r11.o.lencr.org/
504 B IP
ASN #20940 Akamai International B.V.
Hash 219f59137337a0ee601729cab5ec83f6
85f2e3496820405559fd526b44b9a915e0009a4f
f9701bf0083b06f4a573774d1a4dd491236216bc08f1006a94ce79144df70a21
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F9701BF0083B06F4A573774D1A4DD491236216BC08F1006A94CE79144DF70A21"
Last-Modified: Sat, 17 Aug 2024 00:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14742
Expires: Sat, 17 Aug 2024 22:31:39 GMT
Date: Sat, 17 Aug 2024 18:25:57 GMT
Connection: keep-alive
r10.o.lencr.org/
504 B IP
ASN #20940 Akamai International B.V.
Hash 69a9603269726ce602d708bf57058c4c
8689e9ea81ea9636e7b08c3ed42650553a0c4e3b
1a2339d740b715f3df1900d80114c8376ead57205961a6f896edf37b3ee3a897
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A2339D740B715F3DF1900D80114C8376EAD57205961A6F896EDF37B3EE3A897"
Last-Modified: Sat, 17 Aug 2024 09:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8576
Expires: Sat, 17 Aug 2024 20:48:54 GMT
Date: Sat, 17 Aug 2024 18:25:58 GMT
Connection: keep-alive
s.yimg.com/wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/yahoo-main.css
200 OK 107 kB URL GET HTTP/2 s.yimg.com/wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/yahoo-main.css
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (42867)
Size 107 kB (106809 bytes)
Hash ea481464ba6569b3e2231a864005708d
11701ff5cf633e33b702623e6cac4a5dbffb9444
298eff68c8072fab66a60d677784d66bcd6a0d77e112c50c9e9271a882209e63
GET /wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/yahoo-main.css HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 4iaCThArbzBIl9S0Hxy+BqDOtb2umbRb/uz2HN1rNuJpFyVVitvRW8mhZ64nyP9xBZwhz2mu+s5exkFdKaQVkQ==
x-amz-request-id: W6C6GFAYJA3JV84P
date: Tue, 30 Jul 2024 07:28:18 GMT
last-modified: Tue, 26 Oct 2021 13:54:24 GMT
etag: "ea481464ba6569b3e2231a864005708d-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/css
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 1594661
content-length: 106809
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1
X-Firefox-Spdy: h2
s.yimg.com/ss/rapid-3.53.30.js
200 OK 18 kB URL GET HTTP/2 s.yimg.com/ss/rapid-3.53.30.js
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
Hash 665798d28ecf9be7cbc434e75267920d
55864f76f012bb11a354c6bacdcc7769a5ec6fa2
7bc917ebee12bcd521ae88840228032579459c25a3ccf8953d8a2dbe5e085be9
GET /ss/rapid-3.53.30.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: OjfDM8cMA19OXt8rYfdaOf24Md3ZfbbPsRenkEAVn7tJi+kyhEQ4ptPWz/PsMkRvEpvaA4ZjhIU=
x-amz-request-id: D6KG7MH0J7464DT4
date: Sun, 14 Jul 2024 13:33:58 GMT
last-modified: Tue, 29 Jun 2021 01:45:07 GMT
etag: "665798d28ecf9be7cbc434e75267920d-df"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, immutable
x-amz-version-id: .Bcg25AHAdRCkTvv5tMdNmGVEjznZ_m3
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2955121
content-encoding: gzip
content-length: 17971
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/bundle.js
200 OK 50 kB URL GET HTTP/2 s.yimg.com/wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/bundle.js
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (29565)
Hash 9d0d35eeb38380d91dbb5f4514dd867a
41292bf95c6d373b4f57fbc158a8f37bd522b3c1
60d695ebfb8891875444d4f4b8fb0ed3983a25b6ff0521e88ad8e28a83979394
GET /wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/bundle.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: YLb8UU5PY86IOVnjnzNQQDjKfCOagt02mP5RNxHgf9PCgh7MCGk20tbgjh13dr3H3mtA1rwhtZQ=
x-amz-request-id: SETXMHEP7MBPDG48
date: Tue, 30 Jul 2024 15:07:43 GMT
last-modified: Tue, 26 Oct 2021 13:54:24 GMT
etag: "9d0d35eeb38380d91dbb5f4514dd867a-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1567096
content-encoding: gzip
content-length: 49494
