www.ybsgroup.com.my
Open in
urlscan Pro
101.99.70.216
Malicious Activity!
Public Scan
Effective URL: https://www.ybsgroup.com.my/mru/m/mail.ru/
Submission: On February 07 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on December 25th 2019. Valid for: 3 months.
This is the only time www.ybsgroup.com.my was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 101.99.70.216 101.99.70.216 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
1 | 94.100.180.59 94.100.180.59 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
1 | 94.100.180.102 94.100.180.102 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
2 | 185.5.137.178 185.5.137.178 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
1 | 193.0.170.54 193.0.170.54 | 58116 (ASMAMBA) (ASMAMBA) | |
1 | 5.61.23.11 5.61.23.11 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
17 | 7 |
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
www.ybsgroup.com.my |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: portal.mail.ru
portal.mail.ru |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: img.imgsmail.ru
img.imgsmail.ru |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: is-radar21.common.radar.imgsmail.ru
stat.radar.imgsmail.ru |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip11.23.odnoklassniki.ru
ok.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ybsgroup.com.my
1 redirects
www.ybsgroup.com.my |
98 KB |
3 |
imgsmail.ru
img.imgsmail.ru stat.radar.imgsmail.ru |
54 KB |
2 |
mail.ru
portal.mail.ru bar.love.mail.ru |
159 B |
1 |
ok.ru
ok.ru |
|
17 | 4 |
Domain | Requested by | |
---|---|---|
12 | www.ybsgroup.com.my |
1 redirects
www.ybsgroup.com.my
|
2 | stat.radar.imgsmail.ru |
www.ybsgroup.com.my
|
1 | ok.ru |
www.ybsgroup.com.my
|
1 | bar.love.mail.ru |
www.ybsgroup.com.my
|
1 | img.imgsmail.ru |
www.ybsgroup.com.my
|
1 | portal.mail.ru |
www.ybsgroup.com.my
|
17 | 6 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
autodiscover.ybsgroup.com.my Let's Encrypt Authority X3 |
2019-12-25 - 2020-03-24 |
3 months | crt.sh |
*.mail.ru GeoTrust RSA CA 2018 |
2017-12-15 - 2020-12-14 |
3 years | crt.sh |
*.imgsmail.ru GeoTrust RSA CA 2018 |
2019-07-10 - 2021-08-08 |
2 years | crt.sh |
*.radar.imgsmail.ru GeoTrust RSA CA 2018 |
2017-12-08 - 2020-04-13 |
2 years | crt.sh |
love.mail.ru GeoTrust RSA CA 2018 |
2018-12-21 - 2021-01-30 |
2 years | crt.sh |
*.ok.ru GeoTrust RSA CA 2018 |
2019-08-07 - 2021-03-21 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.ybsgroup.com.my/mru/m/mail.ru/
Frame ID: 7F85D4CC9334E6E6F324DD3FC1C24315
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.ybsgroup.com.my/mru/m/mail.ru/index.php
HTTP 301
https://www.ybsgroup.com.my/mru/m/mail.ru/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
Page Statistics
53 Outgoing links
These are links going to different origins than the main page.
