urlscan.io logo urlscan.io
SecurityTrails logo

sso.login.y-bb.email Open in urlscan Pro
43.230.161.139  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sso.login.y-bb.email/
Effective URL: https://sso.login.y-bb.email/config/login
Submission: On December 01 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 43.230.161.139, located in Tokyo, Japan and belongs to SHOCK-1, US. The main domain is sso.login.y-bb.email.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time sso.login.y-bb.email was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo Japan (Online)

Domain & IP information

IP Address AS Autonomous System
1 2 43.230.161.139 395092 (SHOCK-1)
11 182.22.31.252 23816 (YAHOO Yah...)
1 2600:9000:206... 16509 (AMAZON-02)
6 183.79.250.251 24572 (YAHOO-JP-...)
1 54.238.41.231 16509 (AMAZON-02)
22 6
2    43.230.161.139 (Tokyo, Japan)

ASN395092 (SHOCK-1, US)
sso.login.y-bb.email
11    182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
s.yimg.jp
pvtag.yahoo.co.jp
1    2600:9000:2066:200:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.yjtag.jp
6    183.79.250.251 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
clb.yahooapis.jp
dsb.yahooapis.jp
1    54.238.41.231 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-41-231.ap-northeast-1.compute.amazonaws.com
yjtag.yahoo.co.jp
Apex Domain
Subdomains		 Transfer
10 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 10107
105 KB
6 yahooapis.jp
clb.yahooapis.jp — Cisco Umbrella Rank: 143009
dsb.yahooapis.jp — Cisco Umbrella Rank: 204251
471 B
2 yahoo.co.jp
mempf.yahoo.co.jp Failed
pvtag.yahoo.co.jp — Cisco Umbrella Rank: 460633
yjtag.yahoo.co.jp — Cisco Umbrella Rank: 25632
1 KB
2 y-bb.email
sso.login.y-bb.email
yads.c.y-bb.email Failed
19 KB
1 yjtag.jp
s.yjtag.jp — Cisco Umbrella Rank: 34649
13 KB
22 5
Domain Requested by
10 s.yimg.jp sso.login.y-bb.email
s.yimg.jp
s.yjtag.jp
5 clb.yahooapis.jp s.yimg.jp
2 sso.login.y-bb.email 1 redirects
1 dsb.yahooapis.jp s.yimg.jp
1 yjtag.yahoo.co.jp s.yjtag.jp
1 pvtag.yahoo.co.jp sso.login.y-bb.email
1 s.yjtag.jp sso.login.y-bb.email
0 mempf.yahoo.co.jp Failed s.yimg.jp
0 yads.c.y-bb.email Failed sso.login.y-bb.email
22 9
Subject Issuer Validity Valid
sso.login.y-bb.email
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-11-04 -
2023-12-03		 a year crt.sh
*.tgm.yahoo-net.jp
Cybertrust Japan SureServer CA G4		 2022-03-07 -
2023-04-06		 a year crt.sh
yjtag.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-02-02 -
2023-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.login.y-bb.email/config/login
Frame ID: 35491420119807D2024AA2CE5A43AF79
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ログイン - Yahoo! JAPAN

Page URL History Show full URLs

  1. https://sso.login.y-bb.email/ HTTP 301
    https://sso.login.y-bb.email/config/login Page URL

Page Statistics

22
Requests

91 %
HTTPS

20 %
IPv6

5
Domains

9
Subdomains

6
IPs

2
Countries

137 kB
Transfer

389 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.login.y-bb.email/ HTTP 301
    https://sso.login.y-bb.email/config/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
sso.login.y-bb.email/config/
Redirect Chain
  • https://sso.login.y-bb.email/
  • https://sso.login.y-bb.email/config/login
17 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.login.y-bb.email/config/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
43.230.161.139 Tokyo, Japan, ASN395092 (SHOCK-1, US),
Reverse DNS
Software
nginx /
Resource Hash
61f1e3fdc15000232ce83307009424bc6ad05476256c584e98e56bf49e586075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Age
0
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Dec 2022 20:04:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Age
0
Cache-Control
private
Connection
keep-alive
Content-Type
text/html
Date
Thu, 01 Dec 2022 20:04:38 GMT
Location
https://sso.login.y-bb.email/config/login
P3P
policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
login-min.css
s.yimg.jp/images/login/pc/css/login/3.0.1/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
7f1f21cfb9c83e14c3e5da8f12fe5e89f8092f67e47548ad54b549e86a9b9e66