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/4-10-0/js/g-r-min.js
403 Forbidden 243 B URL GET HTTP/2 s.yimg.com/rq/darla/4-10-0/js/g-r-min.js
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type XML 1.0 document, ASCII text
Hash 1b5b91aa6e682665fcf31a6972e1ced7
1e1f1e11e8ec14382bfe5114b8fff43949ddadc2
01b80bf4ac1a40f627691636014ebacb34412d37008687c2060a3a92b9aa3018
GET /rq/darla/4-10-0/js/g-r-min.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
x-amz-request-id: BYY5MJQ238GGZE9M
x-amz-id-2: p7WF3Vhv7u2TdlIrkKr6sipAxyswnyU23gokjtPhRxrdDPYFz5yCuklIMN/pUdWOKfNigqp5kN0=
content-type: application/xml
date: Sat, 17 Aug 2024 18:21:39 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin
expires: Sat, 17 Aug 2024 18:26:40 GMT
age: 260
content-length: 243
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
404 Not Found 5.1 kB URL GET HTTP/2 fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (384)
Hash 4f992880ae7643b6679fef6e71284ccc
8262b9911fc1a90b22570a0258c4f827caccd31a
2ef260057b6cb3041ff3d676a7916d2de1d7c593305722f365a5753ff6528afc
GET /sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement HTTP/1.1
Host: fc.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 17 Aug 2024 18:25:59 GMT
server: ATS
cache-control: no-store
content-type: text/html
content-language: en
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: A3=d=AQABBDfrwGYCEPVMgL3upG_XZDSy48J2WkMFEgEBAQE8wmbKZvmfzSMA_eMAAA&S=AQAAAuTfZ4u32fYGI3H4XMqJr2E; Expires=Mon, 18 Aug 2025 00:25:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 5052
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/4-10-0/js/g-r-min.js
403 Forbidden 243 B URL GET HTTP/2 s.yimg.com/rq/darla/4-10-0/js/g-r-min.js
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type XML 1.0 document, ASCII text
Hash 1b5b91aa6e682665fcf31a6972e1ced7
1e1f1e11e8ec14382bfe5114b8fff43949ddadc2
01b80bf4ac1a40f627691636014ebacb34412d37008687c2060a3a92b9aa3018
GET /rq/darla/4-10-0/js/g-r-min.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
x-amz-request-id: BYY5MJQ238GGZE9M
x-amz-id-2: p7WF3Vhv7u2TdlIrkKr6sipAxyswnyU23gokjtPhRxrdDPYFz5yCuklIMN/pUdWOKfNigqp5kN0=
content-type: application/xml
date: Sat, 17 Aug 2024 18:21:39 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin
expires: Sat, 17 Aug 2024 18:26:40 GMT
age: 261
content-length: 243
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
200 OK 29 kB URL GET HTTP/2 s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 28860, version 1.0
Hash a99b283070afc519f4816e4300c515d2
65b78d03d56de125060e61069debfc47e38fb3df
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zsa.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://s.yimg.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ukw+XioDec8cWTbefIBuUFlB2xyR4oWax4trDv9PVU8abcj3LE7W1w4S42c7R8uRrLwNsjv6w5U=
x-amz-request-id: FKF0YBQWWFMW2JBM
date: Sat, 03 Aug 2024 15:37:03 GMT
last-modified: Thu, 19 Apr 2018 19:06:41 GMT
etag: "a99b283070afc519f4816e4300c515d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-mbst-vtime: 1507011771545398
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28860
referrer-policy: no-referrer-when-downgrade
age: 1219737
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
200 OK 29 kB URL GET HTTP/2 s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 29040, version 1.0
Hash af9fdad7698452697b016850fff96423
710130c79bf56297f8abcc6d6c575172590133b0
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zsa.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://s.yimg.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rZqvMvBXjfiB8i9SaxaWEzaaGGacNiwqeVXP6eUEC1JeBLrYuXnmePoJtCDiqnFOc5e+V8E978Y=
x-amz-request-id: 3TZPGMWYG8JVQJ5D
date: Fri, 16 Aug 2024 21:43:04 GMT
