urlscan.io logo urlscan.io
SecurityTrails logo

sso.login.y-bb.email Open in urlscan Pro
43.230.161.139  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://sso.login.y-bb.email/config/login
Submission: On December 01 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 43.230.161.139, located in Tokyo, Japan and belongs to SHOCK-1, US. The main domain is sso.login.y-bb.email.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time sso.login.y-bb.email was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo Japan (Online)

Domain & IP information

IP Address AS Autonomous System
1 43.230.161.139 395092 (SHOCK-1)
11 182.22.31.252 23816 (YAHOO Yah...)
1 2600:9000:206... 16509 (AMAZON-02)
6 183.79.250.123 24572 (YAHOO-JP-...)
1 54.238.41.231 16509 (AMAZON-02)
22 6
1    43.230.161.139 (Tokyo, Japan)

ASN395092 (SHOCK-1, US)
sso.login.y-bb.email
11    182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
s.yimg.jp
pvtag.yahoo.co.jp
1    2600:9000:2066:1000:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.yjtag.jp
6    183.79.250.123 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
clb.yahooapis.jp
dsb.yahooapis.jp
1    54.238.41.231 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-41-231.ap-northeast-1.compute.amazonaws.com
yjtag.yahoo.co.jp
Apex Domain
Subdomains		 Transfer
10 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 10107
105 KB
6 yahooapis.jp
clb.yahooapis.jp — Cisco Umbrella Rank: 143009
dsb.yahooapis.jp — Cisco Umbrella Rank: 204251
471 B
2 yahoo.co.jp
mempf.yahoo.co.jp Failed
pvtag.yahoo.co.jp — Cisco Umbrella Rank: 460633
yjtag.yahoo.co.jp — Cisco Umbrella Rank: 25632
1 KB
1 yjtag.jp
s.yjtag.jp — Cisco Umbrella Rank: 34649
13 KB
1 y-bb.email
sso.login.y-bb.email
yads.c.y-bb.email Failed
18 KB
22 5
Domain Requested by
10 s.yimg.jp sso.login.y-bb.email
s.yimg.jp
s.yjtag.jp
5 clb.yahooapis.jp s.yimg.jp
1 dsb.yahooapis.jp s.yimg.jp
1 yjtag.yahoo.co.jp s.yjtag.jp
1 pvtag.yahoo.co.jp sso.login.y-bb.email
1 s.yjtag.jp sso.login.y-bb.email
1 sso.login.y-bb.email
0 mempf.yahoo.co.jp Failed s.yimg.jp
0 yads.c.y-bb.email Failed sso.login.y-bb.email
22 9
Subject Issuer Validity Valid
sso.login.y-bb.email
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-11-04 -
2023-12-03		 a year crt.sh
*.tgm.yahoo-net.jp
Cybertrust Japan SureServer CA G4		 2022-03-07 -
2023-04-06		 a year crt.sh
yjtag.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-02-02 -
2023-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.login.y-bb.email/config/login
Frame ID: 8C05182838731E2129B61190849102C7
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ログイン - Yahoo! JAPAN

Page Statistics

22
Requests

91 %
HTTPS

20 %
IPv6

5
Domains

9
Subdomains

6
IPs

2
Countries

137 kB
Transfer

387 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
sso.login.y-bb.email/config/ 		17 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.login.y-bb.email/config/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
43.230.161.139 Tokyo, Japan, ASN395092 (SHOCK-1, US),
Reverse DNS
Software
nginx /
Resource Hash
f9d8e2d6a37af5a0807ea12f39558924839f487493e10c71d4b78c245cc662b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Age
1
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Dec 2022 20:04:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
login-min.css
s.yimg.jp/images/login/pc/css/login/3.0.1/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
7f1f21cfb9c83e14c3e5da8f12fe5e89f8092f67e47548ad54b549e86a9b9e66

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:58:10 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 16:32:30 GMT
server
ATS
age
386
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=600
content-length
8943
yj_r_34_2x.png
s.yimg.jp/c/logo/f/2.0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/c/logo/f/2.0/yj_r_34_2x.png
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
479928aeb69a62ed0fad13d232a754ce1d1f24787fcafd684b73ba1db32ffb5b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:55:22 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 00:33:06 GMT
server
ATS
age
554
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=600
content-length
3332
ds-custom-logger-1.1.0.min.js
s.yimg.jp/images/ds/cl/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
a66a82fd4b74e8fc2bae4f5aeb3403a0b78cadd0976700f3596c3a4ccfe42f40

