yahoo-oku.com
Open in
urlscan Pro
160.20.59.33
Malicious Activity!
Public Scan
Submission: On December 03 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on December 1st 2021. Valid for: a year.
This is the only time yahoo-oku.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 160.20.59.33 160.20.59.33 | 133115 (HKKFGL-AS...) (HKKFGL-AS-AP HK Kwaifong Group Limited) | |
3 | 183.79.219.252 183.79.219.252 | 24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan) | |
1 | 182.22.28.252 182.22.28.252 | 23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation) | |
1 | 182.22.31.252 182.22.31.252 | 23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation) | |
15 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
yahoo-oku.com
yahoo-oku.com |
94 KB |
5 |
yahoo.co.jp
logql.yahoo.co.jp mempf.yahoo.co.jp pvtag.yahoo.co.jp |
2 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
10 | yahoo-oku.com |
yahoo-oku.com
|
3 | logql.yahoo.co.jp |
yahoo-oku.com
|
1 | pvtag.yahoo.co.jp |
yahoo-oku.com
|
1 | mempf.yahoo.co.jp |
yahoo-oku.com
|
15 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.yahoo.co.jp |
login.yahoo.co.jp |
account.edit.yahoo.co.jp |
id.yahoo.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
yahoo-aut.com TrustAsia TLS RSA CA |
2021-12-01 - 2022-11-30 |
a year | crt.sh |
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2021-11-24 - 2022-12-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://yahoo-oku.com/login-m.html
Frame ID: A2FB596CDEF157C1A45B17AB71E05030
Requests: 15 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Yahoo! JAPAN
Search URL Search Domain Scan URL
Title: 別のYahoo! JAPAN IDでログイン
Search URL Search Domain Scan URL
Title: ログインできない場合
Search URL Search Domain Scan URL
Title: IDを新しく取得する
Search URL Search Domain Scan URL
Title: テーマとは
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login-m.html
yahoo-oku.com/ |
24 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-min.css
yahoo-oku.com/m/css/ |
32 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
items11-min.css
yahoo-oku.com/m/css/ |
647 B 851 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rapidjp-1.0.0.js
yahoo-oku.com/m/js/ |
51 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-min.js
yahoo-oku.com/m/js/ |
192 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mempf.js
yahoo-oku.com/m/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yjbfp.js
yahoo-oku.com/m/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yj_r_34_2x.png
yahoo-oku.com/m/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_palette.png
yahoo-oku.com/m/img/ |
512 B 717 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
yql
logql.yahoo.co.jp/v1/public/ |
239 B 752 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.png
yahoo-oku.com/m/img/ |
890 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
yql
logql.yahoo.co.jp/v1/public/ |
239 B 236 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer
mempf.yahoo.co.jp/v2/ |
42 B 180 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t
pvtag.yahoo.co.jp/ |
512 B 915 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
yql
logql.yahoo.co.jp/v1/public/ |
239 B 236 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo Japan (Online)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler boolean| isMobile object| TLDataContext object| YAHOO object| sr object| ins object| __core-js_shared__ object| core undefined| img undefined| key undefined| param undefined| q undefined| p undefined| u function| parseUserAgent boolean| yjbfp_init_called function| yjbfp_init function| yjbfp_get_fp function| yjbfp_is_ie function| yjbfp_get_plugins_string function| yjbfp_get_ie_plugins_string function| yjbfp_check_activex function| yjbfp_get_canvas_image function| yjbfp_send_beacon1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yahoo.co.jp/ | Name: XB Value: 2ictsb9gqiqfh&b=3&s=qt |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
logql.yahoo.co.jp
mempf.yahoo.co.jp
pvtag.yahoo.co.jp
yahoo-oku.com
160.20.59.33
182.22.28.252
182.22.31.252
183.79.219.252
116f8df504ed581730d2f4e3c1700f53cd5cb35d922fb5b2d233d9c0bf14e19e
2c698446b847e62e4990866efdeb15fc61e7d6cbcdf0edf7141d96dd585c71c7
479928aeb69a62ed0fad13d232a754ce1d1f24787fcafd684b73ba1db32ffb5b
4f27119ad3bb9f5a4c8597047d9cd2f6d0816780bd294a541f9cdd89edf6a8e7
8571293a7cd686e1eda501350e8c7e2b2175eb7ca67b0bf58a72a90fa5ad75ee
8fc22298b6c758c2a601cedae1718b0c01463af2e7b13859a85cb6bcdca2720a
945165ab94040f82bd1f37628307821394b98f6c49499444e03889ba6d37f1b6
9bdc87263763478099797018ae7f0ea332b466a7324bb67a08f83090856d5fb1
abc439730ca33e03e8903149a2deca2e9ee9626fef402cf39a9015b79b4569da
c3e34ffbe9a638db643cb43fdf0d56d67467367f8e61475a0ffa63cc6948d28e
e09a18155a371d929a3ee9d88ab06b6a5dec3cc2c9c061a7c3ced68122bb7932
e6138d8cc3c8d3b339a2790496a7c54f496fde3eebffe8647e6e40c2ca150f6b
fa7648d40b5c99c761ba86d1297a5e9d94c3cdc02acca662ee1d73bdbeb558e8