last-modified: Thu, 19 Apr 2018 17:33:29 GMT
etag: "af9fdad7698452697b016850fff96423"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
x-amz-meta-x-ysws-mbst-vtime: 1507011771480561
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29040
referrer-policy: no-referrer-when-downgrade
age: 74576
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
200 OK 29 kB URL GET HTTP/2 s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 29228, version 1.0
Hash 7c7c02dcee2bf1c2528db6092d4ad1fa
988a01f705c074261490625c70f94b2642413693
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zsa.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://s.yimg.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Sw2FDghGiKStu7p3l1t7z9d8gqPFkwCkcVs5+Wz+JWJxjXAfrY3AGmr1YEq7LzUTiIvtcT17NIM=
x-amz-request-id: 4SPF4Q7A73NXBVW6
date: Sun, 21 Jul 2024 18:54:02 GMT
last-modified: Thu, 19 Apr 2018 16:25:50 GMT
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-amz-meta-mbst-etag: "YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-mbst-vtime: 1507011772247755
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29228
referrer-policy: no-referrer-when-downgrade
age: 2331118
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
404 Not Found 5.1 kB URL GET HTTP/2 fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (384)
Hash fd9c75e011ae44d12c995af6e366b062
a414d6397721821f03ca542785252a9611eac803
770f5db0bc4b6b225338e279f7a7dcf15b03cc8be36bdf64db003f0f3ad0cc72
GET /sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement HTTP/1.1
Host: fc.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 17 Aug 2024 18:26:00 GMT
server: ATS
cache-control: no-store
content-type: text/html
content-language: en
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: A3=d=AQABBDjrwGYCEGExAtucUfwIWqRuXqKWtR8FEgEBAQE8wmbKZvmfzSMA_eMAAA&S=AQAAAln3ZYqRSCATc7SqMtWywhM; Expires=Mon, 18 Aug 2025 00:26:00 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 5052
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/4-10-0/html/r-csc.html
403 Forbidden 243 B URL GET HTTP/2 s.yimg.com/rq/darla/4-10-0/html/r-csc.html
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type XML 1.0 document, ASCII text
Hash c999cd8dbe529a8b8857f866dff3b57a
f667351a580ddb654dc5c2299257cbed1a84cc72
5a007c6ce9eb48839fe3c3d11efb1f93d37de65749a25c32f02bcd6df6c819ca
GET /rq/darla/4-10-0/html/r-csc.html HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
x-amz-request-id: QYPCPXDSRT6MT5C3
x-amz-id-2: 41e3eYNXFTLZwSwh3k5+5q6A0F76nftMOh2mfEbPJcpMck6J+PLHUvmyoL4UtbKt1oBoHPRU7ac=
content-type: application/xml
date: Sat, 17 Aug 2024 18:21:40 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin
expires: Sat, 17 Aug 2024 18:26:41 GMT
age: 260
content-length: 243
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
404 Not Found 5.1 kB URL GET HTTP/2 fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (384)
Hash 1706e568237fcff4ce9355e89b9e00d3
5735a80edf8137f4799c31ee0cfbec3f614b8d12
100399c415b268bb21f1cefbbd4420b69120b4b0c0d9e54c8e8b7e57b4570906
GET /sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement HTTP/1.1
Host: fc.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 17 Aug 2024 18:26:00 GMT
server: ATS
cache-control: no-store
content-type: text/html
content-language: en
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: A3=d=AQABBDjrwGYCEE4cL3C5kkaJoSeMs7kkEZ0FEgEBAQE8wmbKZvmfzSMA_eMAAA&S=AQAAAhtvNa5b-LVBOe38fRxmDHY; Expires=Mon, 18 Aug 2025 00:26:00 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 5052
X-Firefox-Spdy: h2
s.yimg.com/wm/mbr/images/show-v0.0.1.svg
200 OK 660 kB URL GET HTTP/2 s.yimg.com/wm/mbr/images/show-v0.0.1.svg
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Size 660 kB (660114 bytes)
