continuetogo.me
Open in
urlscan Pro
192.254.231.253
Malicious Activity!
Public Scan
Effective URL: https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/Y-login.html
Submission: On August 06 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 3rd 2019. Valid for: 2 years.
This is the only time continuetogo.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 192.254.231.253 192.254.231.253 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
2 | 2a00:1288:80:... 2a00:1288:80:800::7001 | 203220 (YAHOO-DEB) (YAHOO-DEB) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
continuetogo.me
continuetogo.me |
6 KB |
2 |
yimg.com
s.yimg.com |
62 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
11 | 3 |
Domain | Requested by | |
---|---|---|
8 | continuetogo.me |
continuetogo.me
|
2 | s.yimg.com |
continuetogo.me
|
1 | ajax.googleapis.com |
continuetogo.me
|
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.yahoo.com |
help.yahoo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
continuetogo.me Sectigo RSA Domain Validation Secure Server CA |
2019-12-03 - 2021-12-02 |
2 years | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-07-26 - 2021-09-15 |
2 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/Y-login.html
Frame ID: 97404F43BDE67E7071BCA3FF01CA11C8
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/index.php Page URL
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/continue-to-settings.php Page URL
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/index1.php Page URL
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/Y-login.html Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/index.php Page URL
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/continue-to-settings.php Page URL
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/index1.php Page URL
- https://continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/Y-login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index.php
continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/ |
68 B 151 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
continue-to-settings.php
continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/ |
54 B 82 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index1.php
continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/ |
56 B 107 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Y-login.html
continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/ |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo-main.css
s.yimg.com/wm/mbr/1a94d082d04d5d5366bfb6ff86dfe4d0551a3a9d/ |
281 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
s.yimg.com/rz/p/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rapid-3.53.3.js
continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
continuetogo.me/Sec=Tab=settings/id=emh3q=521485632/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
continuetogo.me/account/js-reporting/ |
746 B 746 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
continuetogo.me/account/js-reporting/ |
746 B 746 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| oldError boolean| isGoodJS object| YUI_config string| COMET_URL object| I13N_config object| darlaConfig object| challenge string| mKeyPrefix object| pwchallenge boolean| isIOSDevice function| mbrSendError function| $ function| jQuery function| funalert function| formsubmit undefined| rapidInstance function| checkAssets0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
continuetogo.me
s.yimg.com
192.254.231.253
2a00:1288:80:800::7001
2a00:1450:4001:82f::200a
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
211a4f1213f66c7fd5a54bc9f0ce98fb96e2d5647f0276b00764a6063fbb126d
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
7f9ac500ad27ca6207bde3d3473e80eb043cac0cbc3ab4eaaeaa237545d0d1fc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
f9923d83fbe8af6b11a9e19dfb61420cb8ff182bb7c65306304c55edda254bae