tbsso.yum.com Open in urlscan Pro
168.182.16.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tbsso.yum.com/
Submission: On February 21 via automatic, source certstream-suspicious (February 21st 2023, 12:35:06 am UTC) — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 168.182.16.234, located in Ladera Ranch, United States and belongs to YUMBRANDS, US. The main domain is tbsso.yum.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 26th 2022. Valid for: a year.

This is the only time tbsso.yum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	168.182.16.234 168.182.16.234		18522 (YUMBRANDS) (YUMBRANDS)
2	1

2 168.182.16.234 (Ladera Ranch, United States)

ASN18522 (YUMBRANDS, US)

tbsso.yum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	yum.com tbsso.yum.com	10 KB
2	1

	Domain	Requested by
2	tbsso.yum.com	tbsso.yum.com
2	1

This site contains no links.

Subject Issuer	Validity	Valid
portalsso.yum.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tbsso.yum.com/
Frame ID: 358673FBECEF37790F45CBC28602CD39
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access Manager for Web - Anmeldung

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

10 kB
Transfer

11 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response tbsso.yum.com/	3 KB 2 KB	537ms 129ms	Document text/html	168.182.16.234 YUMBRANDS
General Check archive.org Show headers Download Go to Full URL https://tbsso.yum.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 168.182.16.234 Ladera Ranch, United States, ASN18522 (YUMBRANDS, US), Reverse DNS Software WebSEAL/7.0.0.0 (Build 121024) / Resource Hash `cb016ea90e010cdf1dc775f445701c0392e84be5ed982b389367560deb2dec81` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Encoding gzip Content-Length 1455 cache-control no-cache content-type text/html cteonnt-length 2883 date Tue, 21 Feb 2023 00:30:34 GMT giam-rsp-code 0x00000000 giam-rsp-text HPDBA0521I Successful completion p3p CP="NON CUR OTPi OUR NOR UNI" pragma no-cache server WebSEAL/7.0.0.0 (Build 121024) srv portal01
GET H/1.1	200 OK	fedUtil.js Show response tbsso.yum.com/js/	8 KB 8 KB	130ms 129ms	Script application/x-javascript	168.182.16.234 YUMBRANDS
General Check archive.org Show headers Download Go to Full URL https://tbsso.yum.com/js/fedUtil.js Requested by Host: tbsso.yum.com URL: https://tbsso.yum.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 168.182.16.234 Ladera Ranch, United States, ASN18522 (YUMBRANDS, US), Reverse DNS Software WebSEAL/7.0.0.0 (Build 121024) / Resource Hash `a9e61f40405197b915a94c2b528392b704596a6793cca39d8b4b646d709fd83b` Request headers accept-language de-DE,de;q=0.9 Referer https://tbsso.yum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers content-type application/x-javascript date Tue, 21 Feb 2023 00:30:35 GMT last-modified Mon, 03 Oct 2022 13:47:49 GMT server WebSEAL/7.0.0.0 (Build 121024) srv portal01 content-length 8378 p3p CP="NON CUR OTPi OUR NOR UNI"

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yum.com/	1969-12-31 23:59:59	Name: PD-S-SESSION-ID Value: 1_2_0_su4pAZS1f9eNlXD7UrkCuNFk5J0tFjWCrcTAqAdj1OkeS1mc
			tbsso.yum.com/	1969-12-31 23:59:59	Name: NSC_Qpsubm-Qspe-Op-QLJ-IUUQT Value: ffffffffabbe0c8145525d5f4f58455e445a4a42378b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tbsso.yum.com
168.182.16.234
a9e61f40405197b915a94c2b528392b704596a6793cca39d8b4b646d709fd83b
cb016ea90e010cdf1dc775f445701c0392e84be5ed982b389367560deb2dec81

tbsso.yum.com Open in urlscan Pro 168.182.16.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

10 kBTransfer

11 kBSize

2 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

Indicators

tbsso.yum.com Open in urlscan Pro
168.182.16.234 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

10 kB
Transfer

11 kB
Size

2
Cookies

2 HTTP transactions
0 data transactions