![](/screenshots/aab75863-69a4-44d9-9b9f-2f251916e786.png)
danielglensv.buzz
Open in
urlscan Pro
2606:4700:3035::681f:41cc
Malicious Activity!
Public Scan
Submission: On February 29 via automatic, source phishtank
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 25th 2020. Valid for: 7 months.
This is the only time danielglensv.buzz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AOL (Online) Yahoo (Online)Domain & IP information
ASN10310 (YAHOO-1, US)
s.yimg.com | |
fc.yahoo.com | |
ads.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-5-61.eu-central-1.compute.amazonaws.com
oao-js-tag.onemobile.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-115-119.eu-central-1.compute.amazonaws.com
eu-central-1.onemobile.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-102-162.eu-west-2.compute.amazonaws.com
geo.moatads.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-102-103.compute-1.amazonaws.com
apx.moatads.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-219-23.compute-1.amazonaws.com
us-east-1.onemobile.yahoo.com |
ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-71.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
danielglensv.buzz
danielglensv.buzz |
560 KB |
13 |
yahoo.com
udc.yahoo.com geo.yahoo.com fc.yahoo.com oao-js-tag.onemobile.yahoo.com ads.yahoo.com eu-central-1.onemobile.yahoo.com us-east-1.onemobile.yahoo.com tag.idsync.analytics.yahoo.com pr-bh.ybp.yahoo.com service.idsync.analytics.yahoo.com |
5 KB |
8 |
moatads.com
geo.moatads.com apx.moatads.com |
2 KB |
6 |
doubleclick.net
5 redirects
cm.g.doubleclick.net googleads.g.doubleclick.net |
2 KB |
5 |
pubmatic.com
5 redirects
image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com |
3 KB |
5 |
yimg.com
l.yimg.com Failed s.yimg.com |
838 KB |
2 |
advertising.com
pixel.advertising.com |
260 B |
1 |
adtechus.com
aka-cdn.adtechus.com |
101 KB |
63 | 8 |
Domain | Requested by | |
---|---|---|
32 | danielglensv.buzz |
danielglensv.buzz
|
7 | apx.moatads.com |
danielglensv.buzz
|
5 | cm.g.doubleclick.net | 5 redirects |
5 | s.yimg.com |
danielglensv.buzz
oao-js-tag.onemobile.yahoo.com |
3 | image8.pubmatic.com | 3 redirects |
3 | ads.yahoo.com |
oao-js-tag.onemobile.yahoo.com
danielglensv.buzz |
2 | pr-bh.ybp.yahoo.com |
danielglensv.buzz
|
2 | pixel.advertising.com |
danielglensv.buzz
|
1 | service.idsync.analytics.yahoo.com |
danielglensv.buzz
|
1 | googleads.g.doubleclick.net |
danielglensv.buzz
|
1 | image4.pubmatic.com | 1 redirects |
1 | image2.pubmatic.com | 1 redirects |
1 | tag.idsync.analytics.yahoo.com |
danielglensv.buzz
|
1 | us-east-1.onemobile.yahoo.com |
danielglensv.buzz
|
1 | geo.moatads.com |
aka-cdn.adtechus.com
|
1 | eu-central-1.onemobile.yahoo.com |
oao-js-tag.onemobile.yahoo.com
|
1 | aka-cdn.adtechus.com |
danielglensv.buzz
|
1 | oao-js-tag.onemobile.yahoo.com |
danielglensv.buzz
|
1 | fc.yahoo.com |
danielglensv.buzz
|
1 | geo.yahoo.com |
danielglensv.buzz
|
1 | udc.yahoo.com |
danielglensv.buzz
|
0 | l.yimg.com Failed |
danielglensv.buzz
|
63 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.aol.com |
help.aol.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-25 - 2020-10-09 |
7 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-02-25 - 2020-04-10 |
a month | crt.sh |
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-02-13 - 2020-08-10 |
6 months | crt.sh |
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-01-27 - 2020-03-12 |
a month | crt.sh |
*.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-02-06 - 2020-08-04 |
6 months | crt.sh |
aka-cdn.adtechus.com DigiCert SHA2 Secure Server CA |
2017-10-25 - 2020-04-28 |
3 years | crt.sh |
*.onemobile.yahoo.com Amazon |
2019-08-12 - 2020-09-12 |
a year | crt.sh |
*.moatads.com DigiCert SHA2 Secure Server CA |
2019-03-12 - 2021-06-10 |
2 years | crt.sh |
*.idsync.analytics.yahoo.com DigiCert SHA2 Secure Server CA |
2019-04-17 - 2021-04-21 |
2 years | crt.sh |
pixel.advertising.com DigiCert SHA2 High Assurance Server CA |
2017-06-14 - 2020-06-18 |
3 years | crt.sh |
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-01-04 - 2020-07-02 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
service.idsync.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-10-29 - 2020-04-26 |
6 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://danielglensv.buzz/security/aol/error.php?cmd=_account-details&session=
Frame ID: 3E412AF38CA61838767868881FAF6EBD
Requests: 25 HTTP requests in this frame
Frame:
https://danielglensv.buzz/security/aol/error_files/r-sf.htm
