petranera.gr
Open in
urlscan Pro
176.9.88.93
Malicious Activity!
Public Scan
Submission: On November 03 via automatic, source openphish
Summary
This is the only time petranera.gr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 176.9.88.93 176.9.88.93 | 24940 (HETZNER-AS) (HETZNER-AS) | |
18 | 2a00:1288:80:... 2a00:1288:80:800::7000 | 203220 (YAHOO-DEB) (YAHOO-DEB) | |
1 | 2a00:1288:110... 2a00:1288:110:201::50 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
23 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
yimg.com
s.yimg.com l.yimg.com |
2 MB |
3 |
petranera.gr
1 redirects
petranera.gr |
12 KB |
1 |
yahoo.com
login.yahoo.com us.bc.yahoo.com Failed |
|
0 |
yahoo.net
Failed
login.yahoo.net Failed |
|
23 | 4 |
Domain | Requested by | |
---|---|---|
12 | s.yimg.com |
petranera.gr
|
6 | l.yimg.com | |
3 | petranera.gr |
1 redirects
s.yimg.com
|
1 | login.yahoo.com |
petranera.gr
|
0 | us.bc.yahoo.com Failed |
petranera.gr
|
0 | login.yahoo.net Failed |
petranera.gr
|
23 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
global.ard.yahoo.com |
protect.login.yahoo.com |
edit.yahoo.com |
login.yahoo.com |
open.login.yahoo.com |
docs.yahoo.com |
security.yahoo.com |
privacy.yahoo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2017-10-20 - 2017-12-06 |
2 months | crt.sh |
login.yahoo.com DigiCert SHA2 High Assurance Server CA |
2016-11-30 - 2017-12-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://petranera.gr/geedeemail/
Frame ID: 28956.1
Requests: 22 HTTP requests in this frame
Frame:
https://login.yahoo.net/login_superads/us/superads_iframe_content.html?es=ddoT7A751u8Zh8QM24Y-&b=36bl2o56soqhq%26b%3D4%26d%3DYflfBH9pYEIiR.yde2f1VfRr1DZlSC5pHrGhsw--%26s%3D4k%26i%3DkMjN2Es9Vb_ws8Dmuj69
Frame ID: 28956.2
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://petranera.gr/geedeemail
HTTP 301
http://petranera.gr/geedeemail/ Page URL
Detected technologies
UNIX (Operating Systems) ExpandDetected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_ssl (Web Server Extensions) Expand
Detected patterns
- headers server /mod_ssl(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
- headers server /mod_ssl(?:\/([\d.]+))?/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Yahoo!
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Are you protected?
Search URL Search Domain Scan URL
Title: Create your sign-in seal.
Search URL Search Domain Scan URL
Title: I can't access my account
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Google
Search URL Search Domain Scan URL
Title: Create New Account
Search URL Search Domain Scan URL
Title: Copyright/IP Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Guide to Online Security
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://petranera.gr/geedeemail
HTTP 301
http://petranera.gr/geedeemail/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
petranera.gr/geedeemail/ Redirect Chain
|
42 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yregbase_sec_ui_1_9.css
s.yimg.com/lq/i/reg/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uh_slim_ssl-1.0.7.css
s.yimg.com/lq/lib/uh/15/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.gif
s.yimg.com/lq/i/brand/purplelogo/uh/us/ |
905 B 914 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_dom_event_animation_connection_2.8.2_inc_superads_capslock_loginmd5_min_12.js
s.yimg.com/lq/lib/reg/js/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rto1_78.js
s.yimg.com/lq/lib/rt/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uh_sprites_1.5-1.0.3.png
s.yimg.com/lq/lib/uh/15/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs.gif
login.yahoo.com/i/reg/ |
14 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint_3_18_2010_1.png