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 18:58:55 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 13:47:24 GMT
server
ATS
age
3941
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
content-length
13557
login-min.js
s.yimg.jp/images/login/pc/js/login/3.6.10/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/login/pc/js/login/3.6.10/login-min.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
fd69ba2a191744c2d2f04b538bdb9c7abbe398cc9bbb2484323d356a53f025f9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:54:48 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 07:04:11 GMT
server
ATS
age
588
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
40516
mempf.js
s.yimg.jp/images/mempf/mhd/2_3_0/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/mempf/mhd/2_3_0/mempf.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
dc5e10f66c2929f889ce32ffdbde6da9de56d62cb2b8bd4d51d650fa87426e7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:57:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 04:58:30 GMT
server
ATS
age
419
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
3301
yjbfp.js
s.yimg.jp/images/login/pc/js/bfp/1.0.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/login/pc/js/bfp/1.0.0/yjbfp.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
8571293a7cd686e1eda501350e8c7e2b2175eb7ca67b0bf58a72a90fa5ad75ee

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 19:56:51 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 16:32:32 GMT
server
ATS
age
465
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
1474
yads-async.js
yads.c.y-bb.email/js/ 		0
0
tag.js
s.yjtag.jp/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yjtag.jp/tag.js
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:1000:8:dcbf:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
pwVJ8CZ5CzxJk0oranYXZm0CJzsUHSFZ
content-encoding
gzip
via
1.1 af88ab761d3892ecc27061438e5b8bae.cloudfront.net (CloudFront)
date
Thu, 01 Dec 2022 19:06:25 GMT
last-modified
Mon, 09 Nov 2020 01:50:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
3491
etag
W/"830cee037cbd2937feb368104dc9a35f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Yk7dcyQNnq0lqy7nDa4B2Q4QZY4baAGBNxRn7OL_UaDkSo6e83zE3w==
ico_palette.png
s.yimg.jp/images/login/sp/img/theme/1.3.0/ 		512 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/images/login/sp/img/theme/1.3.0/ico_palette.png
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
9bdc87263763478099797018ae7f0ea332b466a7324bb67a08f83090856d5fb1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 20:04:14 GMT
last-modified
Tue, 25 Jan 2022 16:32:38 GMT
server
ATS
age
22
content-type
image/png
cache-control
public, max-age=600
accept-ranges
bytes
content-length
512
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925076194&clSdkv=1.1.0&clRnd=JWi822oCh9N3Pwjylb5i9vc2&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925076202&clSdkv=1.1.0&clRnd=MdLCXs5gl6DyfatIlb5i9vca&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925076202&clSdkv=1.1.0&clRnd=B5mmO5VqDOyMq2pklb5i9vca&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
clb
clb.yahooapis.jp/api/v1/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925076203&clSdkv=1.1.0&clRnd=lvq2iyFGWwq7qvHslb5i9vcb&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
loading.png
s.yimg.jp/images/login/sp/img/login/1.0.0/ 		890 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/images/login/sp/img/login/1.0.0/loading.png
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
e6138d8cc3c8d3b339a2790496a7c54f496fde3eebffe8647e6e40c2ca150f6b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.yimg.jp/images/login/pc/css/login/3.0.1/login-min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 20:04:07 GMT
last-modified
Tue, 25 Jan 2022 16:32:35 GMT
server
ATS
age
29
content-type
image/png
cache-control
public, max-age=600
accept-ranges
bytes
content-length
890
clb
clb.yahooapis.jp/api/v1/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clb.yahooapis.jp/api/v1/clb?clSdk=cl-web&clHid=2079962931&clTs=1669925076205&clSdkv=1.1.0&clRnd=KaHbqucoCjaXM9Mdlb5i9vcd&clCmp=0
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/cl/ds-custom-logger-1.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sso.login.y-bb.email
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
offer
mempf.yahoo.co.jp/v2/ 		0
0
t
pvtag.yahoo.co.jp/ 		0
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pvtag.yahoo.co.jp/t?f=2079962931&p=jp&domain=login.yahoo.co.jp&js=1&rnd=1669925076207
Requested by
Host: sso.login.y-bb.email
URL: https://sso.login.y-bb.email/config/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 01 Dec 2022 20:04:36 GMT
last-modified
Mon, 01 Aug 2022 09:25:02 GMT
server
ATS
x-amz-request-id
f813de12-ad14-45c2-baea-8b240671df9e
age
0
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
text/javascript
cache-control
public
accept-ranges
bytes
content-length
0
tag
yjtag.yahoo.co.jp/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yjtag.yahoo.co.jp/tag?site=WMblwl3&referrer=https%3A%2F%2Fsso.login.y-bb.email%2Fconfig%2Flogin&H=6gb7mo7
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.41.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-41-231.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
89d0f6099031a71bf76fe03c15694c17401330606108f550a7c4c0b53ca3ce7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 20:04:36 GMT
x-bt-requestid
613b6300-71b3-11ed-b0fe-0000ac1c4979
x-content-type-options
nosniff
content-encoding
gzip
etag
8b00db6387b0421882cf4de7ef116546
vary
accept-encoding
content-type
text/javascript
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
ytag.js
s.yimg.jp/images/listing/tool/cv/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
9d20679cbe29a5b471e35c075afac31dc7450f060a3c350a22925e04935ae772

