sso.login.y-bb.email
Open in
urlscan Pro
43.230.161.139
Malicious Activity!
Public Scan
Submission: On December 01 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time sso.login.y-bb.email was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 43.230.161.139 43.230.161.139 | 395092 (SHOCK-1) (SHOCK-1) | |
11 | 182.22.31.252 182.22.31.252 | 23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation) | |
1 | 2600:9000:206... 2600:9000:2066:1000:8:dcbf:c740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 183.79.250.123 183.79.250.123 | 24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan) | |
1 | 54.238.41.231 54.238.41.231 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 6 |
ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
clb.yahooapis.jp | |
dsb.yahooapis.jp |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-41-231.ap-northeast-1.compute.amazonaws.com
yjtag.yahoo.co.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 10107 |
105 KB |
6 |
yahooapis.jp
clb.yahooapis.jp — Cisco Umbrella Rank: 143009 dsb.yahooapis.jp — Cisco Umbrella Rank: 204251 |
471 B |
2 |
yahoo.co.jp
mempf.yahoo.co.jp Failed pvtag.yahoo.co.jp — Cisco Umbrella Rank: 460633 yjtag.yahoo.co.jp — Cisco Umbrella Rank: 25632 |
1 KB |
1 |
yjtag.jp
s.yjtag.jp — Cisco Umbrella Rank: 34649 |
13 KB |
1 |
y-bb.email
sso.login.y-bb.email yads.c.y-bb.email Failed |
18 KB |
22 | 5 |
Domain | Requested by | |
---|---|---|
10 | s.yimg.jp |
sso.login.y-bb.email
s.yimg.jp s.yjtag.jp |
5 | clb.yahooapis.jp |
s.yimg.jp
|
1 | dsb.yahooapis.jp |
s.yimg.jp
|
1 | yjtag.yahoo.co.jp |
s.yjtag.jp
|
1 | pvtag.yahoo.co.jp |
sso.login.y-bb.email
|
1 | s.yjtag.jp |
sso.login.y-bb.email
|
1 | sso.login.y-bb.email | |
0 | mempf.yahoo.co.jp Failed |
s.yimg.jp
|
0 | yads.c.y-bb.email Failed |
sso.login.y-bb.email
|
22 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.yahoo.co.jp |
support.yahoo-net.jp |
login.yahoo.co.jp |
account.edit.yahoo.co.jp |
id.yahoo.co.jp |
privacy.yahoo.co.jp |
about.yahoo.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sso.login.y-bb.email R3 |
2022-12-01 - 2023-03-01 |
3 months | crt.sh |
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2022-11-04 - 2023-12-03 |
a year | crt.sh |
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4 |
2022-03-07 - 2023-04-06 |
a year | crt.sh |
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2022-02-02 - 2023-03-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.login.y-bb.email/config/login
Frame ID: 8C05182838731E2129B61190849102C7
Requests: 22 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: ヘルプ
Search URL Search Domain Scan URL
Title: 別のYahoo! JAPAN IDでログイン
Search URL Search Domain Scan URL
Title: ログインできない場合
Search URL Search Domain Scan URL
Title: 新規取得
Search URL Search Domain Scan URL
Title: 詳しくはこちら
Search URL Search Domain Scan URL
Title: プライバシー
Search URL Search Domain Scan URL
Title: 利用規約
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
sso.login.y-bb.email/config/ |
17 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-min.css
s.yimg.jp/images/login/pc/css/login/3.0.1/ |
38 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yj_r_34_2x.png
s.yimg.jp/c/logo/f/2.0/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ds-custom-logger-1.1.0.min.js
s.yimg.jp/images/ds/cl/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-min.js
s.yimg.jp/images/login/pc/js/login/3.6.10/ |
119 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mempf.js
s.yimg.jp/images/mempf/mhd/2_3_0/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yjbfp.js
s.yimg.jp/images/login/pc/js/bfp/1.0.0/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
yads-async.js
yads.c.y-bb.email/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
s.yjtag.jp/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_palette.png
s.yimg.jp/images/login/sp/img/theme/1.3.0/ |
