urlscan.io logo urlscan.io
SecurityTrails logo

zyexx.com Open in urlscan Pro
2606:4700:20::681a:173  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Submission: On December 26 via api from BY — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::681a:173, located in United States and belongs to CLOUDFLARENET, US. The main domain is zyexx.com.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.
This is the only time zyexx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains		 Transfer
8 cybeready.net
lp.cybeready.net
203 KB
5 zyexx.com
zyexx.com
8 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
32 KB
14 3
Domain Requested by
8 lp.cybeready.net zyexx.com
lp.cybeready.net
5 zyexx.com 1 redirects zyexx.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com zyexx.com
14 3

This site contains links to these domains. Also see Links.

Domain
login.microsoftonline.com
Subject Issuer Validity Valid
zyexx.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
cybeready.net
E5		 2024-12-08 -
2025-03-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Frame ID: 38FB38B83A61A5CF990E23D2D5F89D38
Requests: 12 HTTP requests in this frame

Frame: https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 1C9A24E8015AF9B950661040DD7B91B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

242 kB
Transfer

341 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c9668b2b2d9e4a431eh8bf2b958o34789282.html
zyexx.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e32e146362fdc0a0f06a884904cb9f1f9180e8061f1ff3314a6ffcc0b36a85a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f7cd956ba070412-MAD
content-encoding
br
content-type
text/html
date
Thu, 26 Dec 2024 00:10:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEW0aB9UxBjeSQizk5yWmFklWOOX33Oni5n1qseVExj8F5aEo0RePVn4TYpwOEMnGrt4oaUKwBohFumha6M1X1ej%2B%2BXGVDqPrFg9rTs44oHAeV0sFe9gBhOz5eEjklMm%2FFTF%2F9hhug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=31801&min_rtt=31782&rtt_var=5052&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3982&recv_bytes=2402&delivery_rate=126990&cwnd=253&unsent_bytes=0&cid=5cbb32b14a854621&ts=249&x=0"
x-amz-expiration
expiry-date="Fri, 24 Jan 2025 00:00:00 GMT", rule-id="DeleteAfter30Days"
x-amz-server-side-encryption
AES256
x-amz-version-id
SHrTIi.s4bcWC.8UhJ6C5RONCYWAke5w
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65993750-110c"
age
125128
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFRz2RjzQJgKT4eZfS3Q0sHiRQ3VDak5RnLsFZpiG5i07NeZpsxZBPGCVSpJwKBLy3v3kRPtGeVCSY1HJafQm4jXRXKKyg0JBrpgc%2FQA%2B0pNyBpZHpu%2Bu0Y3fkJboGUqnbOSxxbe"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 00:10:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 00:10:38 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 06 Jan 2024 12:19:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f7cd9588af7ec99-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
4364
server
cloudflare
sanitize.css
lp.cybeready.net/Forms/MS-online/ 		1014 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/sanitize.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbcaf87f11820009d2578b4aba2a9d2c4b9d3c79141076c792567322bfaa8d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"61d79c3e015865ed0bca45e77eeac723"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dpth6jtDmSNe9KNqjCupwK1BimzoHXX0bvg93XtHdCipRlTlWTUMILdnJ8E1%2F739x43v%2FLFwQw82OuJ1yWbLXQPPCP9e9YR5GtLYyn7G%2FJAFFImPvVkZDpQcncaGvZ2rKeHumtE2lEVfEusRVlc%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=37065&min_rtt=31717&rtt_var=14362&sent=10&recv=17&lost=0&retrans=0&sent_bytes=3975&recv_bytes=2633&delivery_rate=127257&cwnd=254&unsent_bytes=0&cid=e49d257479663fb2&ts=165&x=0"
date
Thu, 26 Dec 2024 00:10:38 GMT
content-type
text/css
last-modified
Mon, 09 May 2016 08:37:44 GMT
vary
Accept-Encoding
x-amz-id-2
