yahoo-ioglnaccount.my03.com
Open in
urlscan Pro
159.89.125.62
Malicious Activity!
Public Scan
Effective URL: https://yahoo-ioglnaccount.my03.com/login.html
Submission: On June 11 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 8th 2022. Valid for: 3 months.
This is the only time yahoo-ioglnaccount.my03.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 159.89.125.62 159.89.125.62 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 2 | 13.225.195.104 13.225.195.104 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2001:4998:14:... 2001:4998:14:800::1001 | 14777 (YAHOO) (YAHOO) | |
10 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-104.yul62.r.cloudfront.net
sb.scorecardresearch.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
yahoo.com
fc.yahoo.com — Cisco Umbrella Rank: 1280 |
19 KB |
3 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 368 |
92 KB |
3 |
my03.com
1 redirects
yahoo-ioglnaccount.my03.com |
132 KB |
2 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com — Cisco Umbrella Rank: 133 |
645 B |
10 | 4 |
Domain | Requested by | |
---|---|---|
4 | fc.yahoo.com |
yahoo-ioglnaccount.my03.com
|
3 | s.yimg.com |
fc.yahoo.com
s.yimg.com |
3 | yahoo-ioglnaccount.my03.com |
1 redirects
yahoo-ioglnaccount.my03.com
|
2 | sb.scorecardresearch.com |
1 redirects
yahoo-ioglnaccount.my03.com
|
10 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.yahoo.com |
help.yahoo.com |
login.yahoo.com |
info.yahoo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
yahoo-ioglnaccount.my03.com cPanel, Inc. Certification Authority |
2022-06-08 - 2022-09-06 |
3 months | crt.sh |
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-06-06 - 2022-07-27 |
2 months | crt.sh |
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-05-02 - 2022-06-22 |
2 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://yahoo-ioglnaccount.my03.com/login.html
Frame ID: C5C33C7AEE7F0193181D5643EF986FFE
Requests: 10 HTTP requests in this frame
Frame:
https://s.yimg.com/rq/darla/4-10-1/html/r-csc.html
Frame ID: 496CA3C81FEC55E872F9128513880172
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Yahoo - loginPage URL History Show full URLs
-
https://yahoo-ioglnaccount.my03.com/
HTTP 302
https://yahoo-ioglnaccount.my03.com/login.html Page URL
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Trouble signing in?
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://yahoo-ioglnaccount.my03.com/
HTTP 302
https://yahoo-ioglnaccount.my03.com/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=150002529&ns_c=UTF-8&ns__t=1524568238416&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1 HTTP 302
- https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=150002529&ns_c=UTF-8&ns__t=1524568238416&c7=https%3A%2F%2Flogin.yahoo.com%2F&c14=-1
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
yahoo-ioglnaccount.my03.com/ Redirect Chain
|
130 KB 130 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
yahoo-ioglnaccount.my03.com/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p2
sb.scorecardresearch.com/ Redirect Chain
|
43 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.php
fc.yahoo.com/sdarla/php/ |
9 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
650 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.js
s.yimg.com/rq/darla/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.php
fc.yahoo.com/sdarla/php/ |
9 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.php
fc.yahoo.com/sdarla/php/ |
9 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g-r-min.js
s.yimg.com/rq/darla/4-10-1/js/ |
204 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.php
fc.yahoo.com/sdarla/php/ |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r-csc.html
s.yimg.com/rq/darla/4-10-1/html/ Frame 496C |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation number| pageStartTime object| I13N_config object| COUNTRY_CODES_MAP object| mbrConfig object| darlaConfig string| bucket string| currentURL string| comscoreBeaconUrl object| DARLA object| $sf undefined| $yac boolean| sf_auto_6-11-5-2022 object| DARLA_CONFIG object| _Y1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.scorecardresearch.com/ | Name: UID Value: 1F76fc98028521da94eeb741654934675 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fc.yahoo.com
s.yimg.com
sb.scorecardresearch.com
yahoo-ioglnaccount.my03.com
13.225.195.104
159.89.125.62
2001:4998:14:800::1001
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
1a540d6790659adf104de6f73b3be7526e1729da358976fa63f366e2ca01c58d
243cb8f0e3470eee7e823572f93f9547761d87cab747657a34fce1066835ba88
3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39
4530d183f6b42ae95bc7b2dafab9f38d1901b5c0e7f58253e35ec8e4215bacea
8c6a14a96e308f070f495f999af4e39027527d649157fe1a3ffc116870e14697
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b223f8166459e988bbbee55a5ebfc7877ca9329042052dfc4455a162fdb5cdda
b73b7a7e53d46daea54b4cd16410b6477cb90fa51cba8a1f4acb339a7ee6e879
b98ea7590c9063a6224c42574f48a62f950a834abcb976b271948f732a00e583
e06a6f13e31a1919f0f289e4f57bef81a574f0776f81ac1ff8606905aaca2279