512 B 606 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
clb
clb.yahooapis.jp/api/v1/ |
0 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
clb
clb.yahooapis.jp/api/v1/ |
0 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
clb
clb.yahooapis.jp/api/v1/ |
0 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
clb
clb.yahooapis.jp/api/v1/ |
0 325 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.png
s.yimg.jp/images/login/sp/img/login/1.0.0/ |
890 B 980 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
clb
clb.yahooapis.jp/api/v1/ |
0 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
offer
mempf.yahoo.co.jp/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t
pvtag.yahoo.co.jp/ |
0 154 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag
yjtag.yahoo.co.jp/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytag.js
s.yimg.jp/images/listing/tool/cv/ |
31 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tmual-3.0.0.min.js
s.yimg.jp/images/ds/yas/ |
87 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
stream
dsb.yahooapis.jp/api/v1/ |
2 B 50 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- yads.c.y-bb.email
- URL
- https://yads.c.y-bb.email/js/yads-async.js
- Domain
- mempf.yahoo.co.jp
- URL
- https://mempf.yahoo.co.jp/v2/offer?position=id_signin_announce_pc&webview=0&service=email&from=mhd&page=&t=1669925076206
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo Japan (Online)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| TLDataContext object| YAHOO object| DSCustomLogger object| sr object| ins object| __core-js_shared__ object| core undefined| img undefined| key undefined| param undefined| q undefined| p undefined| u boolean| yjbfp_init_called function| yjbfp_init function| yjbfp_get_fp function| yjbfp_is_ie function| yjbfp_get_plugins_string function| yjbfp_get_ie_plugins_string function| yjbfp_check_activex function| yjbfp_get_canvas_image function| yjbfp_send_beacon undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| bt_log function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_handle_exception function| bt_data_escaped object| BrightTag function| btServe object| yjDataLayer object| ytagapi object| YAS function| tmual function| ytag object| tmualcmds function| ualPageviewFire4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sso.login.y-bb.email/ | Name: B Value: 8elm5bthoi26k&b=3&s=cf |
|
.sso.login.y-bb.email/ | Name: A Value: 8elm5bthoi26k&sd=B&t=1669925076&u=1669925076&v=1 |
|
.sso.login.y-bb.email/ | Name: XA Value: 8elm5bthoi26k&sd=B&t=1669925076&u=1669925076&v=1 |
|
.sso.login.y-bb.email/ | Name: XB Value: 8elm5bthoi26k&b=3&s=cf |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clb.yahooapis.jp
dsb.yahooapis.jp
mempf.yahoo.co.jp
pvtag.yahoo.co.jp
s.yimg.jp
s.yjtag.jp
sso.login.y-bb.email
yads.c.y-bb.email
yjtag.yahoo.co.jp
mempf.yahoo.co.jp
yads.c.y-bb.email
182.22.31.252
183.79.250.123
2600:9000:2066:1000:8:dcbf:c740:93a1
43.230.161.139
54.238.41.231
33b625cdc5b700f15276ea697418ac0329aec86d51765ecbbe7c06e0949a5b4c
3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479928aeb69a62ed0fad13d232a754ce1d1f24787fcafd684b73ba1db32ffb5b
7f1f21cfb9c83e14c3e5da8f12fe5e89f8092f67e47548ad54b549e86a9b9e66
8571293a7cd686e1eda501350e8c7e2b2175eb7ca67b0bf58a72a90fa5ad75ee
89d0f6099031a71bf76fe03c15694c17401330606108f550a7c4c0b53ca3ce7d
9bdc87263763478099797018ae7f0ea332b466a7324bb67a08f83090856d5fb1
9d20679cbe29a5b471e35c075afac31dc7450f060a3c350a22925e04935ae772
a66a82fd4b74e8fc2bae4f5aeb3403a0b78cadd0976700f3596c3a4ccfe42f40
dc5e10f66c2929f889ce32ffdbde6da9de56d62cb2b8bd4d51d650fa87426e7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6138d8cc3c8d3b339a2790496a7c54f496fde3eebffe8647e6e40c2ca150f6b
f9d8e2d6a37af5a0807ea12f39558924839f487493e10c71d4b78c245cc662b0
fd69ba2a191744c2d2f04b538bdb9c7abbe398cc9bbb2484323d356a53f025f9