s.yimg.com/lq/i/reg/login/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginsprite_2_18_2010.png
s.yimg.com/lq/i/reg/login/ |
960 B 969 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fcue-sprite.png
s.yimg.com/lq/i/reg/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb-goog.gif
s.yimg.com/lq/i/reg/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
superads_iframe_content.html
login.yahoo.net/login_superads/us/ Frame 2895 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc_2.0.5.js
s.yimg.com/lq/lib/bc/ |
2 KB 946 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logad
petranera.gr/config/ |
458 B 458 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yabcs.js
s.yimg.com/ik/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
b
us.bc.yahoo.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y20_1.jpg
l.yimg.com/a/i/rt/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y50_1.jpg
l.yimg.com/a/i/rt/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y100_1.jpg
l.yimg.com/a/i/rt/ |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y300_1.jpg
l.yimg.com/a/i/rt/ |
300 KB 300 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y600_1.jpg
l.yimg.com/a/i/rt/ |
599 KB 599 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y1200_1.jpg
l.yimg.com/a/i/rt/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.yahoo.net
- URL
- https://login.yahoo.net/login_superads/us/superads_iframe_content.html?es=ddoT7A751u8Zh8QM24Y-&b=36bl2o56soqhq%26b%3D4%26d%3DYflfBH9pYEIiR.yde2f1VfRr1DZlSC5pHrGhsw--%26s%3D4k%26i%3DkMjN2Es9Vb_ws8Dmuj69
- Domain
- us.bc.yahoo.com
- URL
- http://us.bc.yahoo.com/b?P=GtX7y0WTcKAzLqLBTcxqOgDaKToDoU3o88QABF.m&T=18fvnijg2%2fX%3d1307112388%2fE%3d150002527%2fR%3dreglsa%2fK%3d5%2fV%3d1.1%2fW%3dJ%2fY%3dYAHOO%2fF%3d2994235517%2fH%3dc2VjdXJlPSJ0cnVlIiBzZXJ2ZUlkPSJHdFg3eTBXVGNLQXpMcUxCVGN4cU9nRGFLVG9Eb1Uzbzg4UUFCRi5tIiBzaXRlSWQ9IjQ0NjU1NTEiIHRTdG1wPSIxMzA3MTEyMzg4MzAwODAyIiA-%2fS%3d1%2fJ%3d83F18E44&U=13gktujna%2fN%3dHrx3EEwNO60-%2fC%3d650008.13546636.14403860.13057442%2fD%3dHEAD%2fB%3d5775037%2fV%3d1&Q=0&O=0.11059939476256053
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yahoo.net/ | Name: BX Value: 7m9fn19cvprgb&b=3&s=ne |
|
.petranera.gr/ | Name: BA Value: t=1509748236 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
l.yimg.com
login.yahoo.com
login.yahoo.net
petranera.gr
s.yimg.com
us.bc.yahoo.com
login.yahoo.net
us.bc.yahoo.com
176.9.88.93
2a00:1288:110:201::50
2a00:1288:80:800::7000
0350180c01b8c78379141a7ff041a4c35681311686d22bee5b10290d116e53d7
0862451d73c7f8082fd19f0ec018d506f303b3342ad6631e21eef8a2398718ad
0e196d63c14ddfee3317ab77a09654f351adea63c361568fec18ca32fd10b595
24c31adfdd6149f059ac72e71eeead3a77a6461870c7d6061e26c25cd0350845
3f5dfc5c17143debd793077f852fd699a9df672a275bfaef5350b5a38c7f8347
40a059d7abf82862d4c9711b6f2752d2c8e22e2adf3a1e492160177cfe8eb508
7a5a21279ac5a0228ea5cabfd54e5643f923a1ec3a6b36e5d8863cd1faf8afd7
7de86802e25fc0c705679fcb713a42fdd41444b66e15e6e3bf31f41c1a9d8091
ad9c10aba4c60e5e7dc58a81ecf9f0f1f0c23f73047c6d2e2a7afda85c2ba4f2
af81f7d0432c0eb97461ac48fd9d45a4b4fd82bf4c4abee30194ee073bf316ba
b801c86f9c36fbfcf2d05bb34fa44bfd52e16615aaa8690b678cf5a67f0d5026
ba15d522551c3e9bcde03243d61c5d77fbb48e8291045b67eab1256262502779
cb2f00d1e554baf96001ddb5e22ee63a8053fd3f8b6cad8acd74504af0dadb52
cbae844abf1afe1dcb40374d76db92eb45cc05056800031360ffdd91c8c51402
cf3d21e7dd84a21cf661be427a92131920a181813ba934df808842e69d02a77f
d80eefb87deaf76b3ce99b96d2e0881b24fa17c7c9d189097d13f3ba66de556e
e29d7da562fb95ff9cd98dcc452ee54b5ee98bf006e92cf2180f084b564e4ef8
e5e59379948ffcd950594c76bf256aab80fba0bf75a6313074d8ea3c14b29b60
eb82f34336756b1d505ff8360b64197247d20ba9cb1163f908cad8ab0084c4b2
eddb9b9d5538d0583a80b5bd0984603656c62c616e338ad1ca32bb9cda187057