subs.communications.yahoo.com
Open in
urlscan Pro
2a00:1288:80:807::1
Public Scan
Effective URL: https://subs.communications.yahoo.com/yahoo_unsub.html?obfuid=Pl7k24H5cU7JCWZ-nzIMq7HZDC6BrJjquqcSXwSA2AwwaEngjpFUkITQ3D2Emo9KtLTN1mQ9...
Submission Tags: phishing
Submission: On December 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 11th 2022. Valid for: 3 months.
This is the only time subs.communications.yahoo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 159.127.198.249 159.127.198.249 | 19137 (EPSILON-I...) (EPSILON-INTERACTIVE) | |
9 | 2a00:1288:80:... 2a00:1288:80:807::1 | 203220 (YAHOO-DEB) (YAHOO-DEB) | |
1 | 2a00:1288:110... 2a00:1288:110:c204::b000 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
10 | 2 |
ASN203220 (YAHOO-DEB, GB)
subs.communications.yahoo.com | |
s.yimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
yahoo.com
subs.communications.yahoo.com geo.query.yahoo.com — Cisco Umbrella Rank: 3985 |
231 KB |
2 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 449 |
24 KB |
1 |
yahoo.net
1 redirects
home.comms.yahoo.net |
312 B |
10 | 3 |
Domain | Requested by | |
---|---|---|
7 | subs.communications.yahoo.com |
subs.communications.yahoo.com
|
2 | s.yimg.com |
subs.communications.yahoo.com
|
1 | geo.query.yahoo.com |
s.yimg.com
|
1 | home.comms.yahoo.net | 1 redirects |
10 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.yahoo.com |
marketingpreferences.yahoo.com |
legal.yahoo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
subs.communications.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-11-11 - 2023-02-15 |
3 months | crt.sh |
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-11-28 - 2023-01-18 |
2 months | crt.sh |
yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-12-06 - 2023-05-31 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://subs.communications.yahoo.com/yahoo_unsub.html?obfuid=Pl7k24H5cU7JCWZ-nzIMq7HZDC6BrJjquqcSXwSA2AwwaEngjpFUkITQ3D2Emo9KtLTN1mQ9c2y6tTM1MLSp4w==&c=bc5409aa-ca8c-473a-9050-d9f1f4b2d2e9&optin=ymc_hm
Frame ID: C965C080C5C391A50FBF36F2DC0033C7
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Yahoo! Newsletter UnsubscribePage URL History Show full URLs
-
https://home.comms.yahoo.net/T/v60000017cd337ef2fc0cf45f4bbcfbb48/bc5409aaca8c473a0000021ef3a0bce0/bc5409...
HTTP 302
https://subs.communications.yahoo.com/yahoo_unsub.html?obfuid=Pl7k24H5cU7JCWZ-nzIMq7HZDC6BrJjquqcSXwSA2AwwaEngjpFU... Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Yahoo Preferences
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://home.comms.yahoo.net/T/v60000017cd337ef2fc0cf45f4bbcfbb48/bc5409aaca8c473a0000021ef3a0bce0/bc5409aa-ca8c-473a-9050-d9f1f4b2d2e9?__dU__=v0G4RBKTXg2GvzBXXO0iqzhSlvbjIFSULf&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0r7FigEMozyYh1wgkggg0MCJiHrCwME8RUnaKn7nXYVg7V_ofqHVJI21i8HtqpaL0W_QuIPtXHso6MGB9LPTp9VODuA9Ikw83loOZAsrcZMIbZBI72rE2ytauomsH-3qLlNsFN-Dizc6GwERYmc5ra_M17SWePhhqs-sDksAx98oJMJKGbKOVP3psjSTTZwlq5uONuKiPqmTn1I19ymcRtq3SSsAAZZaei_uantO4xa1N47hOQP-nZfBihMgCd0U0Fg4tCsSv7MsryHVnp5p2tIKae76v2aOZeyekenzRsjk5Z42d-EuZ116JTcbSLM0GO1Kqmp2_oX165fRPjZqp4fBTiDGGRxdry-nXERnaFjQchfLvya6uCxwg-A4yyX2peQ0Qj52ddmSy4dpqOnHn6lELmwtC-_8oVMS8qzKoqzHDfovj290FFiH_5YwyIqSS5lfcUpqxENfSajW3r5Oh4eBMU-15vn-0=
HTTP 302
https://subs.communications.yahoo.com/yahoo_unsub.html?obfuid=Pl7k24H5cU7JCWZ-nzIMq7HZDC6BrJjquqcSXwSA2AwwaEngjpFUkITQ3D2Emo9KtLTN1mQ9c2y6tTM1MLSp4w==&c=bc5409aa-ca8c-473a-9050-d9f1f4b2d2e9&optin=ymc_hm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
yahoo_unsub.html
subs.communications.yahoo.com/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
denali.css
subs.communications.yahoo.com/unsubscription/css/ |
155 KB 156 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
denali-icon-font.css
subs.communications.yahoo.com/unsubscription/css/ |
57 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
subs.communications.yahoo.com/unsubscription/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
subs.communications.yahoo.com/unsubscription/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub_unsub.js
subs.communications.yahoo.com/unsubscription/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_new_logo.png
subs.communications.yahoo.com/unsubscription/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rapid-3.35.js
s.yimg.com/ss/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rapidworker-1.2.js
s.yimg.com/ss/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
yql
geo.query.yahoo.com/v1/public/ |
278 B 800 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| redirectToLogin function| redirectToUrl function| redirectToHfpUrl function| unsub_action function| sub_action function| resub_action function| cancel_action object| YAHOO function| base64 function| lzw_encode object| RawDeflate number| lastApvTime1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
subs.communications.yahoo.com/ | Name: _csrf Value: TaVOr70zhJJyBt0UydbWqO2L |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' *.yimg.com; connect-src 'self' http://geo.query.yahoo.com https://geo.query.yahoo.com; frame-ancestors 'self' |
Strict-Transport-Security | max-age=15552000 |
X-Content-Security-Policy | default-src 'self'; script-src 'self' *.yimg.com; connect-src 'self' http://geo.query.yahoo.com https://geo.query.yahoo.com; frame-ancestors 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
geo.query.yahoo.com
home.comms.yahoo.net
s.yimg.com
subs.communications.yahoo.com
159.127.198.249
2a00:1288:110:c204::b000
2a00:1288:80:807::1
06aed6526b58f72a82454cd9eddcc89178fee77615a6530248254c9be5f62fe2
2685e280c670108002387f47629f74af7b17997080b961f4821b0abfd3b0cdb3
4d1379eefb428a6be7c147d0bf1ecad7ef6aee79ec1d209a9ebc0fe44a833ff7
576a814885382e24854c3a28221c44a924609c795109f049bb5d38f10deb04e5
72d97adfd22149417ebad6cbc46b1aef4da5f101e74024bcd37da33ab4347666
979440ef30305ae33fec6c68d87b06f2d6b05192dc416dd4d33e02fd6b464022
ba14389e98ad5cd415b7ff94e4082609d049a93fa8899ecefa492b2598dd9733
d5862f793040bdf75d669ccfa4be8168dabd44aacf147bb70e4ceddb145a30eb
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2