Report - 87.248.114.11

Report Overview

Visited public
2023-12-04 15:58:25
Tags
URL
87.248.114.11
Finishing URL
87.248.114.11/
IP / ASN
87.248.114.11
#43428 Yahoo! UK Services Limited
Title
Yahoo

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
geo.yahoo.com	1289	1995-01-18	2012-05-25 20:50:30	2023-12-04 05:48:22	509 B	616 B	188.125.72.139
s.yimg.com	375	1997-05-14	2012-05-21 00:45:00	2023-12-03 18:22:24	916 B	63 kB	87.248.119.252
bcn.fp.yahoo.com	177512	1995-01-18	2017-02-01 09:52:08	2023-11-30 05:30:38	514 B	0 B	0.0.0.0
87.248.114.11	unknown	unknown	2017-02-07 03:02:52	2023-11-14 22:26:40	745 B	9.9 kB	87.248.114.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	87.248.114.11	Sinkholed
2023-12-04	medium	87.248.114.11	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	87.248.114.11/	ScriptElement	0 B	0001-01-01	2025-06-22
Pretty URL 87.248.114.11/ IP 87.248.114.11 ASN #43428 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-22 04:42 Times Seen5062852 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	87.248.114.11/	ScriptElement	0 B	0001-01-01	2025-06-22
Pretty URL 87.248.114.11/ IP 87.248.114.11 ASN #43428 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-22 04:42 Times Seen5062852 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - b89d8c786aa41d64172d9595e2e39520	110 B	2023-03-08 03:31	2025-06-14 10:26
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-14 10:26 Times Seen221 Hash b89d8c786aa41d64172d9595e2e39520 c93bde15b38d21057c89420e7269e0c6209530f4 a486570a17cea8a63a78106d9f1dda5675dc9cf74e43c4b70ee88a7b200eb722 Loading...

	#2 Write - 695124b822cf4d3758c98451c53b4de6	55 B	2023-03-08 03:31	2025-06-14 10:26
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-14 10:26 Times Seen221 Hash 695124b822cf4d3758c98451c53b4de6 fe3084706cac3f40194709191450889db8124b2d e3a09a936e20ac4b33b6dd6b39298fb2ed94ef94a0e488ae067f2e1f8bc42484 Loading...

	#3 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07 01:02	2025-06-22 04:41
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-22 04:41 Times Seen82796 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#4 Write - 29b3706242550db4c97aae97b5c37240	26 B	2023-03-08 03:31	2025-06-21 21:27
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-21 21:27 Times Seen227 Hash 29b3706242550db4c97aae97b5c37240 cd39816c14c3f2736252657a26834e4bfbcb88e2 f3dd71a7814b1628a459f8c8a8f281f3332caa3066e6dce84a5a4901676beae9 Loading...

	#5 Write - 0674cc816b7ed1a0ba15654900c7e386	247 B	2024-08-20 16:48	2024-08-20 16:48
Pretty Observations First Seen2024-08-20 16:48 Last Seen2024-08-20 16:48 Times Seen1 Hash 0674cc816b7ed1a0ba15654900c7e386 19d374e8ef82d9214774bfa3fe41b34ab07557f8 6790573be910c9ccffac0862c14721a4a2af7cad95455efd056698f59d204b03 Loading...

	#6 Write - 6bd808616a9d16b0cae84e2e9b4f8c0b	22 B	2023-03-08 03:31	2025-06-14 10:26
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-14 10:26 Times Seen221 Hash 6bd808616a9d16b0cae84e2e9b4f8c0b 0ef443da8f4c00e9429ab76675c553e0cdc0ec85 acdc36b27fa0a237b1272dd892fdb7b35e3ad48535a1035ba9cd275c54eab79a Loading...

	#7 Write - 40db0dea1aa812c462ea2823161f1e26	18 B	2023-03-08 03:31	2025-06-14 10:26
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-14 10:26 Times Seen221 Hash 40db0dea1aa812c462ea2823161f1e26 16005dde25ddda99832ff394cf0f0ea3be65d0c5 fb4a09993ba875fb4dd2d48a2eb1fb954cc463776b8bbacdc52ceccaa2817687 Loading...