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:58:10 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 16:32:30 GMT
server
ATS
age
388
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=600
content-length
8943
yj_r_34_2x.png
s.yimg.jp/c/logo/f/2.0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/c/logo/f/2.0/yj_r_34_2x.png
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
479928aeb69a62ed0fad13d232a754ce1d1f24787fcafd684b73ba1db32ffb5b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:55:22 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 00:33:06 GMT
server
ATS
age
556
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=600
content-length
3332
ds-custom-logger-1.1.0.min.js
s.yimg.jp/images/ds/cl/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
a66a82fd4b74e8fc2bae4f5aeb3403a0b78cadd0976700f3596c3a4ccfe42f40

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 18:58:55 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 13:47:24 GMT
server
ATS
age
3943
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
content-length
13557
login-min.js
s.yimg.jp/images/login/pc/js/login/3.6.10/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/login/pc/js/login/3.6.10/login-min.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
fd69ba2a191744c2d2f04b538bdb9c7abbe398cc9bbb2484323d356a53f025f9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:54:48 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 07:04:11 GMT
server
ATS
age
590
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
40516
mempf.js
s.yimg.jp/images/mempf/mhd/2_3_0/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/mempf/mhd/2_3_0/mempf.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
dc5e10f66c2929f889ce32ffdbde6da9de56d62cb2b8bd4d51d650fa87426e7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:57:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 04:58:30 GMT
server
ATS
age
421
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
3301
yjbfp.js
s.yimg.jp/images/login/pc/js/bfp/1.0.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/login/pc/js/bfp/1.0.0/yjbfp.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
8571293a7cd686e1eda501350e8c7e2b2175eb7ca67b0bf58a72a90fa5ad75ee

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:56:51 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 16:32:32 GMT
server
ATS
age
467
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
1474
yads-async.js
yads.c.y-bb.email/js/ 		0
0
tag.js
s.yjtag.jp/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yjtag.jp/tag.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:200:8:dcbf:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
pwVJ8CZ5CzxJk0oranYXZm0CJzsUHSFZ
content-encoding
gzip
via
1.1 b7837731fea73f358f38a6ff02d487be.cloudfront.net (CloudFront)
date
Thu, 01 Dec 2022 19:06:25 GMT
last-modified
Mon, 09 Nov 2020 01:50:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
3493
etag
W/"830cee037cbd2937feb368104dc9a35f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
v84lY1S5n5NTC8O97wkU2ZyiQ67ApA3CZYXuYGfKjalI5UhqGLlJrA==
clb
clb.yahooapis.jp/api/v1/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925078612&clSdkv=1.1.0&clRnd=RtoebdtN6Vu7U3P4lb5i9x78&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:38 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
ico_palette.png
s.yimg.jp/images/login/sp/img/theme/1.3.0/ 		512 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/images/login/sp/img/theme/1.3.0/ico_palette.png
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
9bdc87263763478099797018ae7f0ea332b466a7324bb67a08f83090856d5fb1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 20:04:14 GMT
last-modified
Tue, 25 Jan 2022 16:32:38 GMT
server
ATS
age
24
content-type
image/png
cache-control
public, max-age=600
accept-ranges
bytes
content-length
512
loading.png
s.yimg.jp/images/login/sp/img/login/1.0.0/ 		890 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/images/login/sp/img/login/1.0.0/loading.png
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
e6138d8cc3c8d3b339a2790496a7c54f496fde3eebffe8647e6e40c2ca150f6b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 20:04:07 GMT
last-modified
Tue, 25 Jan 2022 16:32:35 GMT
server
ATS
age
31
content-type
image/png
cache-control
public, max-age=600
accept-ranges
bytes
content-length
890
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925078629&clSdkv=1.1.0&clRnd=JHllPJvPo3QruJpklb5i9x7p&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:38 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925078630&clSdkv=1.1.0&clRnd=ulGSM6laaBV30Owllb5i9x7q&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:38 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925078630&clSdkv=1.1.0&clRnd=mtnPx5VH9NxS12eRlb5i9x7q&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:38 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925078632&clSdkv=1.1.0&clRnd=mVqyl7ZzWd2mHPP9lb5i9x7s&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:38 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
offer
mempf.yahoo.co.jp/v2/ 		0
0
t
pvtag.yahoo.co.jp/ 		0
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pvtag.yahoo.co.jp/t?f=2079962931&p=jp&domain=login.yahoo.co.jp&js=1&rnd=1669925078635
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 01 Dec 2022 20:04:38 GMT
last-modified
Mon, 01 Aug 2022 09:25:02 GMT
server
ATS
x-amz-request-id
4c020286-260b-4e41-a889-9960b2007593
age
0
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
text/javascript
cache-control
public
accept-ranges
bytes
content-length
0
tag
yjtag.yahoo.co.jp/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yjtag.yahoo.co.jp/tag?site=WMblwl3&referrer=https%3A%2F%2Fsso.login.y-bb.email%2Fconfig%2Flogin&H=6gb7mo7
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.41.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-41-231.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
31eff0be4ea283b18479e5b963ed86455827c6cd49e1874c5323baff73945d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:38 GMT
x-bt-requestid
62a77620-71b3-11ed-9706-0000ac1c4278
x-content-type-options
nosniff
content-encoding
gzip
etag
59fb4769a73e44cca6bb434d4bc834bf
vary
accept-encoding
content-type
text/javascript
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
ytag.js
s.yimg.jp/images/listing/tool/cv/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
9d20679cbe29a5b471e35c075afac31dc7450f060a3c350a22925e04935ae772