Hash 7023de5408ffa052a862ba84dbedea53
2de51ab317838302a14b33180add0386e787d2eb
fc0d81c23cc7191b8d6f9216725c78d42f81f34037c8802df4d21556ad0f7c69
GET /wm/mbr/images/show-v0.0.1.svg HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yimg.com/wm/mbr/58dc9fe4f6c2083f38135ec31a4db5c11ab15bc4/yahoo-main.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: htnkvb1ofgBNBzNDHUvx1ECIauqjnWzVMqvvUhpX8wnT2d/kSysoaXQJOMYG80LUnuLc9GRHvyE=
x-amz-request-id: 756MRDQ3DVHC4Q4X
date: Fri, 09 Aug 2024 09:32:26 GMT
last-modified: Tue, 16 Jul 2019 23:13:44 GMT
etag: "7023de5408ffa052a862ba84dbedea53-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=315360000
accept-ranges: bytes
content-type: image/svg+xml
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 723215
content-encoding: gzip
content-length: 660114
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/wm/mbr/images/yahoo-apple-touch-v0.0.2.png
200 OK 13 kB URL GET HTTP/2 s.yimg.com/wm/mbr/images/yahoo-apple-touch-v0.0.2.png
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit/color RGB, interlaced
Hash a9d2dde886cd61f73365a84878c78475
6f1f1f7414116c4b01f04ee0a07b41202c2da539
b168c836ccef9cf1cbf7b2440bc11d26667c4ae19613f1e7cf5e6cdc303c7de4
GET /wm/mbr/images/yahoo-apple-touch-v0.0.2.png HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: wMa82ehkOHJr2EJsYNCLxmfMmgnPG5BEZcvcLXjQxWmg3bwxeUxkH4c0DVDiVPXx7/lBHBtoCSU=
x-amz-request-id: R150T8E519KFXSMP
date: Thu, 25 Jul 2024 18:55:05 GMT
last-modified: Thu, 12 Sep 2019 21:58:38 GMT
etag: "a9d2dde886cd61f73365a84878c78475"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=315360000
accept-ranges: bytes
content-type: image/png
server: ATS
content-length: 12635
referrer-policy: no-referrer-when-downgrade
vary: Origin
age: 1985456
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico
200 OK 1.4 kB URL GET HTTP/2 s.yimg.com/wm/mbr/images/yahoo-favicon-img-v0.0.2.ico
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Hash b6814ae5582d7953821acbd76e977bb4
75a33fc706c2c6ba233e76c17337e466949f403c
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
GET /wm/mbr/images/yahoo-favicon-img-v0.0.2.ico HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: sQX60OAx7zZiHRvkCAcCpbsb4/qwXDdNzd4H3yEF0E8Z7WomnrdiI0Md7r3bDULuECbE9wW9r8E=
x-amz-request-id: G1R2X7N1PDAJX1GN
date: Mon, 12 Aug 2024 19:02:12 GMT
last-modified: Wed, 11 Sep 2019 18:01:04 GMT
etag: "b6814ae5582d7953821acbd76e977bb4"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=315360000
accept-ranges: bytes
content-type: image/vnd.microsoft.icon
server: ATS
content-length: 1406
referrer-policy: no-referrer-when-downgrade
vary: Origin
age: 429829
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
404 Not Found 5.1 kB URL GET HTTP/2 fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (384)
Hash 3eabde83c2cff91d82e60b9540639fba
f315683201951748282a8bd6a4d0c48e0fbec2f4
36fb1d7f199ba88ab6342e0cd5c0e6ae4c65128e739b579f4cf1a2e3b6294d86
GET /sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200019&ref=https%3A%2F%2Flogin.yahoo.com%2Faccount%2Fchallenge%2Fpassword&sa=geminifed%253D1%2520y-bucket%253Dmbr-push-untrusted-ar%252Cmbr-fido-1fa-login%252Cmbr-rcscore-threshold%252Cmbr-qr-comet-sdk%252Cmbr-login-domain%252Cmbr-yak-ui-improvement HTTP/1.1
Host: fc.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 17 Aug 2024 18:26:00 GMT
server: ATS
cache-control: no-store
content-type: text/html
content-language: en
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: A3=d=AQABBDjrwGYCEPM0hnawzwjrbYcG542fuxgFEgEBAQE8wmbKZvmfzSMA_eMAAA&S=AQAAAhEq6mvIiNIAe-WbSfyac0E; Expires=Mon, 18 Aug 2025 00:26:00 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 5052
X-Firefox-Spdy: h2
