yabatechunevoc.org
Open in
urlscan Pro
66.147.230.55
Malicious Activity!
Public Scan
Effective URL: https://yabatechunevoc.org/phocadownload/userupload/new/
Submission: On May 06 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 6th 2024. Valid for: 3 months.
This is the only time yabatechunevoc.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Excel / PDF download (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 66.147.230.55 66.147.230.55 | 23535 (HOSTROCKET) (HOSTROCKET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 23.1.167.209 23.1.167.209 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
14 | 3 |
ASN23535 (HOSTROCKET, US)
PTR: lotus.hostnownow.com
yabatechunevoc.org |
ASN16625 (AKAMAI-AS, US)
PTR: a23-1-167-209.deploy.static.akamaitechnologies.com
img.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
yabatechunevoc.org
yabatechunevoc.org |
129 KB |
1 |
secureserver.net
img.secureserver.net — Cisco Umbrella Rank: 874637 |
379 B |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
12 | yabatechunevoc.org |
yabatechunevoc.org
|
1 | img.secureserver.net | |
1 | fonts.gstatic.com |
yabatechunevoc.org
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
yabatechunevoc.org R3 |
2024-03-06 - 2024-06-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-10-10 - 2024-11-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://yabatechunevoc.org/phocadownload/userupload/new/
Frame ID: 5A7A0E9BA487EA5787C7BA407AC56C20
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
TEMPLATEPage URL History Show full URLs
-
http://yabatechunevoc.org/phocadownload/userupload/new/
HTTP 307
https://yabatechunevoc.org/phocadownload/userupload/new/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://yabatechunevoc.org/phocadownload/userupload/new/
HTTP 307
https://yabatechunevoc.org/phocadownload/userupload/new/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
yabatechunevoc.org/phocadownload/userupload/new/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
2 KB 599 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load.js
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcc_l.combined.1.0.6.min.js
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.PNG
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdf.png
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.PNG
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
627 B 681 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.PNG
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exl.png
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
82 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
yabatechunevoc.org/phocadownload/userupload/new/dc/ |
25 KB 8 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
img.secureserver.net/t/1/tl/ |
43 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pdf.png
yabatechunevoc.org/phocadownload/userupload/new/dialog/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Excel / PDF download (Online)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| DialogBox object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
yabatechunevoc.org/ | Name: _tccl_visitor Value: 2a9d6758-9898-447c-9647-0971e84ee60d |
|
yabatechunevoc.org/ | Name: _tccl_visit Value: 2a9d6758-9898-447c-9647-0971e84ee60d |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
img.secureserver.net
yabatechunevoc.org
23.1.167.209
2a00:1450:4001:811::2003
66.147.230.55
0dad9de25612690bf1663755146bbcdf88bbd480e636a18c8f09bfa25aa43119
33986419b15ed9edc46166e667818cd1fd618817291d7a2191a77f7c3981d039
35b02ba9f4aa5974cbd125bd2f412b1cb0f23ab857db4110ae1154b26bcc7fc4
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
4ed0ea868553a7e9a221e988291a4d2af70db67272be0217e85f097e97aa872f
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
620cc31644f75a48dd580299450b9f9e6b1cb89d3e1b516fe9957c612220facb
69fc64a3345678ad28e5eab4841a80c6143283c0b3b6358a59bbaa6e41530ded
7f3cc1623874bfae8e6e5df50371f3941659d87fbfdc0267f66182902f416a69
9c32bcde657d4e63597e6166524851dd5ccd30a2fc203c7bdb60332a9a227e0a
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
fc967b1b490a1e897d4037c7bdf509b81dec433a56b91ea1c497a34ad58c8483