Report - me-gold.hu/sine/yahoo/app/auth.php

Report Overview

Submitted URL
me-gold.hu/sine/yahoo/app/auth.php
IP
193.142.209.24
ASN
#12301 Invitech ICT Services Kft.
Submitted
2024-04-25 18:13:32
Access
public
Website Title
Yahoo
Final URL
me-gold.hu/sine/yahoo/app/auth.php
Tags
yahoo phishing
urlquery detections
Phishing - Yahoo

Detections

urlquery
7
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
me-gold.hu	unknown	2007-06-06	2014-04-09	2024-02-22	3.2 kB	544 kB	193.142.209.24
s.yimg.com	375	1997-05-14	2012-05-21	2024-04-25	2.5 kB	782 kB	87.248.119.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	me-gold.hu/sine/yahoo/app/auth.php	0 B	2023-03-07	2024-05-05
Pretty URL me-gold.hu/sine/yahoo/app/auth.php IP 193.142.209.24 ASN #12301 Invitech ICT Services Kft. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 14:29:01 Times Seen37359412 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (11)

URL IP Response Size

me-gold.hu/sine/yahoo/libraries/main.css

193.142.209.24

200 OK

527 kB

URL GET HTTP/2
me-gold.hu/sine/yahoo/libraries/main.css
IP
193.142.209.24:443
ASN
#12301 Invitech ICT Services Kft.

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerLet's Encrypt
Subjectme-gold.hu
Fingerprint2D:1E:0A:67:75:D9:46:2C:A0:BB:94:BE:B5:7D:A8:C1:6B:CD:29:7C
ValidityTue, 23 Apr 2024 23:01:45 GMT - Mon, 22 Jul 2024 23:01:44 GMT

File type
ASCII text, with very long lines (42867)
Size
527 kB (526993 bytes)
Hash
89c43554ebb90085fa0949ddfb9db9c9
c2435a55b607101d4cf40e52614614b6c5244f09
153fa24a836bcba71a95f5852d592b050dd164df2006ed34c909cfb776605870

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /sine/yahoo/libraries/main.css HTTP/1.1
Host: me-gold.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/sine/yahoo/app/auth.php
Cookie: PHPSESSID=1e92e069712fa33efa9c95dac179bd90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 14:18:56 GMT
accept-ranges: bytes
content-length: 526993
content-type: text/css
date: Thu, 25 Apr 2024 18:13:07 GMT
server: Apache
X-Firefox-Spdy: h2

me-gold.hu/sine/yahoo/libraries/frontpage_en-US_s_f_p_bestfit_frontpage_2x.png

193.142.209.24

200 OK

1.3 kB

URL GET HTTP/2
me-gold.hu/sine/yahoo/libraries/frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
IP
193.142.209.24:443
ASN
#12301 Invitech ICT Services Kft.

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerLet's Encrypt
Subjectme-gold.hu
Fingerprint2D:1E:0A:67:75:D9:46:2C:A0:BB:94:BE:B5:7D:A8:C1:6B:CD:29:7C
ValidityTue, 23 Apr 2024 23:01:45 GMT - Mon, 22 Jul 2024 23:01:44 GMT

File type
PNG image data, 240 x 72, 8-bit colormap, non-interlaced
Size
1.3 kB (1346 bytes)
Hash
cd166981c96c6d0f4b5a7d798c25878e
09031c4013138bb8bd54ab9092ac59aa47d7c60c
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /sine/yahoo/libraries/frontpage_en-US_s_f_p_bestfit_frontpage_2x.png HTTP/1.1
Host: me-gold.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/sine/yahoo/app/auth.php
Cookie: PHPSESSID=1e92e069712fa33efa9c95dac179bd90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 14:18:58 GMT
accept-ranges: bytes
content-length: 1346
content-type: image/png
date: Thu, 25 Apr 2024 18:13:07 GMT
server: Apache
X-Firefox-Spdy: h2

me-gold.hu/sine/yahoo/libraries/frontpage_en-US_s_f_w_bestfit_frontpage_2x.png

193.142.209.24

200 OK

1.4 kB

URL GET HTTP/2
me-gold.hu/sine/yahoo/libraries/frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
IP
193.142.209.24:443
ASN
#12301 Invitech ICT Services Kft.

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerLet's Encrypt
Subjectme-gold.hu
Fingerprint2D:1E:0A:67:75:D9:46:2C:A0:BB:94:BE:B5:7D:A8:C1:6B:CD:29:7C
ValidityTue, 23 Apr 2024 23:01:45 GMT - Mon, 22 Jul 2024 23:01:44 GMT

File type
PNG image data, 240 x 72, 8-bit colormap, non-interlaced
Size
1.4 kB (1391 bytes)
Hash
dd31f56b9e4dff40eb87447c3dc55b84
1908b34af2d15440d33dfc81fcb93aa9b271dc58
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /sine/yahoo/libraries/frontpage_en-US_s_f_w_bestfit_frontpage_2x.png HTTP/1.1
Host: me-gold.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/sine/yahoo/app/auth.php
Cookie: PHPSESSID=1e92e069712fa33efa9c95dac179bd90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 14:18:58 GMT
accept-ranges: bytes
content-length: 1391
content-type: image/png
date: Thu, 25 Apr 2024 18:13:07 GMT
server: Apache
X-Firefox-Spdy: h2

s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2

87.248.119.251

200 OK

29 kB

URL GET HTTP/2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28860, version 1.0
Size
29 kB (28860 bytes)
Hash
a99b283070afc519f4816e4300c515d2
65b78d03d56de125060e61069debfc47e38fb3df
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

HTTP Headers

GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://me-gold.hu
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: eUqfV3BH2LZbpPpB8piJwTHXInj/5UaUEsDoikmXfIvfPKJpr1yovkLmk6kQ7v5mdf72DepX34A=
x-amz-request-id: WJC6SQFMRJFY6HBH
date: Sun, 31 Mar 2024 10:42:46 GMT
last-modified: Thu, 19 Apr 2018 19:06:41 GMT
etag: "a99b283070afc519f4816e4300c515d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-mbst-vtime: 1507011771545398
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28860
referrer-policy: no-referrer-when-downgrade
age: 2187022
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Origin
ats-carp-promotion: 1
X-Firefox-Spdy: h2

s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2

87.248.119.251

200 OK

29 kB

URL GET HTTP/2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28808, version 1.0
Size
29 kB (28808 bytes)
Hash
632a74de7778e84fd6e92f2f6c49f1c3
9ad7f087f4c8f7bea2a0725951029c2b0943f9d4
e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b

HTTP Headers

GET /cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://me-gold.hu
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 7Cm8LAr7r8SKrT7XCUgB2PRNSOXDdDL9Fj1hZgnxGSlToqImWn64BvtiWgMz+J1mz57+WzIXJNk=
x-amz-request-id: 4D1T5HTATFXTCH9A
date: Tue, 23 Apr 2024 12:28:51 GMT
last-modified: Thu, 19 Apr 2018 19:01:13 GMT
etag: "632a74de7778e84fd6e92f2f6c49f1c3"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:1ccdd2c4-6102-4773-912a-83dcdcf0e3cd00055a9e85568140"
x-amz-meta-x-ysws-mbst-vtime: 1507011771924800
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28808
referrer-policy: no-referrer-when-downgrade
age: 193458
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2

87.248.119.251

200 OK

29 kB

URL GET HTTP/2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29040, version 1.0
Size
29 kB (29040 bytes)
Hash
af9fdad7698452697b016850fff96423
710130c79bf56297f8abcc6d6c575172590133b0
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa

HTTP Headers

GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://me-gold.hu
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: plpJGuErCGIV7mw+pNhjVBn6dLEAVHANxx8+2mWeAULpk8ZPoxIj3jbUl3w4n24ayp/8KbaaQaY=
x-amz-request-id: NZ00QYY4725B1941
date: Tue, 23 Apr 2024 09:38:03 GMT
last-modified: Thu, 19 Apr 2018 17:33:29 GMT
etag: "af9fdad7698452697b016850fff96423"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
x-amz-meta-x-ysws-mbst-vtime: 1507011771480561
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29040
referrer-policy: no-referrer-when-downgrade
age: 203705
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2

87.248.119.251

200 OK

29 kB

URL GET HTTP/2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29228, version 1.0
Size
29 kB (29228 bytes)
Hash
7c7c02dcee2bf1c2528db6092d4ad1fa
988a01f705c074261490625c70f94b2642413693
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4

HTTP Headers

GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://me-gold.hu
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 3KSgBQulwwK/rKZ4TssLF9029jeQCULc+kGlzOS3mZiQNW3LpqmQTlJafsKXVcBsXYSFCHws/1U=
x-amz-request-id: YVF6FM7JBEGBS6MF
date: Wed, 10 Apr 2024 08:37:08 GMT
last-modified: Thu, 19 Apr 2018 16:25:50 GMT
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-amz-meta-mbst-etag: "YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-mbst-vtime: 1507011772247755
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29228
referrer-policy: no-referrer-when-downgrade
age: 1330561
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

me-gold.hu/sine/yahoo/libraries/favicon-img-v0.0.2.ico

193.142.209.24

200 OK

1.4 kB

URL GET HTTP/2
me-gold.hu/sine/yahoo/libraries/favicon-img-v0.0.2.ico
IP
193.142.209.24:443
ASN
#12301 Invitech ICT Services Kft.

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerLet's Encrypt
Subjectme-gold.hu
Fingerprint2D:1E:0A:67:75:D9:46:2C:A0:BB:94:BE:B5:7D:A8:C1:6B:CD:29:7C
ValidityTue, 23 Apr 2024 23:01:45 GMT - Mon, 22 Jul 2024 23:01:44 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Size
1.4 kB (1406 bytes)
Hash
b6814ae5582d7953821acbd76e977bb4
75a33fc706c2c6ba233e76c17337e466949f403c
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /sine/yahoo/libraries/favicon-img-v0.0.2.ico HTTP/1.1
Host: me-gold.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/sine/yahoo/app/auth.php
Cookie: PHPSESSID=1e92e069712fa33efa9c95dac179bd90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Apr 2022 12:43:56 GMT
accept-ranges: bytes
content-length: 1406
content-type: image/x-icon
date: Thu, 25 Apr 2024 18:13:08 GMT
server: Apache
X-Firefox-Spdy: h2

s.yimg.com/wm/mbr/images/hide-v0.0.1.svg

87.248.119.251

200 OK

661 kB

URL GET HTTP/2
s.yimg.com/wm/mbr/images/hide-v0.0.1.svg
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
661 kB (660584 bytes)
Hash
6bd15a1456d985027ba5ca91528e4b1e
4039c8e3d18429e2c9ae37d274f0ce6b1c0b7689
119acd68e288f17e86722a67e341ec74f7f6a377ec8e15b3914245f57caf6fbf

HTTP Headers

GET /wm/mbr/images/hide-v0.0.1.svg HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: Va/AR3srwrLrD/aB1f0sSIeGlGb7caAVDnuzn/0pil27hqHZRb+OJctl5Y6rFxDspg1DVUgohIQ=
x-amz-request-id: QBHND6KBS3Y2CHKZ
date: Tue, 05 Mar 2024 19:26:19 GMT
last-modified: Tue, 16 Jul 2019 23:13:44 GMT
etag: "6bd15a1456d985027ba5ca91528e4b1e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=315360000
accept-ranges: bytes
content-type: image/svg+xml
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 4402010
content-encoding: gzip
content-length: 660584
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

me-gold.hu/sine/yahoo/Libraries/jquery.min.js

193.142.209.24

500 Internal Server Error

7.2 kB

URL GET HTTP/2
me-gold.hu/sine/yahoo/Libraries/jquery.min.js
IP
193.142.209.24:443
ASN
#12301 Invitech ICT Services Kft.

Requested by
https://me-gold.hu/sine/yahoo/app/auth.php
Certificate
IssuerLet's Encrypt
Subjectme-gold.hu
Fingerprint2D:1E:0A:67:75:D9:46:2C:A0:BB:94:BE:B5:7D:A8:C1:6B:CD:29:7C
ValidityTue, 23 Apr 2024 23:01:45 GMT - Mon, 22 Jul 2024 23:01:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
7.2 kB (7174 bytes)
Hash
4cb54ceb2489269c9f88a20c56b14c7e
c2a13af6e147639d0c342366a63aa919da80437c
d4a7aef3f978d806e175a255afacb386c14312ea27fe15b9cde38991945ae358

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /sine/yahoo/Libraries/jquery.min.js HTTP/1.1
Host: me-gold.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://me-gold.hu/sine/yahoo/app/auth.php
Cookie: PHPSESSID=1e92e069712fa33efa9c95dac179bd90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 18:13:07 GMT
server: Apache
X-Firefox-Spdy: h2

me-gold.hu/sine/yahoo/app/auth.php

193.142.209.24

200 OK

4.2 kB

URL User Request GET HTTP/2
me-gold.hu/sine/yahoo/app/auth.php
IP
193.142.209.24:443
ASN
#12301 Invitech ICT Services Kft.

Certificate
IssuerLet's Encrypt
Subjectme-gold.hu
Fingerprint2D:1E:0A:67:75:D9:46:2C:A0:BB:94:BE:B5:7D:A8:C1:6B:CD:29:7C
ValidityTue, 23 Apr 2024 23:01:45 GMT - Mon, 22 Jul 2024 23:01:44 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4514), with no line terminators
Size
4.2 kB (4211 bytes)
Hash
d34c4975560350d58b4d406e755f3164
13530c3578221011deac4a8f4cb9593f937283b8
49f0686677f7a0f34cf6d638e720212b8359596c90bf0d28f0c181ec4c0c06b3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /sine/yahoo/app/auth.php HTTP/1.1
Host: me-gold.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=1e92e069712fa33efa9c95dac179bd90; path=/
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 18:13:07 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size