yahoo-jp.atlxu.xyz Open in urlscan Pro
88.218.193.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yahoo-jp.atlxu.xyz/
Submission: On December 07 via api (December 7th 2022, 4:00:39 pm UTC) from JP — Scanned from JP

Summary HTTP 20 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 88.218.193.18, located in Germany and belongs to XNNET, US. The main domain is yahoo-jp.atlxu.xyz.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 7th 2022. Valid for: 3 months.

This is the only time yahoo-jp.atlxu.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
18	88.218.193.18 88.218.193.18	6134 (XNNET) (XNNET)
2	183.79.248.124 183.79.248.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
20	2

18 88.218.193.18 (Germany)

ASN6134 (XNNET, US)
PTR: 88.218.193.18.static.xtom.com

yahoo-jp.atlxu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.79.248.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
PTR: edge2000.img.vip.djm.yimg.jp

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yads.yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	atlxu.xyz yahoo-jp.atlxu.xyz	414 KB
1	yahoo.co.jp yads.yjtag.yahoo.co.jp — Cisco Umbrella Rank: 59104	216 B
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 9427	654 B
20	3

	Domain	Requested by
18	yahoo-jp.atlxu.xyz	yahoo-jp.atlxu.xyz
1	yads.yjtag.yahoo.co.jp	yahoo-jp.atlxu.xyz
1	s.yimg.jp	yahoo-jp.atlxu.xyz
20	3

This site contains links to these domains. Also see Links.

Domain
www.yahoo.co.jp
support.yahoo-net.jp
rdr.yahoo.co.jp
login.yahoo.co.jp
account.edit.yahoo.co.jp
id.yahoo.co.jp
privacy.yahoo.co.jp
about.yahoo.co.jp

Subject Issuer	Validity	Valid
yahoo-jp.atlxu.xyz ZeroSSL RSA Domain Secure Site CA	`2022-12-07` - `2023-03-07`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-11-04` - `2023-12-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://yahoo-jp.atlxu.xyz/
Frame ID: 350AA852DB4C1351FF6D946186C3E794
Requests: 12 HTTP requests in this frame

Frame: https://yahoo-jp.atlxu.xyz/static/file_pc/yads-iframe.html
Frame ID: 39218400ECCBB411E342C049F5A7703B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン - Yahoo! JAPAN

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

415 kB
Transfer

413 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.co.jp/

Search URL Search Domain Scan URL

URL: https://support.yahoo-net.jp/PccLogin/s/
Title: ヘルプ

Search URL Search Domain Scan URL

URL: https://rdr.yahoo.co.jp/v1/label=L21lbXBmL2lkL3NpZ25pbi9hbm5vdW5jZV9wYy83ODA3My8xMDY3MjAvOTE3Mzg5LzE/p=mempf/d=mempf_redirect_api_log/tk=8dec6df6-7d6e-4085-b834-5afb49ed6c82/ru=aHR0cHM6Ly9yZHIueWFob28uY28uanAvdjEvbGFiZWw9TDJ4dloybHVMMmxrWjNWcFpHVXZiM1J3THcvcD1pZF9yZC9kPWxvZ2luL3RrPTUzMTQ1NWE0LWUzNzUtNGE0My04YTdiLWEwMDg4MmQ3ZGQxMy9ydT1hSFIwY0hNNkx5OXBaQzU1WVdodmJ5NWpieTVxY0M5elpXTjFjbWwwZVM5dmRIQXVhSFJ0YkEv/
Title: IDを不正利用から防ぐセキュリティ機能