Frame ID: 8E2BA72FBC24E58F756715E24EC9F39C
Requests: 26 HTTP requests in this frame
Frame:
https://danielglensv.buzz/security/aol/error_files/r-csc.htm
Frame ID: 920E860859913E875D411833386093D9
Requests: 3 HTTP requests in this frame
Frame:
https://danielglensv.buzz/security/aol/error_files/r-csc_data/opus-frame.htm
Frame ID: DD5BAF036775F524B7FAD1B00DB8D02E
Requests: 5 HTTP requests in this frame
Frame:
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fdanielglensv.buzz%2Fsecurity%2Faol%2Ferror.php%3Fcmd%3D_account-details%26amp%3Bsession%3D
Frame ID: 7F4167900158CF2947222FB37DA40C44
Requests: 1 HTTP requests in this frame
Frame:
https://danielglensv.buzz/security/aol/error_files/r-csc_data/sp-frame.htm
Frame ID: 4343CF0E668B5A110BB8EC04BDD41A2D
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/aab75863-69a4-44d9-9b9f-2f251916e786.png)
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 44- https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_cm&google_sc&nid=10000010048&isrmxstore=1&y=aTKox0M4TSIQorT0qQdoIBtQKUnlGBFdmDJFNg--&xid=BpPi4EIwGhXilPYvVLGhiPeE HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_cm=&google_sc=&nid=10000010048&isrmxstore=1&y=aTKox0M4TSIQorT0qQdoIBtQKUnlGBFdmDJFNg--&xid=BpPi4EIwGhXilPYvVLGhiPeE&google_tc= HTTP 302
- https://ads.yahoo.com/user-match?nid=10000010048&eid=CAESEIaDPI4i0MKFtnwhPIe_UUw&nid=10000010048&isrmxstore=1&y=aTKox0M4TSIQorT0qQdoIBtQKUnlGBFdmDJFNg--&xid=BpPi4EIwGhXilPYvVLGhiPeE&google_cver=1
- https://image8.pubmatic.com/AdServer/ImgSync?p=156198&sec=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156198%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fpr-bh.ybp.yahoo.com%252Fsync%252Fpubmatic%252F%2523PMUID&xid=63k2s89f09ltr HTTP 302
- https://image8.pubmatic.com/AdServer/ImgSync?p=156198&sec=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156198%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fpr-bh.ybp.yahoo.com%252Fsync%252Fpubmatic%252F%2523PMUID&xid=63k2s89f09ltr&rdf=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEDPS-A25MFGvLdaojL0eZ4o&google_cver=1 HTTP 302
- https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
- https://image4.pubmatic.com/AdServer/SPug?p=156198&pmc=1&pr=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fpubmatic%2F90670CF4-A8E4-4D08-AFBA-27C00CA5324B HTTP 302
- https://pr-bh.ybp.yahoo.com/sync/pubmatic/90670CF4-A8E4-4D08-AFBA-27C00CA5324B
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_hm=NjA2MDE1MDk0MzM2MjQwMTc5OQ%3d%3d&google_cm&csrc=3 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_hm=NjA2MDE1MDk0MzM2MjQwMTc5OQ%3D%3D&google_cm=&csrc=3&google_tc= HTTP 302
- https://pr-bh.ybp.yahoo.com/sync/adx?csrc=3&google_gid=CAESENzKkQ8PWCLQ46HNHnwm4HU&google_cver=1
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
error.php
danielglensv.buzz/security/aol/ |
27 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aol-main.css
danielglensv.buzz/security/aol/error_files/ |
303 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.js
danielglensv.buzz/security/aol/error_files/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g-r-min.js
danielglensv.buzz/security/aol/error_files/ |
205 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aol-logo-black-v.png
danielglensv.buzz/security/aol/error_files/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aol-logo-white-v0.png
danielglensv.buzz/security/aol/error_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rapid-3.js
danielglensv.buzz/security/aol/error_files/ |
46 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
danielglensv.buzz/security/aol/error_files/ |
137 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.php
danielglensv.buzz/security/aol/error_files/ |
20 KB 8 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
g-r-min.js
l.yimg.com/rq/darla/3-22-0/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r-sf.htm
danielglensv.buzz/security/aol/error_files/ Frame 8E2B |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capslock-v0.0.2.svg
s.yimg.com/wm/mbr/images/ |
971 B 755 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hide-v0.0.1.svg
s.yimg.com/wm/mbr/images/ |
860 KB 646 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fuji-spinner-1.0.1.svg
s.yimg.com/wm/modern/images/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
yql
udc.yahoo.com/v2/public/ |
0 626 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
c
geo.yahoo.com/ |
43 B 603 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n.htm
