urlscan.io logo urlscan.io
SecurityTrails logo

zyexx.com Open in urlscan Pro
2606:4700:20::ac43:49dd  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Submission: On July 13 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::ac43:49dd, located in United States and belongs to CLOUDFLARENET, US. The main domain is zyexx.com.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.
This is the only time zyexx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 5
5    2606:4700:20::ac43:49dd (United States)

ASN13335 (CLOUDFLARENET, US)
zyexx.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2606:4700:20::681a:8e9 (United States)

ASN13335 (CLOUDFLARENET, US)
lp.cybeready.net
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 cybeready.net
lp.cybeready.net
87 KB
5 zyexx.com
zyexx.com
7 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 240
32 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
3 KB
17 5
Domain Requested by
9 lp.cybeready.net zyexx.com
5 zyexx.com 1 redirects zyexx.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com zyexx.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com lp.cybeready.net
17 5

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
Subject Issuer Validity Valid
zyexx.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
cybeready.net
E5		 2024-06-14 -
2024-09-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Frame ID: AE974C5E6629AD6CF72FF805B21BA2B1
Requests: 15 HTTP requests in this frame

Frame: https://zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 95A873E36998847E780CE93BF288A1F6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in - Google Accounts

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

175 kB
Transfer

607 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 81301d6b4s42174718ia49ee26fj1074463e.html
zyexx.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cccf3bd2448b6878f62512d0d08f2397477871ff91ad581c1193ee862ec4e1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8a27cd3a4ea65d8a-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jul 2024 08:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JqZ1fb8IkrYAfbhnqS%2FJwmrI%2BfB3GDPCmyzpMubiG%2Bgx3xUFCmnjx4qRFsh0A%2B6OIXTg7VsyMMSJUR64poOHM1Ro%2BR9%2FHhprs9NvBFZvkEP4Q0OKZvBLAVJvIk6OKootwUkjWiVbiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="DeleteAfter30Days"
x-amz-server-side-encryption
AES256
x-amz-version-id
cVM99.wzE_rijHsapydrHMUi_oXleDWy
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
988411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4364
last-modified
Sat, 06 Jan 2024 12:19:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65993750-110c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=620lyf4JPXiuJHFgomULxCJXIv%2FWjMaLGvYd4FMYAOZlH7QSEPvzy%2FeUgiZxSmMo42%2FTgZ7GUtRmHizJZLEcVKvpaRvjDCQKKgz7omMAifbdpVomVoY1%2BGxn1ojb8oEMPWzBiods"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a27cd3bbb6cbb73-FRA
expires
Thu, 03 Jul 2025 08:11:20 GMT
sanitize.css
lp.cybeready.net/Forms/Google/ 		475 B
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/Google/sanitize.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a449b4722f14af5cb2a4bcc627a7c324c804147feab1e56230a9712131ce116

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYESWKCBK8XEX8H0
cf-polished
origSize=1022
x-amz-id-2
duseDDdN1SOXbeipc0j6u5UvVvozmuNMUxhxdff1O6IHGsXjUO9OLjeaQ+ZbMwdwJlzy+ZPjrRY=
cf-bgj
minify
last-modified
Sun, 07 Feb 2016 16:12:29 GMT
server
cloudflare
etag
W/"4023fc4c0be2a30c1eafd0903d5f471b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4U%2FLY6zGwnNMxFqeDSB%2FIBVe22SD2XQlltNcz0tP2U%2FN3zKm0o3S7TxIU5lgHioJUXLnVSqYRsH2Lm4jrAiVVUwcwIPITYrigwaL4%2BJXzlawnGZ%2B762Q9J8CMoUTzgZUwO5%2FiYtcFkQ8DyXjjIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a27cd3c1e2d71d9-FRA
index.css
lp.cybeready.net/Forms/Google/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/Google/index.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c4448aa54b38018d193bb1b285454bf0c81be06d9caeb3dd1a9f0dbbf74b93