u/qJYbJewPxz/QmlvjjnELHAgs8TXx6QudG8G3OayoYFfMw0njQPCT14CULNTGYnQ3rUQLhKwn0=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3T3XVA6K526R8NKH
cf-ray
8f7cd958d89cafe9-MAD
server
cloudflare
index.css
lp.cybeready.net/Forms/MS-online/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/index.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37832d133cb6c732bf679240fa023e1fdb4cf7c47e11c00fd4fe5d7f4c92be91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"f381725154f2d810562dc42f32c6bee2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xd6L6Whfg0zRIcjv9fEvAVz2wyjb%2BMQJWY%2FeqWNft%2BaK%2Bz%2B2cvApEyCoH5by4vef0hPsBuNKE%2Brd8ouUe7HCoWswraxlUs6hFcYGlA1Xk1FjoQNBlhRonO5IrqxML4yorGLhaIJmFfcCxpJvJ3Q%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=37065&min_rtt=31717&rtt_var=14362&sent=19&recv=17&lost=0&retrans=0&sent_bytes=7721&recv_bytes=2633&delivery_rate=127257&cwnd=254&unsent_bytes=0&cid=e49d257479663fb2&ts=180&x=0"
date
Thu, 26 Dec 2024 00:10:38 GMT
content-type
text/css
last-modified
Mon, 09 May 2016 08:37:42 GMT
vary
Accept-Encoding
x-amz-id-2
H5bTkCSOMeVKsfJHJaRexWWcwZsu1kB74WRZ9b1cj+8I0lRdZ874EXgZxcXcPTo1/h9OPZuUFoo=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NQMVB6WD17K7BF4V
cf-ray
8f7cd958d89dafe9-MAD
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-14983"
age
70551
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pb0yivLY08OP%2FbLf6tqFTHISSC%2FcU89FwinUk7wFYaaSzjZv4wLrkHP2Q0NeBgY3anF0TIeySFMeTByEVgDcEAyxcEPLi%2F2PICBlPa%2FjST4%2FoyVafNd4r9APfg5ba3m3MCh7YZoA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 00:10:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 00:10:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f7cd9588af9ec99-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
26660
server
cloudflare
validator.js
lp.cybeready.net/Forms/MS-online/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/validator.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f415364d3dbeaa57d1f456e4101b5e08aec9d92e4927a79bdde37d83e2869e6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"844cb6b1728575eb4bc8bc531bb5a4f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHALmDwtbe%2B0ji49BMlNkbLsEKVB0csosf6v2medEjf33I3N2tguM7y6J00Lg%2FVxDjxZx2gGUzimUKHFJ1hBc4yuOip4PLY9oBJGoIxHpQmTAqyXAOylbsDmFkzjZ5b%2BepZREYhbWZIsite7%2BmE%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=37065&min_rtt=31717&rtt_var=14362&sent=16&recv=17&lost=0&retrans=0&sent_bytes=6529&recv_bytes=2633&delivery_rate=127257&cwnd=254&unsent_bytes=0&cid=e49d257479663fb2&ts=173&x=0"
date
Thu, 26 Dec 2024 00:10:38 GMT
content-type
application/javascript
last-modified
Mon, 09 May 2016 10:28:26 GMT
vary
Accept-Encoding
x-amz-id-2
UUHWOiqEgK6S14ILID2O+lnadpLNfr35jlYKLhkOJOi2nV6Pk0mg3RwMd+lcKvQD5KMnvRzDywA=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4BHT5RQ00SVD0DET
cf-ray
8f7cd958d89fafe9-MAD
server
cloudflare
landing-page.js
lp.cybeready.net/common/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/common/landing-page.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05334d2ef10e1f535203cd1257989fbaa79462c0744a105853eb37cbacc259f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"dc85792ec27e1c3bf02af986d07c81eb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjmw4zenjxRCBZoYMnC6oDM%2BQSSup5dlkZTVjgVEYN2RttoYnlWF72WH5zl%2Fxm1rSU5fx0WGqvDOOB81UdsRcYBgIqlNJ2zBCjujMF89B2pP0MVrAapgCvQqA6RKaWEutrSKmZrxnSW%2FMhKu%2FEE%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=33210&min_rtt=31705&rtt_var=2403&sent=25&recv=29&lost=0&retrans=0&sent_bytes=10793&recv_bytes=2633&delivery_rate=351736&cwnd=257&unsent_bytes=0&cid=e49d257479663fb2&ts=220&x=0"
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
application/javascript
last-modified
Thu, 19 Nov 2015 18:47:02 GMT
vary
Accept-Encoding
x-amz-id-2
IA/8rtIJiElmxg3L6ogUkG29SstpzLtCVXUCauJ/xcZ3Qa+KPOO5js4WCglrbmK7XnOsJCTMMDA=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SGBEDG2B38P7521Y