	#8 Write - dde4e11fec7a782492e2fefaee565c5b	50 B	2023-03-08 03:31	2025-06-14 10:26
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-14 10:26 Times Seen221 Hash dde4e11fec7a782492e2fefaee565c5b 83093d7f20702843dc1015dccedd7bf08a54011d 66ab8316d9c9589b7eaf7a0087d00c21e3d55cfe160d1990abe2dc5f9591226c Loading...

	#9 Write - 1ab3d08a8e5a2117f942868ed0ae5ed6	77 B	2023-03-08 03:31	2025-06-14 10:26
Pretty Observations First Seen2023-03-08 03:31 Last Seen2025-06-14 10:26 Times Seen221 Hash 1ab3d08a8e5a2117f942868ed0ae5ed6 2ce97c95e65bfb8eb5c99654b6c3075fcf32aeae 0ba4af9c57cad2c9c8d0ba8dba8918e386c8d88dae8e2cbd0d531fd362dba774 Loading...

HTTP Transactions (6)

URL IP Response Size

GET 87.248.114.11/

87.248.114.11

404 Not Found on Accelerator

4.7 kB

URL User Request GET HTTP/1.1
87.248.114.11/
IP
87.248.114.11:80
ASN
#43428 Yahoo! UK Services Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (384)
Size
4.7 kB (4744 bytes)
Hash
5ed36093f9518351c27ae8142b198882
e79d6b34b7d9235ee75193de429c4c21eab665ed
eae13702a7b078a317ef9b2fba701af57911a6f576da4c994d3c7709cf538f83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 87.248.114.11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found on Accelerator
Date: Mon, 04 Dec 2023 15:58:09 GMT
Connection: keep-alive
Server: ATS
Cache-Control: no-store
Content-Type: text/html
Content-Language: en
Content-Length: 4744

GET 87.248.114.11/favicon.ico

87.248.114.11

404 Not Found on Accelerator

4.8 kB

URL GET HTTP/1.1
87.248.114.11/favicon.ico
IP
87.248.114.11:80
ASN
#43428 Yahoo! UK Services Limited

Requested by
http://87.248.114.11/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (384)
Size
4.8 kB (4755 bytes)
Hash
cd467a25f630546c9cd5cf586257aa5b
f63e1ea020adc4713d018627473a07a4a9d885c9
30a0e1feec7eb3d291f800214cbbe22f98ad09df1501d61d1aee444b3d52eec2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 87.248.114.11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://87.248.114.11/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found on Accelerator
Date: Mon, 04 Dec 2023 15:58:09 GMT
Connection: keep-alive
Server: ATS
Cache-Control: no-store
Content-Type: text/html
Content-Language: en
Content-Length: 4755

GET geo.yahoo.com/b?s=1197757129&t=1701705494426&err_url=http%3A%2F%2F87.248.114.11%2F&err=404&test=-&ats_host=e23.ycpi.lob.yahoo.com&rid=-&message=Not%20Found%20on%20Accelerator&source=brb

188.125.72.139

200 OK

43 B

URL GET HTTP/1.1
geo.yahoo.com/b?s=1197757129&t=1701705494426&err_url=http%3A%2F%2F87.248.114.11%2F&err=404&test=-&ats_host=e23.ycpi.lob.yahoo.com&rid=-&message=Not%20Found%20on%20Accelerator&source=brb
IP
188.125.72.139:80
ASN
#34010 Yahoo! UK Services Limited

Requested by
http://87.248.114.11/

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /b?s=1197757129&t=1701705494426&err_url=http%3A%2F%2F87.248.114.11%2F&err=404&test=-&ats_host=e23.ycpi.lob.yahoo.com&rid=-&message=Not%20Found%20on%20Accelerator&source=brb HTTP/1.1
Host: geo.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://87.248.114.11/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Mon, 04 Dec 2023 15:58:08 GMT
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
set-cookie: B=1amgeapimrtog&b=3&s=s9; expires=Tue, 03-Dec-2024 15:58:08 GMT; path=/; domain=.yahoo.com; secure
cache-control: no-cache, no-store, private
pragma: no-cache
content-length: 43
content-type: image/gif
x-envoy-upstream-service-time: 0
server: ATS
Age: 0
Connection: keep-alive