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
79 B 127 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfext-min.js
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
64 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adServe.js
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
2 KB 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adEvent.gif
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
43 B 115 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Field_Evergreen_PlayNow_1440x1024.jpg
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
186 KB 186 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-user-id
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
1 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.htm
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.txt
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ImgSync.txt
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match.htm
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.txt
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moatad.js
danielglensv.buzz/security/aol/error_files/r-sf_data/ Frame 8E2B |
306 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.js
s.yimg.com/rq/darla/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r-csc.htm
danielglensv.buzz/security/aol/error_files/ Frame 920E |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.php
fc.yahoo.com/sdarla/php/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adServe.do
oao-js-tag.onemobile.yahoo.com/admax/ Frame 8E2B |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moatad.js
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 8E2B |
306 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-user-id
ads.yahoo.com/ Frame 8E2B |
0 239 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adEvent.do
eu-central-1.onemobile.yahoo.com/admax/ Frame 8E2B |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Field_Evergreen_PlayNow_1440x1024.jpg
s.yimg.com/cv/ae/default/160912/ Frame 8E2B |
186 KB 186 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n.js
geo.moatads.com/ Frame 8E2B |
119 B 293 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-user-id
ads.yahoo.com/ Frame 8E2B |
0 46 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adEvent.do
us-east-1.onemobile.yahoo.com/admax/ Frame 8E2B |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adcount2.txt
danielglensv.buzz/security/aol/error_files/r-csc_data/ Frame 920E |
1 B 65 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.js
danielglensv.buzz/security/aol/error_files/r-csc_data/ Frame 920E |
1 KB 574 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opus-frame.htm
danielglensv.buzz/security/aol/error_files/r-csc_data/ Frame DD5B |
591 B 239 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 7F41 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-frame.htm
danielglensv.buzz/security/aol/error_files/r-csc_data/ Frame 4343 |
271 B 170 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user-match
ads.yahoo.com/ Frame 8E2B Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pixel.advertising.com/ups/56465/ Frame 8E2B |
0 124 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
90670CF4-A8E4-4D08-AFBA-27C00CA5324B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8E2B Redirect Chain
|
43 B 90 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
googleads.g.doubleclick.net/xbbe/ Frame 8E2B |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adx
pr-bh.ybp.yahoo.com/sync/ Frame 8E2B Redirect Chain
|
0 867 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opus-frame.js
danielglensv.buzz/security/aol/error_files/r-csc_data/opus-frame_data/ Frame DD5B |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.js
danielglensv.buzz/security/aol/error_files/r-csc_data/opus-frame_data/ Frame DD5B |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datax.js
danielglensv.buzz/security/aol/error_files/r-csc_data/opus-frame_data/ Frame DD5B |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-frame.js
danielglensv.buzz/security/aol/error_files/r-csc_data/sp-frame_data/ Frame 4343 |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.json
danielglensv.buzz/tag/config/ Frame DD5B |
315 B 242 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4343 |
38 B 242 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rt
pixel.advertising.com/ups/86/ |
0 136 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
apx.moatads.com/ |