cf-ray
8f7cd958d89eafe9-MAD
server
cloudflare
bannerlogo.png
lp.cybeready.net/Forms/MS-online/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/MS-online/bannerlogo.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8d43f95c8743f71d53a6ca3d5dc0b3d2c29e96b7c565e52cf5a86c416c2400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"9f09a27d4f69b3557c7433574a29d726"
x-amz-version-id
null
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoNuaFw6GcuYjUnNf0U0b25w2SOzciEKjrfn0O%2Bd7erX596WcSMJMbGxsEPXDHZ4XQLYceeP7Z0wdeG8VMrWbsIUGYRjYzQUra0WLwGzP%2F0DRNKzMTzTdAJ9D8z6OMNJK5gzfflmB8Q6%2BEGdgQw%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=4585
server-timing
cfL4;desc="?proto=TCP&rtt=34615&min_rtt=31717&rtt_var=4886&sent=22&recv=23&lost=0&retrans=0&sent_bytes=8970&recv_bytes=2633&delivery_rate=219967&cwnd=257&unsent_bytes=0&cid=e49d257479663fb2&ts=202&x=0"
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
image/png
last-modified
Mon, 09 May 2016 08:37:46 GMT
vary
Accept-Encoding
x-amz-id-2
zsBa/WpMx2LMXJA63lX51hk/dTrnhzNEWVfeM+d1L2w3bpf4oX1LrVaO5kNGaEoSNlr93LRFuYo=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
38VZ87H2KG2MRYZF
cf-ray
8f7cd958d8a1afe9-MAD
accept-ranges
bytes
content-length
1024
server
cloudflare
microsoft_logo.png
lp.cybeready.net/Forms/MS-online/ 		653 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/MS-online/microsoft_logo.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f58f0f3a9d3cad69e0d008d752af773b81a2d29f92c855b796dc2cc3a8813f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"e4b675007dc6492ee590131d1f7dfbb3"
x-amz-version-id
null
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CyTeEQfe5OrSYEU2KBY7Fct1YdOMvPDesNWsl4zFYTgLj%2BP64I49UBreP1BHs43tVLX%2BZT4v7k%2Ff7klPiv2vrWKS5Xo8xCSOsnzigx6VAx3rSyUFrBWx%2F2ryNZDxpLWelca935Znwigm09%2Fh0s%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=1040
server-timing
cfL4;desc="?proto=TCP&rtt=37065&min_rtt=31717&rtt_var=14362&sent=13&recv=17&lost=0&retrans=0&sent_bytes=5205&recv_bytes=2633&delivery_rate=127257&cwnd=254&unsent_bytes=0&cid=e49d257479663fb2&ts=169&x=0"
date
Thu, 26 Dec 2024 00:10:38 GMT
content-type
image/png
last-modified
Mon, 09 May 2016 08:37:44 GMT
vary
Accept-Encoding
x-amz-id-2
dZ7fJgkDHN6ewNAlI9dXD7hKdaSZuIor+gV9cNwTWLzhR3EV0pUNo0H83SqkwFDkQjrgqTi93f0=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NQMZ5S41MTCNVXTX
cf-ray
8f7cd958d8a0afe9-MAD
accept-ranges
bytes
content-length
653
server
cloudflare
heroillustration.jpg
lp.cybeready.net/Forms/MS-online/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/MS-online/heroillustration.jpg
Requested by
Host: lp.cybeready.net
URL: https://lp.cybeready.net/Forms/MS-online/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d07ffc8f9e7620f82bbc8d3930ebf428f185d6d3f8cde05580ecb3530c5bbea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.cybeready.net/Forms/MS-online/index.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"65283b123eb235e6176ae98c02ac5b1c"
x-amz-version-id
null
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2I7sanoQ4IsRmtZdv3OOeGWa3d9UnyuL7E6l%2BeMhclSdaQ8GN9py0%2BNNXANxq3g1pd%2Bzq65hl%2Fz1WSVqAgzSopE3zzT9PNkhVJE53ITrU9DivYSBdpmB9VCeirm17BSjERGtiLaum%2FE9sarG%2FLU%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=203294
server-timing
cfL4;desc="?proto=TCP&rtt=32420&min_rtt=31705&rtt_var=1230&sent=30&recv=36&lost=0&retrans=0&sent_bytes=13577&recv_bytes=2750&delivery_rate=365069&cwnd=257&unsent_bytes=0&cid=e49d257479663fb2&ts=381&x=0"
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
image/jpeg
last-modified
Mon, 09 May 2016 08:37:52 GMT
vary
Accept-Encoding
x-amz-id-2
Sx29ApAwdSiWoHCl7bywaxS+d0PzCyoBh8mUlfG2peXD10WRhA96bMA2VZZOzM9mRYgsekgWQ0A=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NQMZ7TXPDZWSWV1Q
cf-ray
8f7cd95a3abdafe9-MAD
accept-ranges
bytes
content-length
196768
server
