![](/screenshots/1d920389-0394-469e-947c-b5f4a7f3409b.png)
yuble.com
Open in
urlscan Pro
107.180.12.130
Malicious Activity!
Public Scan
Submission: On August 09 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 17th 2022. Valid for: a year.
This is the only time yuble.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tuya (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 107.180.12.130 107.180.12.130 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
3 | 151.101.193.229 151.101.193.229 | 54113 (FASTLY) (FASTLY) | |
1 2 | 23.45.51.88 23.45.51.88 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 142.250.196.100 142.250.196.100 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.251.42.131 142.251.42.131 | 15169 (GOOGLE) (GOOGLE) | |
2 | 23.45.50.177 23.45.50.177 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
32 | 6 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 130.12.180.107.host.secureserver.net
yuble.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-51-88.deploy.static.akamaitechnologies.com
img1.wsimg.com | |
img6.wsimg.com |
ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net
www.gstatic.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-50-177.deploy.static.akamaitechnologies.com
events.api.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
yuble.com
yuble.com |
231 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 369 |
57 KB |
2 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12273 |
556 B |
2 |
gstatic.com
www.gstatic.com |
|
2 |
wsimg.com
1 redirects
img1.wsimg.com — Cisco Umbrella Rank: 9640 img6.wsimg.com — Cisco Umbrella Rank: 11860 |
12 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
28 KB |
32 | 6 |
Domain | Requested by | |
---|---|---|
23 | yuble.com |
yuble.com
|
3 | cdn.jsdelivr.net |
yuble.com
|
2 | events.api.secureserver.net |
img1.wsimg.com
|
2 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
yuble.com
|
1 | img6.wsimg.com |
yuble.com
|
1 | img1.wsimg.com | 1 redirects |
32 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tuya.com.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
yuble.com Go Daddy Secure Certificate Authority - G2 |
2022-08-17 - 2023-09-18 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-07-10 - 2024-08-10 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://yuble.com/1/2/index1.html
Frame ID: 0F9A2F7A3F65E48E8D2F1BE58D642890
Requests: 29 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lflz98bAAAAAEyo_Oi6TF2Lo2fhb2mQxvmkeRBJ&co=aHR0cHM6Ly93d3cudHV5YS5jb20uY286ODQ2MQ..&hl=es-419&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=j8kt87rud6ii
Frame ID: BF535BF0B56E12CB832AC8BEC63A4A5D
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/1d920389-0394-469e-947c-b5f4a7f3409b.png)
Page Title
Portal Transaccional TuyaDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Ingresa aquĆ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
- https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index1.html
yuble.com/1/2/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
yuble.com/1/2/App_Themes/404/ |
158 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Default1.css
yuble.com/1/2/App_Themes/404/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.slim.min.js
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ |
71 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/ |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
yuble.com/1/2/Scripts/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.blockUI.js
yuble.com/1/2/Scripts/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_UtilidadesSitio.js
yuble.com/1/2/Scripts/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Indicador.js
yuble.com/1/2/Scripts/ |
4 KB 844 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerPortalSinMarcas.png
yuble.com/1/2/App_Themes/Imagenes/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PublicidadPortal.JPG
yuble.com/1/2/App_Themes/Imagenes/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/ Redirect Chain
|
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame BF53 |
51 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton3.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton4.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton6.png
yuble.com/1/2/App_Themes/Imagenes/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton0.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton7.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton8.png