Title: Mail.Ru
Search URL Search Domain Scan URL
Title: Почта0
Search URL Search Domain Scan URL
Title: Мой Мир0
Search URL Search Domain Scan URL
Title: Одноклассники0
Search URL Search Domain Scan URL
Title: Игры0
Search URL Search Domain Scan URL
Title: Знакомства
Search URL Search Domain Scan URL
Title: Новости
Search URL Search Domain Scan URL
Title: Поиск
Search URL Search Domain Scan URL
Title: Все проекты
Search URL Search Domain Scan URL
Title: Авто
Search URL Search Domain Scan URL
Title: Бонус
Search URL Search Domain Scan URL
Title: Гороскопы
Search URL Search Domain Scan URL
Title: Дети
Search URL Search Domain Scan URL
Title: Добро
Search URL Search Domain Scan URL
Title: Здоровье
Search URL Search Domain Scan URL
Title: Календарь
Search URL Search Domain Scan URL
Title: Кино
Search URL Search Domain Scan URL
Title: Леди
Search URL Search Domain Scan URL
Title: Недвижимость
Search URL Search Domain Scan URL
Title: Облако
Search URL Search Domain Scan URL
Title: Ответы
Search URL Search Domain Scan URL
Title: Погода
Search URL Search Domain Scan URL
Title: Спорт
Search URL Search Domain Scan URL
Title: ТВ программа
Search URL Search Domain Scan URL
Title: Товары
Search URL Search Domain Scan URL
Title: Hi-Tech
Search URL Search Domain Scan URL
Title: Почта для бизнеса
Search URL Search Domain Scan URL
Title: Почта для образования
Search URL Search Domain Scan URL
Title: Медиатор
Search URL Search Domain Scan URL
Title: Рейтинг сайтов
Search URL Search Domain Scan URL
Title: myTarget
Search URL Search Domain Scan URL
Title: myWidget
Search URL Search Domain Scan URL
Title: Hotbox
Search URL Search Domain Scan URL
Title: Icebox
Search URL Search Domain Scan URL
Title: Teambox
Search URL Search Domain Scan URL
Title: SeoSan
Search URL Search Domain Scan URL
Title: Агент Mail.ru
Search URL Search Domain Scan URL
Title: Браузер "Амиго"
Search URL Search Domain Scan URL
Title: Юла
Search URL Search Domain Scan URL
Title: Beepcar
Search URL Search Domain Scan URL
Title: Delivery Club
Search URL Search Domain Scan URL
Title: ICQ
Search URL Search Domain Scan URL
Title: Maps.Me
Search URL Search Domain Scan URL
Title: Мобильные приложения
Search URL Search Domain Scan URL
Title: Список всех проектов
Search URL Search Domain Scan URL
Title: Вы можете одновременно работатьс несколькими почтовыми ящиками. Узнать больше
Search URL Search Domain Scan URL
Title: Добавить почтовый ящик
Search URL Search Domain Scan URL
Title: выход
Search URL Search Domain Scan URL
Title: Регистрация
Search URL Search Domain Scan URL
Title: Вход
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Забыли пароль?
Search URL Search Domain Scan URL
Title: Регистрация в Почте
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.ybsgroup.com.my/mru/m/mail.ru/index.php
HTTP 301
https://www.ybsgroup.com.my/mru/m/mail.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.ybsgroup.com.my/mru/m/mail.ru/ Redirect Chain
|
156 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
223 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authGate.js
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external.js
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mapi.js
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2x.png
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d22345996.gif
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
43 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
counter.gif
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
43 B 83 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external.js
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mapi.js
www.ybsgroup.com.my/mru/m/mail.ru/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NaviData
portal.mail.ru/ |
0 0 |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external.min.js
img.imgsmail.ru/ph/0.50.10/ |
210 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
update
stat.radar.imgsmail.ru/ |
43 B 286 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bar
bar.love.mail.ru/jsonp/ |
5 B 159 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mapi
ok.ru/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
update
stat.radar.imgsmail.ru/ |
43 B 286 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| __PHS object| __PH object| b undefined| ISE function| __PHJSONPCallback_00 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bar.love.mail.ru
img.imgsmail.ru
ok.ru
portal.mail.ru
stat.radar.imgsmail.ru
www.ybsgroup.com.my
101.99.70.216
185.5.137.178
193.0.170.54
5.61.23.11
94.100.180.102
94.100.180.59
1f3743100795e66df210e762a0ac7e49a8bf3dd2f4db06a95c39c87013282a46
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
9d96acaf0704083c097028692a1636c2f81af1c4b7b30284d309ed500afe275a
bc265b5c52350d03cce1f1f93245c9d869f0b7606eaa928fcf679e1d551ccd52
c6c094bc0054f9cbe34102ff49f86b3928b5ac09f3d2ac87e170d0500675921f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd109c9dc20771ccc839cc319992b911f5e96c1add52a22c9f8b803c8b11273
f0d939d4b1387b516633150b8c03b3e43310e5e50dc58c1cc6ec0cc4dfac63af