cloudflare
main.js
zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 1C9A
Redirect Chain
  • https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Requested by
Host: zyexx.com
URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Protocol
H2
Server
2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bebcfb085c6a7a66f15ed856d4c9c5a2cb7e9eeb9fba899a4ab0bdebb3c38813
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VellImy6YdFq7Pjk%2BVd0yg5BGzsCDeiwH9VXSjOtpOs2PG6W8auFknGW8ecYlfhACXLgdq5mfH%2B5krRHMDfkfWAfx%2FqHUsqDaJcoC31hadSou4ojlL9nke3PTwaJAvChKxALOrS1CA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f7cd95a8bcd0412-MAD
server-timing
cfL4;desc="?proto=TCP&rtt=32019&min_rtt=31768&rtt_var=3275&sent=11&recv=14&lost=0&retrans=0&sent_bytes=6631&recv_bytes=2639&delivery_rate=127037&cwnd=257&unsent_bytes=0&cid=5cbb32b14a854621&ts=652&x=0"
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkYJaO95sFfjH21BO3KqKkdpUtkngGsUfgOFXHbDStDOI0KeDX123BVhwvrYLpGyPEL4MVCZO1pQNWRuVrYj9Ukoeiq%2BalnY3G%2FBu9KGnE7zcQSrGuKA3rOm3P3YCFyewgPpVSoWIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7cd95a4bb40412-MAD
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=31805&min_rtt=31768&rtt_var=3797&sent=10&recv=13&lost=0&retrans=0&sent_bytes=6059&recv_bytes=2543&delivery_rate=127037&cwnd=256&unsent_bytes=0&cid=5cbb32b14a854621&ts=611&x=0"
content-length
0
date
Thu, 26 Dec 2024 00:10:39 GMT
vary
Accept-Encoding
server
cloudflare
8f7cd956ba070412
zyexx.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1C9A 		0
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f7cd956ba070412
Requested by
Host: zyexx.com
URL: https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EtR05CMOpLrw5M8VJcsoY2Z2JhKgTQr9H9jly4LVdPGhQfVY4IS8TB9hjOXDwX3UgIHk1a1FzRnsX4VgyT784qaoP%2FnnV63OnLhErbLh3NDv8z4uLrmoPhfaAO8yOgX2q54ouFr4dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7cd95b4c350412-MAD
server-timing
cfL4;desc="?proto=TCP&rtt=37745&min_rtt=31768&rtt_var=12959&sent=24&recv=31&lost=0&retrans=0&sent_bytes=11297&recv_bytes=19127&delivery_rate=253423&cwnd=257&unsent_bytes=0&cid=5cbb32b14a854621&ts=809&x=0"
content-length
0
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
c9668b2b2d9e4a431eh8bf2b958o34789282.html
zyexx.com/ 		0
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3btOG07%2F2jgZYMg3L%2FKZxDX4WsXNwPCOBqp9jmyY73ZFYNBmm4TJzC2QYRsXubuN8B%2FpTq%2BbAxFZ%2BcBtQmJvvO6s2SutAx0b8YfJVjtryO3f%2Bg%2BosuzsE%2BxBxo5N%2Fpznd1uG2gC5xA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7cd95bac570412-MAD
server-timing
cfL4;desc="?proto=TCP&rtt=36999&min_rtt=31768&rtt_var=11211&sent=26&recv=34&lost=0&retrans=0&sent_bytes=12302&recv_bytes=19384&delivery_rate=253423&cwnd=257&unsent_bytes=0&cid=5cbb32b14a854621&ts=880&x=0"
content-length
0
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
application/octet-stream
server
cloudflare
favicon.ico
lp.cybeready.net/Forms/MS-online/ 		17 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"12e3dac858061d088023b2bd48e2fa96"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKEgl5VN8xWXH6OjWs00wMZ5U3oO9lbdNWT2i6R3A%2FUNHrfbgIYWblZORSKQnJKf%2F6SK588xuhcDzGdrAaVkE4UP1W402qjHGs%2B3aqpfwbiCn2AvEr4HHD8FfDcDfidTrhdbn9Hu6otHi3w%2FSTo%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=32378&min_rtt=31705&rtt_var=349&sent=192&recv=98&lost=0&retrans=0&sent_bytes=212596&recv_bytes=2826&delivery_rate=2815791&cwnd=273&unsent_bytes=0&cid=e49d257479663fb2&ts=604&x=0"
date
Thu, 26 Dec 2024 00:10:39 GMT
content-type
image/x-icon
last-modified
Mon, 09 May 2016 08:37:47 GMT
vary
Accept-Encoding
x-amz-id-2
4jgGbdWegliGKXtJ0JBVQHpeMPfamkOy4bzETFWWO9Bllsl35jTdGIZ2XpCHi+iMiKR7pcOhK+I=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NQMR95CXRT2HF5S7
cf-ray
8f7cd95bace7afe9-MAD
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getcrrid function| $ function| jQuery object| validator