yuble.com/1/2/App_Themes/Imagenes/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton9.png
yuble.com/1/2/App_Themes/Imagenes/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton5.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton2.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BotonBorrar.png
yuble.com/1/2/App_Themes/Imagenes/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
botonAceptar_login.png
yuble.com/1/2/App_Themes/Imagenes/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boton1.png
yuble.com/1/2/App_Themes/Imagenes/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
titulos-productos.png
yuble.com/1/2/App_Themes/Imagenes/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame BF53 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__es_419.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame BF53 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
botonAsterisco.png
yuble.com/1/2/App_Themes/Imagenes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 278 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 278 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tuya (Financial)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| $ function| jQuery function| Popper object| bootstrap function| AbrirAplicacion function| fullScreen function| noEmbebed function| disableContext function| disableKeys function| onlyDigits function| getPath function| mouseOverPad function| mouseOutPad function| mouseOverStart function| mouseOutStart function| Llenarclave function| limpiarPass function| checkFields object| slideCache function| RunSlideShow object| focoPassword function| initProveedor function| initFoco function| foco function| no_foco function| Validate_Checkbox function| VentanaAyuda function| launch function| launchRemote function| detectAcrobat function| addClass function| removeClass function| openLoading function| openLoadingCertificados function| closeLoading function| preloadButtons function| preloadImage object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yuble.com/ | Name: _tccl_visitor Value: 8c04fd97-562e-5084-ae25-be1003bd7340 |
|
.yuble.com/ | Name: _tccl_visit Value: 8c04fd97-562e-5084-ae25-be1003bd7340 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
events.api.secureserver.net
img1.wsimg.com
img6.wsimg.com
www.google.com
www.gstatic.com
yuble.com
107.180.12.130
142.250.196.100
142.251.42.131
151.101.193.229
23.45.50.177
23.45.51.88
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
2b0f8e5de63e54ccfeb880f7e412930f2ed1386e37d4212458cc8929582658c3
3b78b12f2643778c214d1994ac99e64993e98997dc502a3164a8582f5d82d99b
486d3c09c74ef88ccb58aabd7ac3010936f1c00a0cc788e7d86e970e69e36f22
4aac086cb340ce61c7f2f2bdf9f0b9a7d0fce1697fe0cc56444693823515ef16
57a1ec62cda2a2b0af03063e66e5590bd24fc8fb8576ebae5eb2372d64137ca9
59f2629c01fc1dedc36d4d94e3d8dc5b95cebb41d95d1ee81a4fd9ac8445e59c
5d4fb09832af72e1747b2ab493057a2856a1d31018f16226367a5d57010e41d2
72a927e2b16de3869cd61aebf6cab10e36c1eb5a2a0d97c0d646f75483d56d1c
79e1b2f6c2c1ced5706d2d22f92bdd11542fff1a7506e9106c0ea6b16a04da80
7c109e713efe659aa8edda8af67fe41a4b27ca43f4a9c617a1766f5caa4e8b5b
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
7e79c8e0ff21f7e537d38b3360c00f2a9f99181c680f0a019d7e5d40be5ec8d5
81fdd88dc815fbcf6d9dcad7c79d9278220576d033761141f36d449ab67c0ae5
883d0861ea6fc9fb497342decbc083f5a6c56ce1215c325c1d323886f0763155
a4317c03b8d4d20c4c54e163b6d3c16e0107b02d4ee9acd7406d9f7c725cc8f2
a9089686579c6d825a10e1255d46d1cbe06e5e4a50c6be142b2dea28d0baabeb
acd861e16879edb709ccbd30beea5dfd46873c7c70f9adc07708f206bb479d72
ad755dfae1647fa2c926168ed41aef17961c7993a8362662707e57572e13e37b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7c27b2cb4cc310e1e675d2d19d5c2a0a88287740013558c47e18b8649ca804d
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
c3af003187a724d0fa7bb7e5c6f30e7c026ea3415f57e8e1000685d49e0f505d
ce62e581b5780a29de2936c2d6af906df2e9ddfeee5a0b9e3d21bb16cb3fafc2
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d994557f9b3a2dbbf52cfbea260ae86c0e7815de3d2c798b42321363b0ac4ee3
e46fe710cab89e1b608c886f5089ee6b20e8ca0973c90d63757e91684716e6fd
fa9929129a567369394f0d97e9fab7fc320cd5eb21938a01e844dfbb8c1116d3
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f