hndsecures.com
Open in
urlscan Pro
212.83.131.215
Malicious Activity!
Public Scan
Submission: On March 06 via automatic, source openphish
Summary
This is the only time hndsecures.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 212.83.131.215 212.83.131.215 | 12876 (AS12876 ) (AS12876 ) | |
19 | 2a00:1288:84:... 2a00:1288:84:800::1001 | 203219 (YAHOO-AMA ) (YAHOO-AMA ) | |
1 | 188.125.82.157 188.125.82.157 | 34010 (YAHOO-IRD ) (YAHOO-IRD ) | |
1 | 2.16.100.219 2.16.100.219 | 20940 (AKAMAI-ASN1 ) (AKAMAI-ASN1 ) | |
23 | 5 |
ASN12876 (AS12876 , FR)
PTR: best.getstared.tech
hndsecures.com |
ASN34010 (YAHOO-IRD , GB)
PTR: csc-beap.adx.vip.ir2.yahoo.com
csc.beap.bc.yahoo.com |
ASN20940 (AKAMAI-ASN1 , US)
PTR: a2-16-100-219.deploy.akamaitechnologies.com
b.scorecardresearch.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
yimg.com
s.yimg.com s1.yimg.com |
221 KB |
1 |
scorecardresearch.com
b.scorecardresearch.com |
43 B |
1 |
yahoo.com
mg.mail.yahoo.com Failed csc.beap.bc.yahoo.com |
43 B |
1 |
hndsecures.com
hndsecures.com |
137 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
18 | s.yimg.com |
hndsecures.com
s.yimg.com |
1 | b.scorecardresearch.com |
hndsecures.com
|
1 | csc.beap.bc.yahoo.com |
hndsecures.com
|
1 | s1.yimg.com |
hndsecures.com
|
1 | hndsecures.com | |
0 | mg.mail.yahoo.com Failed |
hndsecures.com
|
23 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
mail.yahoo.com |
overview.mail.yahoo.com |
mobile.yahoo.com |
login.yahoo.com |
help.yahoo.com |
edit.yahoo.com |
open.login.yahoo.com |
legalredirect.yahoo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.yimg.com Symantec Class 3 Secure Server CA - G4 |
2015-08-28 - 2017-08-27 |
2 years | crt.sh |
klc.yahoo.com Symantec Class 3 Secure Server CA - G4 |
2015-08-26 - 2017-08-25 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://hndsecures.com/Habinnalupdates/
Frame ID: 13775.1
Requests: 22 HTTP requests in this frame
Frame:
https://mg.mail.yahoo.com/mailfe/resources?o=iframe&src=login
Frame ID: 13775.2
Requests: 1 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: Yahoo Mail
Search URL Search Domain Scan URL
Title: About Mail
Search URL Search Domain Scan URL
Title: Features
Search URL Search Domain Scan URL
Title: Get the App
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: I can't access my account
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Create New Account
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Google
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 13- http://b.scorecardresearch.com/p?c1=2&c2=7241469&c5=150002527&c7=https%253A%252F%252Flogin.yahoo.com%253A443%252Fconfig%252Flogin_verify2%253F%2526amp%253B.src%253Dym%2526amp%253B.intl%253Dus&c14=1...
- http://b.scorecardresearch.com/p2?c1=2&c2=7241469&c5=150002527&c7=https%253A%252F%252Flogin.yahoo.com%253A443%252Fconfig%252Flogin_verify2%253F%2526amp%253B.src%253Dym%2526amp%253B.intl%253Dus&c14=...
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
hndsecures.com/Habinnalupdates/ Redirect Chain
|
137 KB 137 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yregbase_sec_ui_1_9.css
s.yimg.com/lq/i/reg/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container-min-1.css
s.yimg.com/lq/lib/reg/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_en-US_f_p_bestfit.png
s1.yimg.com/rz/d/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_container-min_json-min_connection_main-min-new.js
s.yimg.com/lq/lib/reg/js/ |
129 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g-r-min.js
s.yimg.com/rq/darla/2-7-5/js/ |
118 KB 52 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_mail_en-US_f_pw_119x34.png
s.yimg.com/rz/l/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo-login-sprite-1.4.png
s.yimg.com/sf/assets/dl/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs_0.2.js
s.yimg.com/lq/lib/3pm/ |
1 KB 891 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
resources
mg.mail.yahoo.com/mailfe/ Frame 1377 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yi
csc.beap.bc.yahoo.com/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
p2
b.scorecardresearch.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
66 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
105 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
547 B 388 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
1 KB 791 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
793 B 470 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
714 B 471 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
916 B 511 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mg.mail.yahoo.com
- URL
- https://mg.mail.yahoo.com/mailfe/resources?o=iframe&src=login
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b.scorecardresearch.com
csc.beap.bc.yahoo.com
hndsecures.com
mg.mail.yahoo.com
s.yimg.com
s1.yimg.com
mg.mail.yahoo.com
188.125.82.157
2.16.100.219
212.83.131.215
2a00:1288:84:800::1001
00f7045adf1121ad1d80dfd50ea32d4c34170edfc0b603465e7f0423f3270cc9
0a26cf131c8d2c5fbcf3f7d0c713d98eae04dcdedb6074492f7edca30674013d
116e66ccf33bad0bed77d2459288fafc7d584b6bca29314b78b9484e7496aa28
20e46815efc26472b02a7c061a2cf15c4f610e3e0bb4178d662f530671a170a8
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2aa5065e7989601cab5efe3400021a165276e240e722af34f497d058dbcf08fe
36fb8ec85b934854cfc298ad6d50fe7d2bbfa976342d27e576066e7530291d88
3819cf8f2a27e64a0fd31ed6250f9a9ea5577232cfb6f87c63c1f448c95dcff4
4440ac06b7c6236ea0f7026843a032a11139ec81ef6e2ab4d7d2bdf37ae31303
54b74d18c2ceaedc8cb8c85eea04c169673f2ed2ec3c89e83baadec258068747
575d6f5b1062e18fb9cd8e249db2587c94052f9fb0f21656150ca4b53a7805c2
5ec451b2d4efc703d24868343ea0a8af022e48d955f68bd46eb5b3b1a91cc10d
9c7f280a857ff6f1ad8cd70df8dc7b71cdb45fc7d60c774b57ff5375bc325d11
9f4d029fecc30f08ee5f7e6b12191545714a4e4968b2d2f5027f6db018c8ca14
aab2f1745c07f4401e88b1e2af8764fce77be19db1425d7f10a5481c8fdb7d33
ad9f18c0e0b55a9322ea334247020cc6dcd663e5669187b715ba610224ea2f90
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c43597601c2acdcb4408201f46769b34535e096a02c0eddc02d6de3d9134a18d
c63e2674df229b5556a507e1166871e9841340dbdb8929b8ed0916c30a6fd543
cb321f8586f713ed1a4a1a2ea8243ab6996a63f5c805d28a59eeb4fb178a8255
cbae844abf1afe1dcb40374d76db92eb45cc05056800031360ffdd91c8c51402
d01c81a759db45b4ee10bfb7db313fccb30c3b97165b42e9b9095625aa3855c9