yahoo-jp.xshost.co Open in urlscan Pro
88.218.193.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yahoo-jp.xshost.co/
Submission: On December 07 via api (December 7th 2022, 3:02:17 pm UTC) from JP — Scanned from JP

Summary HTTP 20 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 88.218.193.18, located in Germany and belongs to XNNET, US. The main domain is yahoo-jp.xshost.co.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 6th 2022. Valid for: 3 months.

This is the only time yahoo-jp.xshost.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
18	88.218.193.18 88.218.193.18	6134 (XNNET) (XNNET)
2	182.22.16.123 182.22.16.123	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
20	2

18 88.218.193.18 (Germany)

ASN6134 (XNNET, US)
PTR: 88.218.193.18.static.xtom.com

yahoo-jp.xshost.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.22.16.123 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yads.yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xshost.co yahoo-jp.xshost.co	414 KB
1	yahoo.co.jp yads.yjtag.yahoo.co.jp — Cisco Umbrella Rank: 59104	243 B
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 9427	654 B
20	3

	Domain	Requested by
18	yahoo-jp.xshost.co	yahoo-jp.xshost.co
1	yads.yjtag.yahoo.co.jp	yahoo-jp.xshost.co
1	s.yimg.jp	yahoo-jp.xshost.co
20	3

This site contains links to these domains. Also see Links.

Domain
www.yahoo.co.jp
support.yahoo-net.jp
rdr.yahoo.co.jp
login.yahoo.co.jp
account.edit.yahoo.co.jp
id.yahoo.co.jp
privacy.yahoo.co.jp
about.yahoo.co.jp

Subject Issuer	Validity	Valid
yahoo-jp.xshost.co ZeroSSL RSA Domain Secure Site CA	`2022-12-06` - `2023-03-06`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-11-04` - `2023-12-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://yahoo-jp.xshost.co/
Frame ID: 2A158915FE1AD2D3EB072F4BDE81C9BA
Requests: 12 HTTP requests in this frame

Frame: https://yahoo-jp.xshost.co/static/file_pc/yads-iframe.html
Frame ID: 9D22056106D55AE6C63889881D7C2C3C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン - Yahoo! JAPAN

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

415 kB
Transfer

413 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.co.jp/

Search URL Search Domain Scan URL

URL: https://support.yahoo-net.jp/PccLogin/s/
Title: ヘルプ

Search URL Search Domain Scan URL

URL: https://rdr.yahoo.co.jp/v1/label=L21lbXBmL2lkL3NpZ25pbi9hbm5vdW5jZV9wYy83ODA3My8xMDY3MjAvOTE3Mzg5LzE/p=mempf/d=mempf_redirect_api_log/tk=8dec6df6-7d6e-4085-b834-5afb49ed6c82/ru=aHR0cHM6Ly9yZHIueWFob28uY28uanAvdjEvbGFiZWw9TDJ4dloybHVMMmxrWjNWcFpHVXZiM1J3THcvcD1pZF9yZC9kPWxvZ2luL3RrPTUzMTQ1NWE0LWUzNzUtNGE0My04YTdiLWEwMDg4MmQ3ZGQxMy9ydT1hSFIwY0hNNkx5OXBaQzU1WVdodmJ5NWpieTVxY0M5elpXTjFjbWwwZVM5dmRIQXVhSFJ0YkEv/
Title: IDを不正利用から防ぐセキュリティ機能

Search URL Search Domain Scan URL

URL: https://rdr.yahoo.co.jp/v1/label=L21lbXBmL2lkL3NpZ25pbi9hbm5vdW5jZV9wYy83ODA3My8xMDY3MjAvOTE3Mzg5LzI/p=mempf/d=mempf_redirect_api_log/tk=8dec6df6-7d6e-4085-b834-5afb49ed6c82/ru=aHR0cHM6Ly9yZHIueWFob28uY28uanAvdjEvbGFiZWw9TDJ4dloybHVMM0J5YjIxdkwzQjNYMmx1WVdOMGFYWmwvcD1pZF9yZC9kPWxvZ2luL3RrPTUzMTQ1NWE0LWUzNzUtNGE0My04YTdiLWEwMDg4MmQ3ZGQxMy9ydT1hSFIwY0hNNkx5OXlaSE5wWnk1NVlXaHZieTVqYnk1cWNDOXNiMmRwYmk5d2NtOXRieTl3ZDE5cGJtRmpkR2wyWlM5U1ZqMHhMMUpWUFdGSVVqQmpTRTAyVEhrNWNGcEROVFZaVjJoMlluazFhbUo1TlhGalF6bDNZMjA1YTJSWFRqQmplVGwzWkRFNWNHSnRSbXBrUjJ3eVdsTTFiMlJITVhNLw/
Title: パスワードを使わず、より安全なログイン

Search URL Search Domain Scan URL

URL: https://login.yahoo.co.jp/config/login?.src=wallet&.done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet&auth_lv=pw&no_cancel_incomplete=1
Title: 戻る

Search URL Search Domain Scan URL

URL: https://login.yahoo.co.jp/config/login?.keep=1&.reg=https%3A%2F%2Faccount.edit.yahoo.co.jp%2Fregistration%3Fsrc%3Dwallet%26done%3Dhttps%253A%252F%252Fedit.wallet.yahoo.co.jp%252Fconfig%252Fwallet_signup%253F.src%253Dwallet&auth_lv=pw&referrer=change_id&no_cancel_incomplete=1&.src=wallet&.done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet
Title: 別のYahoo! JAPAN IDでログイン

Search URL Search Domain Scan URL

URL: https://account.edit.yahoo.co.jp/forgot_acct?src=wallet&done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet
Title: ログインできない場合

Search URL Search Domain Scan URL

URL: https://account.edit.yahoo.co.jp/registration?src=wallet&done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet&fl=100
Title: 新規取得

Search URL Search Domain Scan URL

URL: https://id.yahoo.co.jp/security/login_theme.html?.done=https://edit.wallet.yahoo.co.jp/config/wallet_signup?.src=wallet
Title: 詳しくはこちら

Search URL Search Domain Scan URL

URL: https://privacy.yahoo.co.jp/
Title: プライバシー

Search URL Search Domain Scan URL

URL: https://about.yahoo.co.jp/common/terms/
Title: 利用規約

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
yahoo-jp.xshost.co/ 14 KB
15 KB 1208ms
112ms Document
text/html 88.218.193.18
XNNET

General

Source	Level	URL Text
other	warning	URL: https://yahoo-jp.xshost.co/(Line 227) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://yahoo-jp.xshost.co/static/file_pc/clear(1).gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.xshost.co/static/file_pc/yads-async.js.%E4%B8%8B%E8%BD%BD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.xshost.co/static/file_pc/yads_vimps.js.%E4%B8%8B%E8%BD%BD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.xshost.co/static/file_pc/tag Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.xshost.co/static/file_pc/iicon.min.js.%E4%B8%8B%E8%BD%BD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.xshost.co/static/file_pc/saved_resource Message: Failed to load resource: the server responded with a status of 404 (Not Found)

yahoo-jp.xshost.co Open in urlscan Pro 88.218.193.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

415 kBTransfer

413 kBSize

1 Cookies

11 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

1 Cookies

7 Console Messages

Indicators

yahoo-jp.xshost.co Open in urlscan Pro
88.218.193.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

415 kB
Transfer

413 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!