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYEZ2N379RGDQNWA
cf-polished
origSize=3883
x-amz-id-2
IzpKhKS9xOEBQvLi0Hpq/Ma5IwUQkFGIYs/IveFXSaH9lpCPhy0M1pM/jJUwGrXt/oKQyVdiRVs=
cf-bgj
minify
last-modified
Sun, 07 Feb 2016 16:12:28 GMT
server
cloudflare
etag
W/"57e393e42d12341ec78e469610dcf93e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMlfK19PcynsUwaUMPuUKHjuhHKRtg%2Fp9RFPg%2Fq8x2Gu%2B0GLSx0atxYXDqoocrPG7r3w2l0K64fTgxA2MlGV5F6YC58VMGtnwFOm5SuT7XnsusVirFYn5P2sVt2APQj1688UN7jIlFRQvKMaCyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a27cd3c1e2f71d9-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
68978
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26660
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boZswn1EaJ2%2B1gG2dvCDHVqv4b0CH8InMt9bZGTugZO1vAiR4qnbtvlrql4mblzuMkSTmNWBalU%2B%2F9r3Izbq1lI0p%2FBY%2B2dSqaCw0QD%2FMycB8XCo1A8NsnPnuDmNSMeyYovXAzD0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a27cd3bbb72bb73-FRA
expires
Thu, 03 Jul 2025 08:11:20 GMT
validator.js
lp.cybeready.net/Forms/Google/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/Google/validator.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb7cb711f8559684e29273a8cb879df8b150fd7569b75daca0222889bf6dd5f

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYEWWTPFQVGVQST2
cf-polished
origSize=1515
x-amz-id-2
OWLuyDVgROIc44APBisJrjsQxac/vZ9fqI6tiRk6o1qOW1ItyWHJAOBKVfN6sGvIba0a+Lg+QHo=
cf-bgj
minify
last-modified
Sun, 07 Feb 2016 16:40:15 GMT
server
cloudflare
etag
W/"7152564fdc6195c26cbe4e2a7430631c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItfNf%2FxsU4VM8RHI87wA1jSgoz1SfABSJZXUFvazQ7p9tOfmNBN7Qr%2B%2FdbroidhXR0g20%2F31ALjYyH5tw0Z%2BNI5pLYrfvakIQ92mPWiKw7A%2F5yNA1gKo%2FXBSACws7%2BaHp7oXnWHD2IaHSuSUonw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8a27cd3c1e3371d9-FRA
landing-page.js
lp.cybeready.net/common/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/common/landing-page.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ECVNX7Z76G7MCAWT
cf-polished
origSize=7666
x-amz-id-2
ri71NqSlZRwPsxg+aLBsirLTI42V5D17DLlm3hej8yMNKc1//kh3lqmkI/K3b2MjhBdvh95Xe5A=
cf-bgj
minify
last-modified
Thu, 19 Nov 2015 18:47:02 GMT
server
cloudflare
etag
W/"dc85792ec27e1c3bf02af986d07c81eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u19l%2BglW6uq%2FaiRYn4wItEArfMFpUXo9D5ZoJPiIUl8YfITOFsSxZXqq%2BevwDTVazOHel%2FsNbffAUSwmCe%2F7pd8wRowinfpWgd2mZk2sPQ%2BX%2B%2BrHWo8bJv0TKoAnpVIW6ahpH02kEBSpFzBSwIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8a27cd3c1e3271d9-FRA
logo.png
lp.cybeready.net/Forms/Google/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/Google/logo.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f75b559a72868bf11e4bb75ea6834d7f158eca12bac649fd43474b97ad9908b