43 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- l.yimg.com
- URL
- http://l.yimg.com/rq/darla/3-22-0/js/g-r-min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AOL (Online) Yahoo (Online)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| oldError boolean| isGoodJS object| YUI_config string| COMET_URL object| I13N_config object| darlaConfig object| challenge string| mKeyPrefix object| pwchallenge boolean| isIOSDevice function| mbrSendError object| DARLA object| $sf undefined| $yac boolean| sf_auto_6-29-1-2020 undefined| Y object| _Y object| YAHOO object| rapidInstance object| jsModules boolean| mbrJSLoaded function| checkAssets number| lastApvTime object| DARLA_CONFIG object| Moat#G26 boolean| Moat#EVA object| MoatSuperV267 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yahoo.com/ | Name: GUC Value: AQEBAQFeWy1eY0IelARa |
|
.yahoo.com/ | Name: A3 Value: d=AQABBMTbWV4CEAMC-fm4du8KsGRa6K9EpMgFEgEBAQEtW15jXgAAAAAA_SMAAAcIxNtZXgKKUvQ&S=AQAAAjQ3r9OdWguBEQHdi82ycw4 |
|
.yahoo.com/ | Name: B Value: f8kka09f5jmu4&b=3&s=38 |
|
danielglensv.buzz/ | Name: nexagesuid Value: c8db4e54869e48c683a44df92a825a02 |
|
danielglensv.buzz/ | Name: nexagesd Value: 1 |
|
.danielglensv.buzz/ | Name: rxx Value: 7qsl8up0lp.1uerbym3&v=1 |
|
.danielglensv.buzz/ | Name: __cfduid Value: d9abf20f0f3fc2ebaca5973a05345fea11582947267 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
aka-cdn.adtechus.com
apx.moatads.com
cm.g.doubleclick.net
danielglensv.buzz
eu-central-1.onemobile.yahoo.com
fc.yahoo.com
geo.moatads.com
geo.yahoo.com
googleads.g.doubleclick.net
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
l.yimg.com
oao-js-tag.onemobile.yahoo.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
s.yimg.com
service.idsync.analytics.yahoo.com
tag.idsync.analytics.yahoo.com
udc.yahoo.com
us-east-1.onemobile.yahoo.com
l.yimg.com
152.195.51.15
152.199.21.65
185.64.189.110
185.64.189.114
185.64.189.216
216.58.208.34
2606:4700:3035::681f:41cc
2a00:1288:110:c204::b000
2a00:1288:110:c304::1000
2a00:1288:110:c305::8000
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2002
3.126.5.61
3.225.219.23
3.9.102.162
35.158.17.58
52.57.115.119
52.58.138.71
54.91.102.103
0b02ed7bfe761e20e4d0e3cb6508b7a826ae3de522f8dc3e3bb298f5f3548213
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
0e2db19684570a3cda1ec5a2f03c334e7886bffb2d7ad12f90711cf4a7cb9a67
119acd68e288f17e86722a67e341ec74f7f6a377ec8e15b3914245f57caf6fbf
186034da48941b64b5f6b4d8a0176fb86e2ad6adda436b8eeef521b0166d06c5
20501e0d4308d543186f13c3880e653f730eec648b54fbc57f016c680c7cfd3c
22a1235f2868d43c126f18681582ec924f44e3cc3a9605e0be068f5547bb9875
399b130c78d6cf2360018852bb5ae44e56a0f51d2315261b00cb01799d6692f4
3c26ae54b8f91d36800fee4923890af6720787040e1dc5244b144c4163e94ec2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49db64b5602eff79716cebda9d648fc0c6d2c070e2056597cda2e573f28f3ee3
5db9cfa0d2d18cd71482a5dc229846bfef8bb069b0a20c00a657b6de200d3610
61b0f9487a05377c92821a2f8a88ecee966f388af3c4f5af771923263866a1ea
965d175e9c4ebc495d9a557f8aec24cfb5bf6587bd587c1d20cafa02c9726424
97fc5d20aeee4034f86fdc447f1cd174ceb7fbb372891a65bea9625213cade28
a02c012d740e6ee5cd18bb48e7e5283dc653825d6037eb3790bc8a112b9c6a76
a224b679226c104d079f6453ffb4ccd56431e339c74c5cbe157a731a92cdece2
a8ce16e3e81873ddcc952b5029fdb0d75bd8e7e18df5a8ec098bfb96a9ac9d26
abfa8e287056b70fed2f905ace17aa9d83b6b28520e76fa6c57d2ced279ad96e
accf600d648a00b52c33361d8dc738417f1338ca57180a6f3485abebb0a10fc7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3465ebae9ed745bfac2bed0594f0c946dffdfde99de81a9255f85859eba3ac1
beda8529987050b39a783175fffb8a7e7aea1049f14487da7eb388c2ddb2183e
cab0e68ab4dae4c2ea77f3f6d24cc2ddce014ba497b73641b1bf2aa3a8c76406
cc2430394a08bb1e6c450b266a10ce6d58a44f7557a3bea9bce39ae74a6fc830
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ecaea4f4b91a678f16b572dbe3c9dc7212d1437a97a31f84ae74c167d5a4db
d300dfa15f03b69af93f2d43d072670cf7d8ed3c19dff0813bc72c0aa9b7ef0b
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7c5394a6a6b9c23bd61736e2ca40f82c9f0919a49289ee73df21c2bacfc1f5d
da642ce57fc367632416ec16c313f89102cd14c5a2801480e7a46bac30e8e3bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1322f4e6e2509a4448b85a1b820d38b5dd43e0be49c999477d2c0e859993db
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f3e22262b472ee52e51e9f053856daf9a3f7ce59dd66d51f201f1ee7faaf5690
f59f4ec00a4b247b74174c6ff6310eeead448a18f8bc22d1b47a1043d0bdff96
f67d20d836b560c0ea649b4f6e10df5e13bcd2a087f9ae54c0d246edac6160ce