Report - c-secure2v.net/2yc/yc/phone-verify.php

Report Overview

Submitted URL
c-secure2v.net/2yc/yc/phone-verify.php
IP
217.160.0.245
ASN
#8560 IONOS SE
Submitted
2024-05-10 23:47:16
Access
public
Website Title
Yahoo
Final URL
c-secure2v.net/2yc/yc/phone-verify.php
Tags
yahoo phishing
urlquery detections
Phishing - Yahoo

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
c-secure2v.net	unknown	unknown	No data	No data	2.4 kB	614 kB	217.160.0.245
s.yimg.com	375	unknown	No data	No data	1.0 kB	60 kB	87.248.119.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	c-secure2v.net/2yc/yc/phone-verify.php	60 B	2024-04-02	2024-05-18
Pretty URL c-secure2v.net/2yc/yc/phone-verify.php IP 217.160.0.245 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-02 22:16:29 Last Seen2024-05-18 19:42:20 Times Seen16 Hash dfd7cc6adfa6d4859b560e23302b0965 c3231bac7dc1951aec35aaa8f01de40505865210 bac38a0a5affc527fe4b47b7d6e3da6cd7d282b7bb98be50986bbfa3ab707724 Loading...

HTTP Transactions (7)

URL IP Response Size

c-secure2v.net/2yc/yc/phone-verify.php

217.160.0.245

200 OK

2.8 kB

URL User Request GET HTTP/2
c-secure2v.net/2yc/yc/phone-verify.php
IP
217.160.0.245:443
ASN
#8560 IONOS SE

Certificate
IssuerDigiCert Inc
Subject*.c-secure2v.net
FingerprintA4:E7:90:39:B6:09:67:A6:5D:9A:AA:A1:2A:F8:98:E5:B1:CF:81:AA
ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
2.8 kB (2778 bytes)
Hash
212a624a8d3b4ff51f53db50a7f522a8
0ca21143208c22b692c6a115aa83a92ef55c7e29
65cd1011f67a09ab86476b5ae0d3de60a050ffe63127ad2240c88818a6115c21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /2yc/yc/phone-verify.php HTTP/1.1
Host: c-secure2v.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 23:43:24 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

c-secure2v.net/2yc/yc/img/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png

217.160.0.245

200 OK

1.4 kB

URL GET HTTP/2
c-secure2v.net/2yc/yc/img/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
IP
217.160.0.245:443
ASN
#8560 IONOS SE

Requested by
https://c-secure2v.net/2yc/yc/phone-verify.php
Certificate
IssuerDigiCert Inc
Subject*.c-secure2v.net
FingerprintA4:E7:90:39:B6:09:67:A6:5D:9A:AA:A1:2A:F8:98:E5:B1:CF:81:AA
ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT

File type
PNG image data, 240 x 72, 8-bit colormap, non-interlaced
Size
1.4 kB (1391 bytes)
Hash
dd31f56b9e4dff40eb87447c3dc55b84
1908b34af2d15440d33dfc81fcb93aa9b271dc58
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /2yc/yc/img/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png HTTP/1.1
Host: c-secure2v.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c-secure2v.net/2yc/yc/phone-verify.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1391
date: Fri, 10 May 2024 23:43:25 GMT
server: Apache
last-modified: Fri, 15 Dec 2023 07:09:58 GMT
etag: "56f-60c871681fd80"
accept-ranges: bytes
X-Firefox-Spdy: h2

c-secure2v.net/2yc/yc/css/style.css

217.160.0.245

200 OK

606 kB

URL GET HTTP/2
c-secure2v.net/2yc/yc/css/style.css
IP
217.160.0.245:443
ASN
#8560 IONOS SE

Requested by
https://c-secure2v.net/2yc/yc/phone-verify.php
Certificate
IssuerDigiCert Inc
Subject*.c-secure2v.net
FingerprintA4:E7:90:39:B6:09:67:A6:5D:9A:AA:A1:2A:F8:98:E5:B1:CF:81:AA
ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (43382)
Size
606 kB (606413 bytes)
Hash
ce25a0b438cc90ce911ef6ad59f8f7b6
7c2f3a352a05d8fe9d7e255bc6e2208196bfb79e
d21d4ab88f691e0b5945f1dc5098878aa20785b2f0c46b424419d29f96cb605f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /2yc/yc/css/style.css HTTP/1.1
Host: c-secure2v.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c-secure2v.net/2yc/yc/phone-verify.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 606413
date: Fri, 10 May 2024 23:43:25 GMT
server: Apache
last-modified: Fri, 15 Dec 2023 07:09:58 GMT
etag: "940cd-60c871681fd80"
accept-ranges: bytes
X-Firefox-Spdy: h2

c-secure2v.net/2yc/yc/img/yahoo-favicon-img-v0.0.2.ico

217.160.0.245

200 OK

1.4 kB

URL GET HTTP/2
c-secure2v.net/2yc/yc/img/yahoo-favicon-img-v0.0.2.ico
IP
217.160.0.245:443
ASN
#8560 IONOS SE

Requested by
https://c-secure2v.net/2yc/yc/phone-verify.php
Certificate
IssuerDigiCert Inc
Subject*.c-secure2v.net
FingerprintA4:E7:90:39:B6:09:67:A6:5D:9A:AA:A1:2A:F8:98:E5:B1:CF:81:AA
ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Size
1.4 kB (1406 bytes)
Hash
b6814ae5582d7953821acbd76e977bb4
75a33fc706c2c6ba233e76c17337e466949f403c
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /2yc/yc/img/yahoo-favicon-img-v0.0.2.ico HTTP/1.1
Host: c-secure2v.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c-secure2v.net/2yc/yc/phone-verify.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 1406
date: Fri, 10 May 2024 23:43:25 GMT
server: Apache
last-modified: Sat, 16 Dec 2023 09:16:14 GMT
etag: "57e-60c9cf7e9f380"
accept-ranges: bytes
X-Firefox-Spdy: h2

s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2

87.248.119.251

200 OK

29 kB

URL GET HTTP/2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://c-secure2v.net/2yc/yc/phone-verify.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintD4:10:7A:90:FB:74:7B:7D:B9:1A:E2:80:67:5C:1F:63:B2:C1:93:52
ValidityThu, 09 May 2024 00:00:00 GMT - Wed, 26 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28860, version 1.0
Size
29 kB (28860 bytes)
Hash
a99b283070afc519f4816e4300c515d2
65b78d03d56de125060e61069debfc47e38fb3df
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

HTTP Headers

GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://c-secure2v.net
DNT: 1
Connection: keep-alive
Referer: https://c-secure2v.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: eUqfV3BH2LZbpPpB8piJwTHXInj/5UaUEsDoikmXfIvfPKJpr1yovkLmk6kQ7v5mdf72DepX34A=
x-amz-request-id: WJC6SQFMRJFY6HBH
date: Sun, 31 Mar 2024 10:42:46 GMT
last-modified: Thu, 19 Apr 2018 19:06:41 GMT
etag: "a99b283070afc519f4816e4300c515d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-mbst-vtime: 1507011771545398
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28860
referrer-policy: no-referrer-when-downgrade
age: 3502840
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2

87.248.119.251

200 OK

29 kB

URL GET HTTP/2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://c-secure2v.net/2yc/yc/phone-verify.php
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintD4:10:7A:90:FB:74:7B:7D:B9:1A:E2:80:67:5C:1F:63:B2:C1:93:52
ValidityThu, 09 May 2024 00:00:00 GMT - Wed, 26 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29228, version 1.0
Size
29 kB (29228 bytes)
Hash
7c7c02dcee2bf1c2528db6092d4ad1fa
988a01f705c074261490625c70f94b2642413693
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4

HTTP Headers

GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://c-secure2v.net
DNT: 1
Connection: keep-alive
Referer: https://c-secure2v.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 3KSgBQulwwK/rKZ4TssLF9029jeQCULc+kGlzOS3mZiQNW3LpqmQTlJafsKXVcBsXYSFCHws/1U=
x-amz-request-id: YVF6FM7JBEGBS6MF
date: Wed, 10 Apr 2024 08:37:08 GMT
last-modified: Thu, 19 Apr 2018 16:25:50 GMT
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-amz-meta-mbst-etag: "YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-mbst-vtime: 1507011772247755
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29228
referrer-policy: no-referrer-when-downgrade
age: 2646379
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

c-secure2v.net/2yc/yc/img/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png

217.160.0.245

200 OK

1.3 kB

URL GET HTTP/2
c-secure2v.net/2yc/yc/img/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
IP
217.160.0.245:443
ASN
#8560 IONOS SE

Requested by
https://c-secure2v.net/2yc/yc/phone-verify.php
Certificate
IssuerDigiCert Inc
Subject*.c-secure2v.net
FingerprintA4:E7:90:39:B6:09:67:A6:5D:9A:AA:A1:2A:F8:98:E5:B1:CF:81:AA
ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT

File type
PNG image data, 240 x 72, 8-bit colormap, non-interlaced
Size
1.3 kB (1346 bytes)
Hash
cd166981c96c6d0f4b5a7d798c25878e
09031c4013138bb8bd54ab9092ac59aa47d7c60c
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Yahoo

HTTP Headers

GET /2yc/yc/img/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png HTTP/1.1
Host: c-secure2v.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c-secure2v.net/2yc/yc/phone-verify.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1346
date: Fri, 10 May 2024 23:43:25 GMT
server: Apache
last-modified: Fri, 15 Dec 2023 07:09:58 GMT
etag: "542-60c871681fd80"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size