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYERVWADZQ2RX7QY
cf-polished
status=not_needed
content-length
13804
x-amz-id-2
XyX+OdSrn6amwe/TMWzD8beEL486RNaa9/VavTZBziaGbGHELBgtBHJ/kEOGvp2C+GIdJXxdR3I=
cf-bgj
imgq:100,h2pri
last-modified
Sun, 07 Feb 2016 16:12:28 GMT
server
cloudflare
etag
"9a344d6cdd66f3fa4c3edfcb3b6faf1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1tOctxvd4Jm9khB2YgoTuCnP%2BnTDlv2u9%2FSozTYXSlZf%2FAiTEtKLy3HuwTr3Xsl213dKwjvbQJGFlnLkzZ%2FIjKjWFOfA7UTCZgswPEtigUS8BG12upoImY2SYLa%2BMl9tts5241bn9xEZsYV6bA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a27cd3c2e3471d9-FRA
avatar.png
lp.cybeready.net/Forms/Google/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/Google/avatar.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6aa7fe0584c975a9d8140a65fc55363d1b68f9230f61f95c616456b1c4c2d66

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYEZ06Y0EMDQ15XN
cf-polished
origSize=2016
content-length
1264
x-amz-id-2
hKg6DI6c7DowTnKM/AZh7Qfz1q3jl+kga8fbnQ24gKvlHmi43GtpS3sXtPm9gbN8HXG62ulumGs=
cf-bgj
imgq:100,h2pri
last-modified
Sun, 07 Feb 2016 16:12:29 GMT
server
cloudflare
etag
"2787a6ef71bfd34b5bb1f37644ef91a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJ8GdRairyq54gtAtlxLjtMBkdq7vtwAgCY6i%2B47yAJCVMkRbdzTNjxWHa8tgqtaJg3CIWr0EXl7FV%2FAkahUz0SDCcO8nXMAY1BFK0P%2Fhq2nX9pn%2FJay4kf%2FJw4dDXiS3buI5oYWsV9P9PRu8HM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a27cd3c2e3671d9-FRA
bottom-strip.png
lp.cybeready.net/Forms/Google/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/Google/bottom-strip.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208fb771d3dafbd219456ad23ef9a81b7c0b2c66d415558eaad37aa8e73051e8

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HFJNJMH9RGMMMPD2
cf-polished
origSize=4285
content-length
4230
x-amz-id-2
8Lp3goVo6CQrrivUQF+ChmJJGmZmhKWto0yUSdweLFD5D63aioPbM/OaCu4Gu85BtX1aq5KGdAo=
cf-bgj
imgq:100,h2pri
last-modified
Sun, 07 Feb 2016 16:12:30 GMT
server
cloudflare
etag
"c8e020fb658fa746845c385029c552f6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7aucz%2FgmFTJcHgFRrh3TcwF8GoyrtBMJ4%2BIeMCVPY%2BqmSrWDnG1YyxWDMQ3DqFlDoQeGmN7j8ZryWepCvo0g4MWSXJwL2ZOqoinLz7EkaG9YRruKSLrrDocORUxa8PLFOpoUE0cWK%2BzoZ%2FXH8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a27cd3d0f2071d9-FRA
universal-language.png
lp.cybeready.net/Forms/Google/ 		160 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/Google/universal-language.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12481dc4ca9cbeec872bf3c82d33640c8caac92d4ce9f394907287cdcfb316a3

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HFJPSBJ3SSV5VS8Y
cf-polished
origSize=199
content-length
160
x-amz-id-2
Ra0AZ8qfUG+5lPPkywSlf20CGp+9kbSqPRWMEwNgkd/tbrXbozTrPZTpQ2JzR/QvuEkG3AfhDls=
cf-bgj
imgq:100,h2pri
last-modified
Sun, 07 Feb 2016 16:12:29 GMT
server
cloudflare
etag
"4a2d1168a691747daf4d22e0dc483958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xg2rSkyEaL7iyfbnmVDYKtH5W9K4riFyo6dIkwz1VFMCb7Ts3lTcxCEVf2mtypDeTuDhMUcNFbcL2ToM2fS213zjsyq1IJ6tY6w8Zkj4979m2QbrBIak6Q6zBCzOg20PceH%2BXDbgSsRFuGAiI3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a27cd3d0f2571d9-FRA
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext
Requested by
Host: lp.cybeready.net
URL: https://lp.cybeready.net/Forms/Google/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.cybeready.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 08:11:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jul 2024 08:11:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zyexx.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 09:37:33 GMT
x-content-type-options
nosniff
age
167627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jul 2025 09:37:33 GMT
main.js
zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 95A8
Redirect Chain
  • https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
Requested by
Host: zyexx.com
URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Protocol
H2
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b659e4ebeb57a47ab77ac49b6f305faf3c14d5a31f4a2ed2f992e8673dbd6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4xAe%2BWXXKMLDyriiWfNbt9LksJX2vMGVSOzEJKn%2FPq51vmFhExwu7jZbvAJd6TR%2B4jZd40jAhqU%2Baxufk4yq%2F1%2BBQlbZIe4EdIZigVggxX4WBV4xRiPksU2FzUrQkQP9niYnJ3B0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8a27cd3e0a8a5d8a-FRA

