newmail.yfy.com/
211.72.194.160 0 B IP 211.72.194.160:0
ASN #3462 Data Communication Business Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET / HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
location: https://newmail.yfy.com/owa/
server: Microsoft-IIS/10.0
x-feserver: MAIL1T
x-requestid: b11a7087-165b-4c27-9597-0dde4976901b
date: Wed, 24 Apr 2024 04:17:30 GMT
content-length: 0
X-Firefox-Spdy: h2
newmail.yfy.com/owa/
211.72.194.160 216 B IP 211.72.194.160:0
ASN #3462 Data Communication Business Group
File type HTML document, ASCII text, with CRLF line terminators
Hash e09c19b15ce4332c11f8d90381a7becd
b0cca3c344f462a221460ddda7d4f68a15bcc842
89f8f67373e2807da36582af12a89c02fe2930475a9b91ae483f0859e32cd9af
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/ HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://newmail.yfy.com/owa/auth/logon.aspx?url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f&reason=0
server: Microsoft-IIS/10.0
request-id: 7b08994f-aad3-40f2-9ec8-8a708521dd85
x-owa-version: 15.1.2507.35
x-powered-by: ASP.NET
x-feserver: MAIL1T
date: Wed, 24 Apr 2024 04:17:30 GMT
content-length: 216
X-Firefox-Spdy: h2
newmail.yfy.com/owa/auth/logon.aspx?url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f&reason=0
211.72.194.160 28 kB URL newmail.yfy.com/owa/auth/logon.aspx?url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f&reason=0
IP 211.72.194.160:0
ASN #3462 Data Communication Business Group
File type HTML document, ASCII text, with very long lines (1062), with CRLF, LF line terminators
Hash e347d197d07a1d49503d95efd708427f
c96ceeeed8b6f32bba1434658e2bc7154cfff1e4
77ccd72d7d6670e16b07469417f0d97d7c3f936fadd472b4fd5d161658141c7b
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f&reason=0 HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
request-id: 7ccd945b-9e2c-4b72-a52a-beef13df6cae
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 24 Apr 2024 04:17:31 GMT
content-length: 27976
X-Firefox-Spdy: h2
newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
211.72.194.160200 OK 64 kB URL User Request GET HTTP/2 newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
IP 211.72.194.160:443
ASN #3462 Data Communication Business Group
Certificate IssuerTAIWAN-CA
Subjectnewmail.yfy.com
Fingerprint0F:EB:42:E6:D0:16:E8:D3:48:ED:62:9C:8E:0C:F9:90:3F:A5:42:E7
ValidityThu, 21 Mar 2024 23:00:41 GMT - Mon, 21 Apr 2025 15:59:59 GMT
File type HTML document, ASCII text, with very long lines (10390), with CRLF, LF line terminators
Hash e238e918927551c64bd1646729d1b15e
ffc03c179b0336dcd636a9d20c901f0ca6e3e05c
f1fb21889c346d620f7b70fb7654cefee0f95b094c7b0c64b2ff05079fd63b77
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newmail.yfy.com/owa/auth/logon.aspx?url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f&reason=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
request-id: dc0c552e-dc53-4fb5-9ec1-e6a3fd634488
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 24 Apr 2024 04:17:31 GMT
content-length: 63980
X-Firefox-Spdy: h2
newmail.yfy.com/owa/auth/15.1.2507/themes/resources/segoeui-regular.ttf
211.72.194.160200 OK 57 kB URL GET HTTP/2 newmail.yfy.com/owa/auth/15.1.2507/themes/resources/segoeui-regular.ttf
IP 211.72.194.160:443
ASN #3462 Data Communication Business Group
Requested by https://newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
Certificate IssuerTAIWAN-CA
Subjectnewmail.yfy.com
Fingerprint0F:EB:42:E6:D0:16:E8:D3:48:ED:62:9C:8E:0C:F9:90:3F:A5:42:E7
ValidityThu, 21 Mar 2024 23:00:41 GMT - Mon, 21 Apr 2025 15:59:59 GMT
File type TrueType Font data, 18 tables, 1st "LTSH", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S
Hash 8af990b6ad3ba192c2dd6a193890bf5f
4db5bf117ff8f1392fab3b438216d7cff4ae4976
c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.1.2507/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: application/octet-stream
last-modified: Sun, 20 Mar 2022 14:39:34 GMT
accept-ranges: bytes
etag: "017f650683cd81:0"
server: Microsoft-IIS/10.0
request-id: 7031f315-d43d-4a44-b213-6924ac03d73b
x-powered-by: ASP.NET
date: Wed, 24 Apr 2024 04:17:32 GMT
content-length: 56760
X-Firefox-Spdy: h2
newmail.yfy.com/owa/auth/15.1.2507/themes/resources/segoeui-semilight.ttf
211.72.194.160200 OK 42 kB URL GET HTTP/2 newmail.yfy.com/owa/auth/15.1.2507/themes/resources/segoeui-semilight.ttf
IP 211.72.194.160:443
ASN #3462 Data Communication Business Group
Requested by https://newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
Certificate IssuerTAIWAN-CA
Subjectnewmail.yfy.com
Fingerprint0F:EB:42:E6:D0:16:E8:D3:48:ED:62:9C:8E:0C:F9:90:3F:A5:42:E7
ValidityThu, 21 Mar 2024 23:00:41 GMT - Mon, 21 Apr 2025 15:59:59 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.1.2507/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: application/octet-stream
last-modified: Sun, 20 Mar 2022 14:41:26 GMT
accept-ranges: bytes
etag: "0efb793683cd81:0"
server: Microsoft-IIS/10.0
request-id: 7d2b0c33-01bf-4a4f-b210-39b577136b5f
x-powered-by: ASP.NET
date: Wed, 24 Apr 2024 04:17:32 GMT
content-length: 41560
X-Firefox-Spdy: h2
newmail.yfy.com/owa/auth/15.1.2507/themes/resources/favicon.ico
211.72.194.160200 OK 1.2 kB URL GET HTTP/2 newmail.yfy.com/owa/auth/15.1.2507/themes/resources/favicon.ico
IP 211.72.194.160:443
ASN #3462 Data Communication Business Group
Requested by https://newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
Certificate IssuerTAIWAN-CA
Subjectnewmail.yfy.com
Fingerprint0F:EB:42:E6:D0:16:E8:D3:48:ED:62:9C:8E:0C:F9:90:3F:A5:42:E7
ValidityThu, 21 Mar 2024 23:00:41 GMT - Mon, 21 Apr 2025 15:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16
Hash ae5eff783638f016b975725686e67806
d05b5848f9ffd323c4b2168064072021c68325bf
8f4ccab89d785b62c2904096cb2c1e875217ffa20ecb029c1467097c2f1562b9
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.1.2507/themes/resources/favicon.ico HTTP/1.1
Host: newmail.yfy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newmail.yfy.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fnewmail.yfy.com%2fowa%2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: image/x-icon
last-modified: Tue, 26 Dec 2017 04:47:15 GMT
accept-ranges: bytes
etag: "804bd99947ed31:0"
server: Microsoft-IIS/10.0
request-id: 2fa9235d-d25a-4db7-a17d-d871444391ca
x-powered-by: ASP.NET
date: Wed, 24 Apr 2024 04:17:32 GMT
content-length: 1150
X-Firefox-Spdy: h2