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 20:02:50 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 04:48:29 GMT
server
ATS
age
108
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
9790
tmual-3.0.0.min.js
s.yimg.jp/images/ds/yas/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/ds/yas/tmual-3.0.0.min.js
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
33b625cdc5b700f15276ea697418ac0329aec86d51765ecbbe7c06e0949a5b4c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 12 Nov 2022 23:38:47 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 08:55:45 GMT
server
ATS
age
1628751
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
content-length
23680
stream
dsb.yahooapis.jp/api/v1/ 		2 B
50 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dsb.yahooapis.jp/api/v1/stream
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/yas/tmual-3.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 01 Dec 2022 20:04:38 GMT
server
ATS
age
0
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://sso.login.y-bb.email
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yads.c.y-bb.email
URL
https://yads.c.y-bb.email/js/yads-async.js
Domain
mempf.yahoo.co.jp
URL
https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925078634

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo Japan (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| TLDataContext object| YAHOO object| DSCustomLogger object| sr object| ins object| __core-js_shared__ object| core undefined| img undefined| key undefined| param undefined| q undefined| p undefined| u boolean| yjbfp_init_called function| yjbfp_init function| yjbfp_get_fp function| yjbfp_is_ie function| yjbfp_get_plugins_string function| yjbfp_get_ie_plugins_string function| yjbfp_check_activex function| yjbfp_get_canvas_image function| yjbfp_send_beacon undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| bt_log function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_handle_exception function| bt_data_escaped object| BrightTag function| btServe object| yjDataLayer object| ytagapi object| YAS function| tmual function| ytag object| tmualcmds function| ualPageviewFire

4 Cookies

Domain/Path Name / Value
.sso.login.y-bb.email/ Name: B
Value: 817i7v9hoi26m&b=3&s=o9
.sso.login.y-bb.email/ Name: A
Value: 817i7v9hoi26m&sd=B&t=1669925078&u=1669925078&v=1
.sso.login.y-bb.email/ Name: XA
Value: 817i7v9hoi26m&sd=B&t=1669925078&u=1669925078&v=1
.sso.login.y-bb.email/ Name: XB
Value: 817i7v9hoi26m&b=3&s=o9

5 Console Messages

Source Level URL
Text
network error URL: https://yads.c.y-bb.email/js/yads-async.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://sso.login.y-bb.email/config/login(Line 400)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pvtag.yahoo.co.jp/t?f=2079962931&p=jp&domain=login.yahoo.co.jp&js=1&rnd=1669925078635, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://sso.login.y-bb.email/config/login(Line 400)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pvtag.yahoo.co.jp/t?f=2079962931&p=jp&domain=login.yahoo.co.jp&js=1&rnd=1669925078635, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://sso.login.y-bb.email/config/login
Message:
Access to XMLHttpRequest at 'https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925078634' from origin 'https://sso.login.y-bb.email' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925078634
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block