GET s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_205x58_frontpage.png

87.248.119.252

200 OK

1.2 kB

URL GET HTTP/2
s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_205x58_frontpage.png
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
http://87.248.114.11/
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
PNG image data, 205 x 58, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1154 bytes)
Hash
73bbf8bd47227f183455c2d4b5e3a8a8
17152df9ebfce3b03dfab35950a30209c3eb1e2e
8de1aec4728fb9e7dc92eba19506b89bde081f5555a8e3a963354a8f9c4afe2d

HTTP Headers

GET /rz/p/yahoo_frontpage_en-US_s_f_p_205x58_frontpage.png HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://87.248.114.11/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 0nmwb84HGWyTkIln1T305FF/OWNymcIVfaspJIMvdQ3Hz55M864QAgoDHgdEYRG3dqK86mt6FRE=
x-amz-request-id: XDGBFW74E2NS0PXE
date: Sun, 03 Dec 2023 21:18:48 GMT
last-modified: Sat, 02 Dec 2023 21:30:57 GMT
x-amz-server-side-encryption: AES256
cache-control: public,max-age=86400
accept-ranges: bytes
content-type: image/png
server: ATS
content-length: 1154
referrer-policy: no-referrer-when-downgrade
vary: Origin
etag: "73bbf8bd47227f183455c2d4b5e3a8a8"
expires: Mon, 04 Dec 2023 00:00:00 GMT
age: 67162
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET s.yimg.com/nn/img/sad-panda-201402200631.png

87.248.119.252

200 OK

60 kB

URL GET HTTP/2
s.yimg.com/nn/img/sad-panda-201402200631.png
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
http://87.248.114.11/
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
PNG image data, 2673 x 1311, 8-bit/color RGB, non-interlaced\012- data
Size
60 kB (59856 bytes)
Hash
2751275289ee8a74f64e6bfec626034d
be17d650aad1654f88ce397a454e05ba281eb6c3
20a453c98a759aa542ba2a07e1dcf31c82d545ef29377b3bcaad379ebbad66ac

HTTP Headers

GET /nn/img/sad-panda-201402200631.png HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://87.248.114.11/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: uu+0Js0qiThDcUmGX7YrQQwfN7vUTR1oSPSo+166zshb1ZP/sfmYk+X0H6C8vgRv8kc3OQ/ldkvm6PdOWStjTA==
x-amz-request-id: GAT2F7F4VD8RZ3QW
date: Sun, 03 Dec 2023 15:31:32 GMT
last-modified: Fri, 06 Jul 2018 03:00:46 GMT
etag: "2751275289ee8a74f64e6bfec626034d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Thu, 20 Feb 2014 06:31:45 GMT
x-amz-meta-mbst-etag: "YM:1:21e2bf66-5b4e-48cf-b226-54be0c87b2230004f2d0a8cc8ed9"
x-amz-meta-x-ysws-mbst-vtime: 1392877905940185
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: image/png
server: ATS
content-length: 59856
referrer-policy: no-referrer-when-downgrade
vary: Origin
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET bcn.fp.yahoo.com/p?s=1197757129&t=1701705494426&err_url=http%3A%2F%2F87.248.114.11%2F&err=404&test=-&ats_host=e23.ycpi.lob.yahoo.com&rid=-&message=Not%20Found%20on%20Accelerator&source=brb

0.0.0.0

0 B

URL GET
bcn.fp.yahoo.com/p?s=1197757129&t=1701705494426&err_url=http%3A%2F%2F87.248.114.11%2F&err=404&test=-&ats_host=e23.ycpi.lob.yahoo.com&rid=-&message=Not%20Found%20on%20Accelerator&source=brb
IP
0.0.0.0:0
ASN
#0

Requested by
http://87.248.114.11/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?s=1197757129&t=1701705494426&err_url=http%3A%2F%2F87.248.114.11%2F&err=404&test=-&ats_host=e23.ycpi.lob.yahoo.com&rid=-&message=Not%20Found%20on%20Accelerator&source=brb HTTP/1.1
Host: bcn.fp.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://87.248.114.11/
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (6)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers