875aa69fe742a3be1d6040d6bf8efec9086304918047a5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/coza-banner.js HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Content-Length: 675
Connection: close
Content-Type: text/html; charset=UTF-8

38yahoo.com/style/960.css

192.64.147.150

200 OK

893 B

URL HTTP/1.1
38yahoo.com/style/960.css
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
ASCII text
Size
893 B (893 bytes)
Hash
346d6aca736954ff788a959994b17538
a49a2a023cf3adf5ae3dfd57ce30612e6a1a1d5b
67e610e390ea004ad5d363f00ace0cd1af6aaf27dd937b6854bd5c17c152a4ca

HTTP Headers

GET /style/960.css HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Content-Length: 893
Connection: close
Content-Type: text/css

38yahoo.com/min/?b=css&f=v2_style_1.css

192.64.147.150

200 OK

4.0 kB

URL HTTP/1.1
38yahoo.com/min/?b=css&f=v2_style_1.css
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
ASCII text, with very long lines (1981)
Size
4.0 kB (3954 bytes)
Hash
393e28948cab28549aa1f5fd89ab5630
66ab74fa60c1d2e988e019861b6063d4e33c5fda
85b3854e22afa6a2be53e0df18127577a6c5e7be4ac1a39999029b1191aff47a

HTTP Headers

GET /min/?b=css&f=v2_style_1.css HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Wed, 03 Jul 2019 18:59:02 GMT
ETag: "pub1562180342;gz"
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Content-Length: 3954
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Connection: close
Content-Type: text/css; charset=utf-8

38yahoo.com/js/caf.js

192.64.147.150

200 OK

2.5 kB

URL HTTP/1.1
38yahoo.com/js/caf.js
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
ASCII text, with very long lines (390)
Size
2.5 kB (2533 bytes)
Hash
ce7bc6f83cf88ebd335559b06fb57cb2
d4798a6dd0641788c6d74bf26ced526a4024f359
002da0bcf2d07e07651107f65a306545939cc68d0024a9e33864224c1659f4dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/caf.js HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Content-Length: 2533
Connection: close
Content-Type: text/html; charset=UTF-8

38yahoo.com/style/reset.css

192.64.147.150

200 OK

403 B

URL HTTP/1.1
38yahoo.com/style/reset.css
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
ASCII text, with very long lines (368)
Size
403 B (403 bytes)
Hash
12a447ecb12d9820586e1ba1ff049caa
4dbc0ac1cb24dac51bac08a23b967c69ad6f1dea
91b9fd5f2b675cbf07aec75181f14b010eabab61194c923431c2753786dc9034

HTTP Headers

GET /style/reset.css HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/style/master.css
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Content-Length: 403
Connection: close
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/ads/i/iframe.html

142.250.74.164

200 OK

728 B

URL HTTP/2
www.google.com/afs/ads/i/iframe.html
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Size
728 B (728 bytes)
Hash
9c3f1d6286895a39c113b0fe6d5b885f
e6a5f3e4b9ff5d09603feff50bc6f00f60b41469
ccd5818113eedb5e7f6789cbafec8c8ba08eb9a923daea41ae0eea3632528bce

HTTP Headers

GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38yahoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-NiUQEAHpAto5B1a7JQfMGw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 728
date: Thu, 29 Sep 2022 09:09:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/ads?adtest=off&channel=000129&domain_name=38yahoo.com&client=dp-voodoo41_3ph&r=m&hl=no&max_radlink_len=32&type=3&uiopt=true&swp=as-drid-2965748594334702&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r5%7Cr5&nocache=7281664442589227&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1664442589247&u_w=1280&u_h=1024&biw=1280&bih=939&isw=1280&ish=939&psw=1280&psh=939&frm=1&uio=--&cont=related-1%7Crelated-2&jsid=caf&jsv=476880816&rurl=http%3A%2F%2F38yahoo.com%2Fcf.php&referer=http%3A%2F%2F38yahoo.com%2F%3Fexses%3D1%26dt%3D%26dm%3D%26ch%3D%26et%3D&adbw=slave-1-1%3A480%2Cmaster-1%3A480

142.250.74.164

200 OK

2.3 kB

URL HTTP/2
www.google.com/afs/ads?adtest=off&channel=000129&domain_name=38yahoo.com&client=dp-voodoo41_3ph&r=m&hl=no&max_radlink_len=32&type=3&uiopt=true&swp=as-drid-2965748594334702&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r5%7Cr5&nocache=7281664442589227&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1664442589247&u_w=1280&u_h=1024&biw=1280&bih=939&isw=1280&ish=939&psw=1280&psh=939&frm=1&uio=--&cont=related-1%7Crelated-2&jsid=caf&jsv=476880816&rurl=http%3A%2F%2F38yahoo.com%2Fcf.php&referer=http%3A%2F%2F38yahoo.com%2F%3Fexses%3D1%26dt%3D%26dm%3D%26ch%3D%26et%3D&adbw=slave-1-1%3A480%2Cmaster-1%3A480
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7239)
Size
2.3 kB (2312 bytes)
Hash
632e3998fd8c1b56dcf005b236fc9bdb
a94c654b8afa868d5c3dc2d3c0eea5ec8f580b17
83f088d817d7ad75a98dd7c2e0e5a076ea7e4b03943d814234d8f0ce4b550f0c

HTTP Headers

GET /afs/ads?adtest=off&channel=000129&domain_name=38yahoo.com&client=dp-voodoo41_3ph&r=m&hl=no&max_radlink_len=32&type=3&uiopt=true&swp=as-drid-2965748594334702&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r5%7Cr5&nocache=7281664442589227&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1664442589247&u_w=1280&u_h=1024&biw=1280&bih=939&isw=1280&ish=939&psw=1280&psh=939&frm=1&uio=--&cont=related-1%7Crelated-2&jsid=caf&jsv=476880816&rurl=http%3A%2F%2F38yahoo.com%2Fcf.php&referer=http%3A%2F%2F38yahoo.com%2F%3Fexses%3D1%26dt%3D%26dm%3D%26ch%3D%26et%3D&adbw=slave-1-1%3A480%2Cmaster-1%3A480 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38yahoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 29 Sep 2022 09:09:52 GMT
expires: Thu, 29 Sep 2022 09:09:52 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 2312
x-xss-protection: 0
set-cookie: CONSENT=PENDING+226; expires=Sat, 28-Sep-2024 09:09:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

38yahoo.com/images/footer_slice_gradient.png

192.64.147.150

200 OK

221 B

URL HTTP/1.1
38yahoo.com/images/footer_slice_gradient.png
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
PNG image data, 17 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
221 B (221 bytes)
Hash
4257f88a35d8650d4debafd3d2761a4b
3e8b2105c630407eaada05f290676f6fcaa5830c
e0ea43a448c963c42f1dd0bc3b2a79149bd7f91c27d525d9e250c28b11130b4f

HTTP Headers

GET /images/footer_slice_gradient.png HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/min/?b=css&f=v2_style_1.css
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:52 GMT
Server: Apache
Last-Modified: Wed, 03 Jul 2019 18:58:59 GMT
ETag: "dd-58ccb742e62c0"
Accept-Ranges: bytes
Content-Length: 221
Cache-Control: max-age=2592000, public
Expires: Sat, 29 Oct 2022 09:09:52 GMT
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: image/png

38yahoo.com/images/rightcap_springmorning_01.png

192.64.147.150

200 OK

1.3 kB

URL HTTP/1.1
38yahoo.com/images/rightcap_springmorning_01.png
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
PNG image data, 225 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1266 bytes)
Hash
b35ccb04db6693c14ac837746268c4f3
e4384880780abdaa6a5e96908204eab4e70154d5
c333e024cc6959c5182ea935d17df6a8186152e0270f024b1f20eb4a8f758968

HTTP Headers

GET /images/rightcap_springmorning_01.png HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/min/?b=css&f=v2_style_1.css
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:52 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 03 Jul 2019 18:58:59 GMT
ETag: "4f2-58ccb742e62c0"
Accept-Ranges: bytes
Content-Length: 1266
Cache-Control: max-age=2592000, public
Expires: Sat, 29 Oct 2022 09:09:52 GMT
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: image/png

38yahoo.com/images/bg_springmorning_01.png

192.64.147.150

200 OK

266 B

URL HTTP/1.1
38yahoo.com/images/bg_springmorning_01.png
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
PNG image data, 31 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
266 B (266 bytes)
Hash
f86977b7c2448a5aa4f1677c07fd2ebe
f38b629fa7078a5489feb8927bea29b63d63b7e8
a1ae809a918fdea575225aee27bf10e06f5cc67e6c407c51715a9cf68b565bec

HTTP Headers

GET /images/bg_springmorning_01.png HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/min/?b=css&f=v2_style_1.css
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:52 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 03 Jul 2019 18:58:59 GMT
ETag: "10a-58ccb742e62c0"
Accept-Ranges: bytes
Content-Length: 266
Cache-Control: max-age=2592000, public
Expires: Sat, 29 Oct 2022 09:09:52 GMT
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: image/png

38yahoo.com/images/leftcap_springmorning_01.png

192.64.147.150

200 OK

1.2 kB

URL HTTP/1.1
38yahoo.com/images/leftcap_springmorning_01.png
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
PNG image data, 225 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1207 bytes)
Hash
01512b64e57a9e8e4b403bb47de6c1f1
5bd1475107e272d814c8342cbc97e6ca0161a57a
da0e73c09f0684527231269ab3606667838e0769e209a0e49e2f79de265dcbb2

HTTP Headers

GET /images/leftcap_springmorning_01.png HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/min/?b=css&f=v2_style_1.css
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:52 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 03 Jul 2019 18:58:59 GMT
ETag: "4b7-58ccb742e62c0"
Accept-Ranges: bytes
Content-Length: 1207
Cache-Control: max-age=2592000, public
Expires: Sat, 29 Oct 2022 09:09:52 GMT
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: image/png

38yahoo.com/photos/750_150/search.jpg

192.64.147.150

200 OK

14 kB

URL HTTP/1.1
38yahoo.com/photos/750_150/search.jpg
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 750x150, components 3\012- data
Size
14 kB (14071 bytes)
Hash
b701ab9b2f507e8c6991ae0d91dba4ea
9b5d37cca8c7af1945956246b8e86abfae612ee4
ffea0fa31f931dddaa2c9837b4c400d875b58777ba41cc7a4f6f66f3d59a0d2d

HTTP Headers

GET /photos/750_150/search.jpg HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 14071
Connection: close
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9de589812cbbb75efbcbb1ddadd63bc7
291278b3e1cce78d217fb87e36bd0a79f33465ca
dc206b730948f82a9b161a9ae57406c376d16dca79e6ee867008957fe682c0c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

54 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
54 kB (54436 bytes)
Hash
0adf3c8e09f66bac31c5c58a51b2ca4e
ac38e86bed81ae5a7227da4ca60f71ef657408cb
4ee1a5c3c264d6a5b2f6785dbbf3d2dd190d9e224959e36b368274fd18b2b51f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2

142.250.74.1

200 OK

273 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
273 B (273 bytes)
Hash
4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:48:29 GMT
expires: Thu, 29 Sep 2022 13:48:29 GMT
cache-control: public, max-age=82800
age: 66083
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2

142.250.74.1

200 OK

174 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
aa3a2f86d22121bff6d29639ccf1a157
bb7bbcdc7c5391dd50b78233fefd3216df8b452e
867d889f103b1a4ce8d5d9dc67d027656ecb34002ca254a290e8ff7d64c8ee6d

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:48:29 GMT
expires: Thu, 29 Sep 2022 13:48:29 GMT
cache-control: public, max-age=82800
age: 66083
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
206ea7aa64e57846d979b536a18647c1
a28a4f2f78207656be5b7dc36f7d02b020e71004
63537d84ee2aafee3691134661910479f563bd159a266ef5260b0a09d2facd6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=38yahoo.com&client=dp-voodoo41_3ph&product=SAS&callback=__sasCookie

172.217.21.162

200 OK

179 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=38yahoo.com&client=dp-voodoo41_3ph&product=SAS&callback=__sasCookie
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
9dc710001e7f17d0bdad230404a1de2c
55a1a2716277b92ef07d3beba8478e0f821926ee
9def1e3acb5ce4b1e315212e347bf27d85f0b819bc31ae2b6806b90110d7e7d9

HTTP Headers

GET /gampad/cookie.js?domain=38yahoo.com&client=dp-voodoo41_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38yahoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 29 Sep 2022 09:09:52 GMT
server: cafe
cache-control: private
content-length: 179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9de589812cbbb75efbcbb1ddadd63bc7
291278b3e1cce78d217fb87e36bd0a79f33465ca
dc206b730948f82a9b161a9ae57406c376d16dca79e6ee867008957fe682c0c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
206ea7aa64e57846d979b536a18647c1
a28a4f2f78207656be5b7dc36f7d02b020e71004
63537d84ee2aafee3691134661910479f563bd159a266ef5260b0a09d2facd6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

38yahoo.com/status.php?domain=38yahoo.com&trackingtoken=c62ec110751c6a53f0a1ea08e183ad44&status=caf&u_his=1&u_h=1024&u_w=1280&d_h=939&d_w=1280&u_top=0&u_left=0&http_referrer=

192.64.147.150

200 OK

20 B

URL HTTP/1.1
38yahoo.com/status.php?domain=38yahoo.com&trackingtoken=c62ec110751c6a53f0a1ea08e183ad44&status=caf&u_his=1&u_h=1024&u_w=1280&d_h=939&d_w=1280&u_top=0&u_left=0&http_referrer=
IP
192.64.147.150:0
ASN
#19867 VOODOO1

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /status.php?domain=38yahoo.com&trackingtoken=c62ec110751c6a53f0a1ea08e183ad44&status=caf&u_his=1&u_h=1024&u_w=1280&d_h=939&d_w=1280&u_top=0&u_left=0&http_referrer= HTTP/1.1
Host: 38yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38yahoo.com/cf.php
Cookie: session=c62ec110751c6a53f0a1ea08e183ad44
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 09:09:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=c62ec110751c6a53f0a1ea08e183ad44; expires=Thu, 29-Sep-2022 09:39:52 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 20
Connection: close
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML