Report - zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html

Report Overview

Submitted URL
zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
IP
172.67.73.221
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 04:55:58
Access
public
Website Title
Sign in - Google Accounts
Final URL
zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Tags
google
urlquery detections
Phishing - Google

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
lp.cybeready.net	unknown	2014-01-26	2015-12-30	2024-04-18	3.9 kB	42 kB	104.26.9.233
zyexx.com	unknown	2018-02-12	2018-05-17	2023-10-31	3.0 kB	11 kB	172.67.73.221
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-17	572 B	51 kB	142.250.74.74
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-17	536 B	49 kB	216.58.207.227
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	881 B	33 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html	Google Inc.
2024-04-16	medium	zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html	Google Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	lp.cybeready.net/common/landing-page.js	4.0 kB	2023-03-07	2024-04-29
Pretty URL lp.cybeready.net/common/landing-page.js IP 104.26.9.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:35 Last Seen2024-04-29 02:02:48 Times Seen367 Hash ac5716b9ccc0d5eb31e94d8c873227d4 39ed1b79df1f4a7eedc7f245f0cabb0618246951 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca Loading...

	zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html	63 B	2024-04-18	2024-04-18
Pretty URL zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html IP 172.67.73.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 06:55:59 Last Seen2024-04-18 06:55:59 Times Seen1 Hash 71e5f6c2d936939705de2f8361f9fc11 179680647a5bbbc6639e58b2037050047b53d53e efde95e1ef8af2611edf361e61efcaa77d3b458f772399a20b5b2716b7ccbc4b Loading...

	unknown	247 B	2024-04-18	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 06:55:59 Last Seen2024-04-18 06:55:59 Times Seen1 Hash d30d1d6550514dfeb6b34832c801d114 d22e44ff99dde6ea8699c6d5afad57b606451c5b adb3a3926a30c4183eed6f0ea1be3e647a33716c94d211ad3f7f7bf7dcc0f544 Loading...

	zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-04-18	2024-04-18
Pretty URL zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.73.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 06:42:31 Last Seen2024-04-18 06:55:59 Times Seen4 Hash 0a4626754af478cc17981be530ca96ff 232ef32d63b8c94fbaf92f30c10edc034b44506d cea3d63c742b2b41aa47456f1dcd6fc8fbadd1d4f07c0666811d75c3caa299bf Loading...

	zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html	1.1 kB	2024-04-18	2024-04-18
Pretty URL zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html IP 172.67.73.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 06:55:59 Last Seen2024-04-18 06:55:59 Times Seen1 Hash 3ce7f54a59b6a461157642a3a9d0cdd5 517a3449cf7b197a1958ab8918df75b57ea804d9 d14830aa3517378d87c2f8334c1a1649796eb41d02233890b81698234e622082 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-30 22:53:47 Times Seen10899 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	lp.cybeready.net/Forms/Google/validator.js	1.1 kB	2023-03-09	2024-04-18
Pretty URL lp.cybeready.net/Forms/Google/validator.js IP 104.26.9.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:03:15 Last Seen2024-04-18 07:08:24 Times Seen24 Hash c581e863b50b5bd4029985fe89e8cc1b 8ff0397a96097dfd3359a4f1d2462b80d9f700a1 aeb7cb711f8559684e29273a8cb879df8b150fd7569b75daca0222889bf6dd5f Loading...

HTTP Transactions (18)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

104.17.24.14

200 OK

4.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23577)
Size
4.4 kB (4364 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:33 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65993750-110c"
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 126476
expires: Tue, 08 Apr 2025 04:55:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14AVqKskRDgBNgPFtoT5TsLxVYJ0HKtJ%2BPYttQZ%2FHhmyQUNMJk0wMZ2fnM0NUEYYYIVYRdYYIIv33vhjqQJobj2FldeAXSIF4JNqkO%2B5Wa9mX9LKrqSSbw6UkkcKlHltXh0qgt6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87621034cc2356c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 217433
expires: Tue, 08 Apr 2025 04:55:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMEi04W3SmVyvcSwD4ctWQBOWIrDUSOpTUs3qUs82l8oZp5zj1iMXgcOAhq%2BWAVMtraXmWm0QVXyXzgHWzxz%2BY9Qy7ZAmYE8opmYmF5QmGGgYaYOKaQxKn3rc48A31jQ3IZ4OXYh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87621034cc2456c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/bottom-strip.png

104.26.9.233

200 OK

4.2 kB

URL GET HTTP/2
lp.cybeready.net/Forms/Google/bottom-strip.png
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 230 x 17, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4230 bytes)
Hash
e9df7323e34b51c6fd5b9e922095c538
1706f2fc27c697dfb8fa7be76dbbd3e6834c70c9
208fb771d3dafbd219456ad23ef9a81b7c0b2c66d415558eaad37aa8e73051e8

HTTP Headers

GET /Forms/Google/bottom-strip.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: image/png
content-length: 4230
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4285
etag: "c8e020fb658fa746845c385029c552f6"
last-modified: Sun, 07 Feb 2016 16:12:30 GMT
x-amz-id-2: 8q6sEEV+O78KPJaDa5YK6ARuQnqLOlR6C1U4BflRmUL5M2jvz7exNZQ5+GH/xLN8vBA5VpVGE18=
x-amz-request-id: BEP9XXSS7CHYEJVY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2SKXlOYKSRdhyEs32kG8GThjIyerykEWmbvbIaSxQX5Ks%2BKUw%2BCECZYWgsunPnrFJf%2Becx2yAsPkehccMPsN4jDdHzxBBYueiHQ4wHeJchuNPQ5jzuQry7voR7Ju8OTU9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210354b8056c7-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/logo.png

104.26.9.233

200 OK

14 kB

URL GET HTTP/2
lp.cybeready.net/Forms/Google/logo.png
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 568 x 192, 8-bit/color RGBA, non-interlaced
Size
14 kB (13804 bytes)
Hash
9a344d6cdd66f3fa4c3edfcb3b6faf1e
e4d2a6ca73b2938d3e7ca8ce18218ea4fe36b79d
2f75b559a72868bf11e4bb75ea6834d7f158eca12bac649fd43474b97ad9908b

HTTP Headers

GET /Forms/Google/logo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: image/png
content-length: 13804
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "9a344d6cdd66f3fa4c3edfcb3b6faf1e"
last-modified: Sun, 07 Feb 2016 16:12:28 GMT
x-amz-id-2: zLOtKdNqpKd/0vyivvqe/7xqy9ZfkFlRhnbgKYKcQrjfAFVrynhDTX56Iya9u87WrY+Rx0yPdJY=
x-amz-request-id: AW5WZZXHH6MPCEDF
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALG2WR%2F0syOoO0NRezmntItTgNeWMAdQyGSFG8C7LkjjneNvWJ%2BChaJOCpH7Y04qLJCygm7%2BJ5xHKWk8v734wu%2FGkTmhLvc1pe9CJeo79ZkKuvwWg2MfJvUE3juVk9c27qc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210354b7d56c7-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/avatar.png

104.26.9.233

200 OK

1.3 kB

URL GET HTTP/2
lp.cybeready.net/Forms/Google/avatar.png
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 96 x 96, 8-bit colormap, non-interlaced
Size
1.3 kB (1264 bytes)
Hash
0b83194f9963368deba456895be8ac04
89d4d2ae09f2b65e2f4200bcc7f52eca498de843
b6aa7fe0584c975a9d8140a65fc55363d1b68f9230f61f95c616456b1c4c2d66

HTTP Headers

GET /Forms/Google/avatar.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: image/png
content-length: 1264
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2016
etag: "2787a6ef71bfd34b5bb1f37644ef91a6"
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
x-amz-id-2: MYr5tjyfxNnCftB+162j5nYaM+JzQmdimDwRsmPy+Omk/2h9jR67xohq6rDuqmEsOdMuyrQokqg=
x-amz-request-id: AW5T1E1KWGKB4DD6
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0FXh4m5nvFIZecV4OOQM2Mb7sGXPFNSEbXJZ7sFcM5h62GWqpXIxp%2BXRr%2BLbiLpq%2Fe7SMgAUNJwqOEVPwum%2Bar9ybQMTQqWzf0Q%2BTKH6HUIpTMGLu5C6Nf722yPZjBYbLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210354b7e56c7-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/universal-language.png

104.26.9.233

200 OK

199 B

URL GET HTTP/2
lp.cybeready.net/Forms/Google/universal-language.png
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced
Size
199 B (199 bytes)
Hash
4a2d1168a691747daf4d22e0dc483958
e556fed18aff83a117f173960c66d42d57cbc4b4
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6

HTTP Headers

GET /Forms/Google/universal-language.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: image/png
content-length: 199
x-amz-id-2: Ji+SselEV/zT7E5ZtK7EKh5Jvl3DWWN3Fg747lx7HbZN9EtvU0cBR39m9iEq76ScL0OC6mbwilE=
x-amz-request-id: Q03DZJKH23SPDATJ
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
etag: "4a2d1168a691747daf4d22e0dc483958"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7XNBcln7a%2FUrpAIa6SUIdedPZocNRd24%2F2pxkSeNK2gIAIZU9CfR5fg0cIcfk07CYoYIqpCkggZwsq3Pas6BfrR5Q%2FwBEnmKpCAPCV21DLMmKYYp7k6MBujBvOLoc2zFZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210354b8256c7-OSL
X-Firefox-Spdy: h2

zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.73.221

302 Found

0 B

URL GET HTTP/2
zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.73.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectzyexx.com
Fingerprint56:FD:11:E5:5B:2F:2F:21:7A:2A:00:77:CA:BE:25:73:9B:C1:70:E4
ValiditySat, 16 Mar 2024 23:24:21 GMT - Fri, 14 Jun 2024 23:24:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: zyexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: requestid=a3cbdb843f4f245a05e82783abfae180
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 18 Apr 2024 04:55:34 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bxe0mY4QB%2BmejbGpfa7k6vyxgZTunuO1b0YSQHOGln0qsa%2FNhnOkUA7vHfz54G%2FpXGyHPiULxmaTsuku4tq2GA1VAofV2s8%2F2GdVLAJJCuID46qpltPyct1YNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87621037ad1a5695-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext

142.250.74.74

200 OK

50 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
50 kB (50487 bytes)
Hash
cb2e636f20b852e81e6083403988edda
843be6ce7d97cc9b2403781d8f1a03350104487e
d90bb45c81343d28b33c8e0d7e8a72c8cdd5d34e034ef979f415387dfab22bf6

HTTP Headers

GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lp.cybeready.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:55:34 GMT
date: Thu, 18 Apr 2024 04:55:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zyexx.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 8434
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html

172.67.73.221

200 OK

0 B

URL User Request GET HTTP/2
zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
IP
172.67.73.221:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectzyexx.com
Fingerprint56:FD:11:E5:5B:2F:2F:21:7A:2A:00:77:CA:BE:25:73:9B:C1:70:E4
ValiditySat, 16 Mar 2024 23:24:21 GMT - Fri, 14 Jun 2024 23:24:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

POST /81c3fb6e8s1ae247cfib457fc83jfd9a8919.html HTTP/1.1
Host: zyexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://zyexx.com
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Cookie: requestid=a3cbdb843f4f245a05e82783abfae180
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=dd3fddcb44f91b5d8240e2faca50dc66
requestid=871c353b231ad979ee8ab20bf64861ce
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJvrb13TXoeoD92OsrKNovIy4tegQ2NfJm5XpAwOaMkSbGirgwcdH5Vof%2BSVLxykH59L3nNAWBhwZ5NUdZglBoSYMrnaOR9QEYGwt8VpG5hM4HJamyYZrbqw2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87621038be8e5695-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/index.css

104.26.9.233

200 OK

9.1 kB

URL GET HTTP/2
lp.cybeready.net/Forms/Google/index.css
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (3150), with no line terminators
Size
9.1 kB (9065 bytes)
Hash
a6c6e6db31cd985c65890a1a626b911e
2b8ffbcb17d90fbafa91aacfed6780919d0962fb
82c4448aa54b38018d193bb1b285454bf0c81be06d9caeb3dd1a9f0dbbf74b93

HTTP Headers

GET /Forms/Google/index.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3883
etag: W/"57e393e42d12341ec78e469610dcf93e"
last-modified: Sun, 07 Feb 2016 16:12:28 GMT
x-amz-id-2: vqOGC8YEz0vMNskFU5/S3qnB5wqMWD+IonOEBjrVpbcg+28x8e2z685x4nryOQIj1uvq1v39cEs=
x-amz-request-id: BEPD9JYV3KS3HVY6
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKaG8r5BuSEXZiPrt0A0zwIh9togr8uQcrZVlLKEFMOqzRGv3w9PPJDW4c2QRKYWQ%2FQhmMhnNQ1iJqeQzGnG3U2M79WA7nBvn4kIW8AyM0HR1D9gh4qiMK4zVRYphXHO918%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210354b7a56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html

172.67.73.221

200 OK

0 B

URL User Request GET HTTP/2
zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
IP
172.67.73.221:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectzyexx.com
Fingerprint56:FD:11:E5:5B:2F:2F:21:7A:2A:00:77:CA:BE:25:73:9B:C1:70:E4
ValiditySat, 16 Mar 2024 23:24:21 GMT - Fri, 14 Jun 2024 23:24:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

POST /81c3fb6e8s1ae247cfib457fc83jfd9a8919.html HTTP/1.1
Host: zyexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 109
Origin: https://zyexx.com
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Cookie: requestid=871c353b231ad979ee8ab20bf64861ce; cf_clearance=k7sG7z73rogNAQD_pXVOQOpz.MVmhheUEtRRjxf1p8U-1713416134-1.0.1.1-kCEX2CH7K_4PmIIueJnDGtpV9P72j2.3ezuh4Nh5YV7LSuByqpDhrCW9nzcxJWh8kvJhn3HWj7uHpYjGaw2Rig
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:56 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=ce638bb8a5b6cd37852b4c3478a3f51f
requestid=0029c6aea5065952b44adbe2e1fca82a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dcd6oTgP0JnCTl%2FMEOb2w8xRX1hnZtBRHe9IY177oks%2BJr2y26QjSLt2JJvzgfhHF5%2FjHpa8y9szOv4F0WNOFsGAQBlwdXSV655SjvRK6KFVoPqRztrxNGq5jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876210c23dd05695-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/validator.js

104.26.9.233

200 OK

1.1 kB

URL GET HTTP/2
lp.cybeready.net/Forms/Google/validator.js
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (1108), with no line terminators
Size
1.1 kB (1091 bytes)
Hash
3a4a43e05bbe58926ab3a9708b533376
a69fad3a71da6eefa0edd63ca7077ac4a0405926
f919a959fb58eac3ef7e79db2a6b29f9dc630c186f2da647eb57eb27eb400051

HTTP Headers

GET /Forms/Google/validator.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1515
etag: W/"7152564fdc6195c26cbe4e2a7430631c"
last-modified: Sun, 07 Feb 2016 16:40:15 GMT
x-amz-id-2: uHKtSFglq9xrJ7H+qXxk6TPJZAQWGn/7bSOUVgzujvpQS9zvUjl7Kkh/RuN6F9q7nvaWLtIBE0o=
x-amz-request-id: AW5XK40BKK29WX9V
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0DfrdeWSXNJIwLJW%2F8cYuMmisZ8XduUUVWctnZ782PNHYrLSty%2BaGm1lt6ES0xHZaoQFkhQYcubcVfIDkpDBkWZErOV1pHgd1UvVijhvopGG9XnziDgmOgRJ6C5aSY6zxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210355b8b56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

zyexx.com/cdn-cgi/challenge-platform/h/g/jsd/r/876210322ecb5695

172.67.73.221

200 OK

0 B

URL POST HTTP/2
zyexx.com/cdn-cgi/challenge-platform/h/g/jsd/r/876210322ecb5695
IP
172.67.73.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectzyexx.com
Fingerprint56:FD:11:E5:5B:2F:2F:21:7A:2A:00:77:CA:BE:25:73:9B:C1:70:E4
ValiditySat, 16 Mar 2024 23:24:21 GMT - Fri, 14 Jun 2024 23:24:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/876210322ecb5695 HTTP/1.1
Host: zyexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12210
Origin: https://zyexx.com
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Cookie: requestid=a3cbdb843f4f245a05e82783abfae180
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=k7sG7z73rogNAQD_pXVOQOpz.MVmhheUEtRRjxf1p8U-1713416134-1.0.1.1-kCEX2CH7K_4PmIIueJnDGtpV9P72j2.3ezuh4Nh5YV7LSuByqpDhrCW9nzcxJWh8kvJhn3HWj7uHpYjGaw2Rig; path=/; expires=Fri, 18-Apr-25 04:55:34 GMT; domain=.zyexx.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hT5zhGgf0rtiR%2BPA4W5gOd5rgaIdZxqknqT%2Fxa%2B9ZDq9NmiI7Up1Hc%2BS23ALIxvSQ9ZKWkTTJAMR%2B5cTOVN6dYYp7nGD43sFxxNN8h%2FBatKOVkFc7jUAaK3Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87621038ae7d5695-OSL
content-encoding: br
X-Firefox-Spdy: h2

zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js

172.67.73.221

200 OK

7.9 kB

URL GET HTTP/2
zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
IP
172.67.73.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectzyexx.com
Fingerprint56:FD:11:E5:5B:2F:2F:21:7A:2A:00:77:CA:BE:25:73:9B:C1:70:E4
ValiditySat, 16 Mar 2024 23:24:21 GMT - Fri, 14 Jun 2024 23:24:20 GMT

File type
JavaScript source, ASCII text, with very long lines (7857), with no line terminators
Size
7.9 kB (7857 bytes)
Hash
0a4626754af478cc17981be530ca96ff
232ef32d63b8c94fbaf92f30c10edc034b44506d
cea3d63c742b2b41aa47456f1dcd6fc8fbadd1d4f07c0666811d75c3caa299bf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js HTTP/1.1
Host: zyexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: requestid=a3cbdb843f4f245a05e82783abfae180
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: br
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cvhxesB%2Bw%2Bzx%2F3D9l%2FgiDlWHAMi0r6eH7P7U7m02xeQ0DENgLrJo1pSCQPVLNh%2BcKWSyCiaspz6X53BDGss6qY4ttKDavhiO9JxZbPpA4RQRPavO2uDtep9gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87621037cd3b5695-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/favicon.ico

0.0.0.0

0 B

URL GET
lp.cybeready.net/Forms/Google/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Forms/Google/favicon.ico HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: image/x-icon
x-amz-id-2: vOxh+aUnUrJt6lSQX4KFtKiTCUW5oUMiyqBqyWTzJ0PDo0rhY0jm9tAzaaq0gXpKHzPwzkLLOKM=
x-amz-request-id: Q03EQ7F277TE4YQ8
last-modified: Sun, 07 Feb 2016 16:12:35 GMT
etag: W/"f697de3c84903b1a6605d5372d6db308"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPT%2FsJGEBnsaInMX0vggXSzOFTZquq9sAEI3PKmna49Ny9FezAD1hZZhA31SGqn%2BrouS1kcvmdycU0z%2Fod2IYBt8IKi319gON5YuGYZiPp6tTwWWCQKPgoopTFuOIqp0J%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210385e6a56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/Google/sanitize.css

104.26.9.233

200 OK

1.0 kB

URL GET HTTP/2
lp.cybeready.net/Forms/Google/sanitize.css
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (1132), with no line terminators
Size
1.0 kB (1022 bytes)
Hash
347a7e687608eacd54f37aca9136ff78
dad65c048c79167fdc193bf8e83b603b40490068
ebff196b0409e0a88b2ba89e76cfaccaf45a8cdac3a594dd3339a5c51127a241

HTTP Headers

GET /Forms/Google/sanitize.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:34 GMT
content-type: text/css
x-amz-id-2: kelHRkaOQyT57M6eZDUFw4D9kuSZfAh/1dPTSdsFpfqG6lxvmLk3RMds9HkD3LHmQ6ORo/J9TU0=
x-amz-request-id: Q031J8MFMMS9M3T7
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
etag: W/"4023fc4c0be2a30c1eafd0903d5f471b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3QCjMqFPVOdQ635Yt%2B0hnpZ9I5Y5uGIhwRScQTnn9SKi9xxH4%2BYh0nF2yGlMKv7j4GU6D8yZuCbqnKoAHVqGEt4ALbei2LKX%2FQRA%2Beb%2BhwYvo7kS2emEG8bqKB5oavyy80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210355b8356c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/common/landing-page.js

104.26.9.233

200 OK

4.0 kB

URL GET HTTP/2
lp.cybeready.net/common/landing-page.js
IP
104.26.9.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zyexx.com/81c3fb6e8s1ae247cfib457fc83jfd9a8919.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JavaScript source, ASCII text, with very long lines (4058), with no line terminators
Size
4.0 kB (4037 bytes)
Hash
31c9d5c1c040c6f1d6e924471ce8179b
051fbd8b0dd9cc8567fcb71fedf2726d0c7cb321
13935b3ce2cace0bb7bd02421279995e5a519bc5622c494ee1536a1ef880f670

HTTP Headers

GET /common/landing-page.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zyexx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:55:33 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7666
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
x-amz-id-2: z8RsqbBiz1nWYtfNZb1HCsklBEOD8IM7WIC09NRnrI1IXGsWrJYoWs/x8VuE967G4EdDqZTcWR4=
x-amz-request-id: BGDVSRCCTTP72NXR
cache-control: max-age=14400
cf-cache-status: HIT
age: 1417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEBAfGULmktQgTxleuLJ%2BcnhewOcv%2BJMs1mCQwnOcCWLb9li0dG9c74iGy7dEAhrDvzatEd6wqzqZaSwdM8ztKBd4TktglAbIaInDuTmXlivMCfAvMJM4Wzjc7IIj5u%2Fm7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876210355b8c56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size