Search URL Search Domain Scan URL

URL: https://rdr.yahoo.co.jp/v1/label=L21lbXBmL2lkL3NpZ25pbi9hbm5vdW5jZV9wYy83ODA3My8xMDY3MjAvOTE3Mzg5LzI/p=mempf/d=mempf_redirect_api_log/tk=8dec6df6-7d6e-4085-b834-5afb49ed6c82/ru=aHR0cHM6Ly9yZHIueWFob28uY28uanAvdjEvbGFiZWw9TDJ4dloybHVMM0J5YjIxdkwzQjNYMmx1WVdOMGFYWmwvcD1pZF9yZC9kPWxvZ2luL3RrPTUzMTQ1NWE0LWUzNzUtNGE0My04YTdiLWEwMDg4MmQ3ZGQxMy9ydT1hSFIwY0hNNkx5OXlaSE5wWnk1NVlXaHZieTVqYnk1cWNDOXNiMmRwYmk5d2NtOXRieTl3ZDE5cGJtRmpkR2wyWlM5U1ZqMHhMMUpWUFdGSVVqQmpTRTAyVEhrNWNGcEROVFZaVjJoMlluazFhbUo1TlhGalF6bDNZMjA1YTJSWFRqQmplVGwzWkRFNWNHSnRSbXBrUjJ3eVdsTTFiMlJITVhNLw/
Title: パスワードを使わず、より安全なログイン

Search URL Search Domain Scan URL

URL: https://login.yahoo.co.jp/config/login?.src=wallet&.done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet&auth_lv=pw&no_cancel_incomplete=1
Title: 戻る

Search URL Search Domain Scan URL

URL: https://login.yahoo.co.jp/config/login?.keep=1&.reg=https%3A%2F%2Faccount.edit.yahoo.co.jp%2Fregistration%3Fsrc%3Dwallet%26done%3Dhttps%253A%252F%252Fedit.wallet.yahoo.co.jp%252Fconfig%252Fwallet_signup%253F.src%253Dwallet&auth_lv=pw&referrer=change_id&no_cancel_incomplete=1&.src=wallet&.done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet
Title: 別のYahoo! JAPAN IDでログイン

Search URL Search Domain Scan URL

URL: https://account.edit.yahoo.co.jp/forgot_acct?src=wallet&done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet
Title: ログインできない場合

Search URL Search Domain Scan URL

URL: https://account.edit.yahoo.co.jp/registration?src=wallet&done=https%3A%2F%2Fedit.wallet.yahoo.co.jp%2Fconfig%2Fwallet_signup%3F.src%3Dwallet&fl=100
Title: 新規取得

Search URL Search Domain Scan URL

URL: https://id.yahoo.co.jp/security/login_theme.html?.done=https://edit.wallet.yahoo.co.jp/config/wallet_signup?.src=wallet
Title: 詳しくはこちら

Search URL Search Domain Scan URL

URL: https://privacy.yahoo.co.jp/
Title: プライバシー

Search URL Search Domain Scan URL

URL: https://about.yahoo.co.jp/common/terms/
Title: 利用規約

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
yahoo-jp.atlxu.xyz/ 14 KB
15 KB 1154ms
110ms Document
text/html 88.218.193.18
XNNET

General

Source	Level	URL Text
other	warning	URL: https://yahoo-jp.atlxu.xyz/(Line 227) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://yahoo-jp.atlxu.xyz/static/file_pc/clear(1).gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.atlxu.xyz/static/file_pc/yads_vimps.js.%E4%B8%8B%E8%BD%BD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.atlxu.xyz/static/file_pc/yads-async.js.%E4%B8%8B%E8%BD%BD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.atlxu.xyz/static/file_pc/iicon.min.js.%E4%B8%8B%E8%BD%BD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.atlxu.xyz/static/file_pc/tag Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://yahoo-jp.atlxu.xyz/static/file_pc/saved_resource Message: Failed to load resource: the server responded with a status of 404 (Not Found)

yahoo-jp.atlxu.xyz Open in urlscan Pro 88.218.193.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

415 kBTransfer

413 kBSize

1 Cookies

11 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

1 Cookies

7 Console Messages

Indicators

yahoo-jp.atlxu.xyz Open in urlscan Pro
88.218.193.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

415 kB
Transfer

413 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!