Redirect headers

date
Sat, 13 Jul 2024 08:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTV0jUfy%2BFPy%2FgjEmULi70Z7XX%2FbIDTIL16yBrCqiqxKiqZ62zbPCy5JRQm68aYYegLJPYs%2Be%2BRPRrcYMeQjPMMaiyByS4rbE5VlZ46iO5qAz6AglTYy8rG70cuRoj8khdxKlPh%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
8a27cd3dda5a5d8a-FRA
content-length
0
8a27cd3a4ea65d8a
zyexx.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 95A8 		0
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a27cd3a4ea65d8a
Requested by
Host: zyexx.com
URL: https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8a27cd3e9b075d8a-FRA
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ik9NZEjASKKXml6UI3FbZmjI4jft%2BhQYE6ESnBPlRH5HNin5v3swy6mU6kYqzuMdsH7P7cnlGKa3QxXpNC%2FZd30K%2FZhxC4rSSUtCJ1nbznG13RAuOO5Acw0R1L0ycbrn%2Fx030mdjCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
81301d6b4s42174718ia49ee26fj1074463e.html
zyexx.com/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
json

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ox%2F18H6fraGH6OdiQQO%2Fr8KISiLt%2B%2BmAEKfkfisJNGgOU9rw2ajmCjKPRUX5bT1QN6eb9TPkYQdLlwQ7Rpn1OP51za5NFJ3oPUJEuvHquDBtJhlp1v0nPpk%2B7k%2B2FhPFUSyQX6yM8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cf-ray
8a27cd3eeb5c5d8a-FRA
content-length
0
favicon.ico
lp.cybeready.net/Forms/Google/ 		361 KB
61 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/Google/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c548bf6a753980c9c37fc84319afec33c3178830a61bffb7daf58ba065c5043

Request headers

Referer
https://zyexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 08:11:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 07 Feb 2016 16:12:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
85Y9PAPMRJAAV3CB
etag
W/"f697de3c84903b1a6605d5372d6db308"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUw4DAC1Btdlc%2BRevu3RBeni%2FHp2Bh7MeGJrYWyKdzN4D%2BeyPii9ZoVcxVWT8Qos49VCs0GyCdD4J9jT%2FQwILpXhG8fQ%2BMr5qSIHgWtVwMPJ5WLF6ezEe1CfeJ%2BXzUqyi%2BGxOdiVziUes2bHzUE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8a27cd3ea89f71d9-FRA
x-amz-id-2
a9qTrMbMA8PoBxhzFfOoaDUlipVSdgTWYDwkizMW3HfbEEz63pR3INlZTjgVqztdI8uFKoE7V4Q=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getcrrid function| $ function| jQuery object| validator

2 Cookies

Domain/Path Name / Value
.zyexx.com/ Name: cf_clearance
Value: o7_lZJc3DJ4fn_0jrNrbryQ7.dKfJhBVtjuly3evkaw-1720858280-1.0.1.1-ALCKmTFvksaNPvQehx9vVyD96GyDmN0.TbJyfVkaLNwWO5z.w7OVQ1ITL6KQLB86_wGAtCErT29aOfP9PsMBjg
zyexx.com/ Name: requestid
Value: 67ebd77d9dbb361db5cd1c96f10e2000

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://zyexx.com/81301d6b4s42174718ia49ee26fj1074463e.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o