3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200019&yhlCT=2&yhlBTMS=1723919159861&yhlClientVer=3.53.30&yhlRnd=KD0X8cz3O9kmNyvX&yhlCompressed=0
204 No Content 0 B URL POST HTTP/2 3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200019&yhlCT=2&yhlBTMS=1723919159861&yhlClientVer=3.53.30&yhlRnd=KD0X8cz3O9kmNyvX&yhlCompressed=0
IP
ASN #34010 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subjectyahoo.com
Fingerprint1D:9F:0B:4C:AD:06:1B:07:EF:6F:AE:FF:6A:03:12:08:32:B6:24:27
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 08 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200019&yhlCT=2&yhlBTMS=1723919159861&yhlClientVer=3.53.30&yhlRnd=KD0X8cz3O9kmNyvX&yhlCompressed=0 HTTP/1.1
Host: 3p-udc.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1732
Origin: https://zsa.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: https://zsa.pages.dev
vary: Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, private, max-age=0
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
pragma: no-cache
expires: -1
x-envoy-upstream-service-time: 1
date: Sat, 17 Aug 2024 18:26:00 GMT
server: ATS
age: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r11.o.lencr.org/
504 B IP
ASN #20940 Akamai International B.V.
Hash 3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8221
Expires: Sat, 17 Aug 2024 20:43:02 GMT
Date: Sat, 17 Aug 2024 18:26:01 GMT
Connection: keep-alive
r11.o.lencr.org/
504 B IP
ASN #20940 Akamai International B.V.
Hash 3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8221
Expires: Sat, 17 Aug 2024 20:43:02 GMT
Date: Sat, 17 Aug 2024 18:26:01 GMT
Connection: keep-alive
zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
200 OK 29 kB URL User Request GET HTTP/2 zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
IP
Certificate IssuerGoogle Trust Services
Subjectzsa.pages.dev
Fingerprint95:EF:BD:E1:5E:5F:35:23:0C:B3:CB:08:4D:66:A2:87:45:39:D3:C2
ValidityFri, 28 Jun 2024 11:04:33 GMT - Thu, 26 Sep 2024 11:04:32 GMT
File type JavaScript source, ASCII text, with very long lines (14294), with CRLF line terminators
Hash 7fc90c44f0a4b02163b0212b32beb9a7
c06ded4b78f8a273423c40e04d628de4c4f96ff3
51cce8b8b3e01a3c9cee9ab902284c9dd5e3b9be98212cf52a828c442b7b64c9
Analyzer Verdict Alert urlquery phishing Phishing - Yahoo
Quad9 DNS malicious Sinkholed
GET /%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C HTTP/1.1
Host: zsa.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 17 Aug 2024 18:25:58 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AscjGDHwV5LhGmc4%2Fy5FP5Gc%2Fz0OTi6hRIqssHOSGmNhnxo3tVASHdMayR%2FSdCS%2BiAv2zFZ8JAoJbqARace12BmXe4yfE2lK7Vp2VhJbI%2FlbWso0elWFwPmPZ5btVXYu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b4bb5b42c22568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/boot.js
403 Forbidden 0 B URL GET HTTP/2 s.yimg.com/rq/darla/boot.js
IP
ASN #203220 Yahoo-UK Limited
Requested by https://zsa.pages.dev/%5C%5C%5C%5C%5C%5C%5Chttps:%5C%5C/%5C%5C/6.at.atwola.com%5C%5C/6.at.atwola.com%5C%5C
Certificate IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintE4:CF:90:6A:6D:89:B3:53:A9:84:11:07:41:9F:BA:86:DB:6B:DD:0B
ValidityTue, 30 Jul 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rq/darla/boot.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zsa.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
x-amz-request-id: FVMBPCDY7496J88W
x-amz-id-2: 29Ypubhz6MQF18PQEDh8U19/f2+E08ZvfediwGcaFdoABdR2/S0AQ7Dg6U0QpDlXwWPl2mCBlVrd+soZIT2PridfSg2MU56NCbk9CqcX4vg=
content-type: application/xml
date: Sat, 17 Aug 2024 18:25:58 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin
age: 3
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
172.66.47.176
23.36.76.226
87.248.119.252
188.125.72.139