2 Cookies

Domain/Path Name / Value
.zyexx.com/ Name: cf_clearance
Value: M_qeK6lFa.FPKk7sBMPXfMcN8gTe5sAo9QWmrfv113c-1735171839-1.2.1.1-S4vcv0afyST8eVVdjteKqavAcX7yR_ntpbHQLMKCtvz3LRhKNeGyjosAVZarnpZiG6Cf4XgRO0UoJNSlpJ5oPEVf6bmm4hFLpiMdS2g7DM1CSHupOFY39oqkl92tGKgUALStDwIBCEYSaONU9Frrfp_pBz_KlOS1xESlAcY0JroK53RR1vlzUCKZiPgD8GRvRp6YdYsWS7z9hgQ7FcaAGlqSAtqjVwyWQBLte8Vhkcs6XNDfwM4PvBnjZHayU2Sv6LdR1ZDHCHD33WPF4O3crlboHglFX9FoB.4AWHF.1GlLxTcuWSSaBh96IHhBB149yZJ4OPZbkDAH9ouGAEZJ5d76t9WClLM7zzNK4q52KyaI_8GC..ZahemrVKpbYenF
zyexx.com/ Name: requestid
Value: b47a16eba003573b366a447caa503bf2

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://zyexx.com/c9668b2b2d9e4a431eh8bf2b958o34789282.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o