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Dec 2022 20:02:50 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 04:48:29 GMT
server
ATS
age
106
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
content-length
9790
tmual-3.0.0.min.js
s.yimg.jp/images/ds/yas/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/ds/yas/tmual-3.0.0.min.js
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
33b625cdc5b700f15276ea697418ac0329aec86d51765ecbbe7c06e0949a5b4c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sso.login.y-bb.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 12 Nov 2022 23:38:47 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 08:55:45 GMT
server
ATS
age
1628749
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
content-length
23680
stream
dsb.yahooapis.jp/api/v1/ 		2 B
50 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dsb.yahooapis.jp/api/v1/stream
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/ds/yas/tmual-3.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://sso.login.y-bb.email/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 01 Dec 2022 20:04:36 GMT
server
ATS
age
0
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://sso.login.y-bb.email
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yads.c.y-bb.email
URL
https://yads.c.y-bb.email/js/yads-async.js
Domain
mempf.yahoo.co.jp
URL
https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925076206

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo Japan (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| TLDataContext object| YAHOO object| DSCustomLogger object| sr object| ins object| __core-js_shared__ object| core undefined| img undefined| key undefined| param undefined| q undefined| p undefined| u boolean| yjbfp_init_called function| yjbfp_init function| yjbfp_get_fp function| yjbfp_is_ie function| yjbfp_get_plugins_string function| yjbfp_get_ie_plugins_string function| yjbfp_check_activex function| yjbfp_get_canvas_image function| yjbfp_send_beacon undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| bt_log function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_handle_exception function| bt_data_escaped object| BrightTag function| btServe object| yjDataLayer object| ytagapi object| YAS function| tmual function| ytag object| tmualcmds function| ualPageviewFire

4 Cookies

Domain/Path Name / Value
.sso.login.y-bb.email/ Name: B
Value: 8elm5bthoi26k&b=3&s=cf
.sso.login.y-bb.email/ Name: A
Value: 8elm5bthoi26k&sd=B&t=1669925076&u=1669925076&v=1
.sso.login.y-bb.email/ Name: XA
Value: 8elm5bthoi26k&sd=B&t=1669925076&u=1669925076&v=1
.sso.login.y-bb.email/ Name: XB
Value: 8elm5bthoi26k&b=3&s=cf

5 Console Messages

Source Level URL
Text
network error URL: https://yads.c.y-bb.email/js/yads-async.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://sso.login.y-bb.email/config/login(Line 400)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pvtag.yahoo.co.jp/t?f=2079962931&p=jp&domain=login.yahoo.co.jp&js=1&rnd=1669925076207, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://sso.login.y-bb.email/config/login(Line 400)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pvtag.yahoo.co.jp/t?f=2079962931&p=jp&domain=login.yahoo.co.jp&js=1&rnd=1669925076207, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://sso.login.y-bb.email/config/login
Message:
Access to XMLHttpRequest at 'https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925076206' from origin 'https://sso.login.y-bb.email' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925076206
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block