urlscan.io logo urlscan.io
SecurityTrails logo

zyexx.com Open in urlscan Pro
2606:4700:20::ac43:49dd  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Submission: On December 04 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::ac43:49dd, located in United States and belongs to CLOUDFLARENET, US. The main domain is zyexx.com.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.
This is the only time zyexx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains		 Transfer
8 cybeready.net
lp.cybeready.net
202 KB
5 zyexx.com
zyexx.com
9 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
32 KB
14 3
Domain Requested by
8 lp.cybeready.net zyexx.com
lp.cybeready.net
5 zyexx.com 1 redirects zyexx.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com zyexx.com
14 3

This site contains links to these domains. Also see Links.

Domain
login.microsoftonline.com
Subject Issuer Validity Valid
zyexx.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
cybeready.net
E6		 2024-10-10 -
2025-01-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Frame ID: 6E33B129F0344213B36531AEE4A8B295
Requests: 12 HTTP requests in this frame

Frame: https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 92F1C1E60A737315E58A8DC8353CAFB6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

242 kB
Transfer

337 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c65ea9b2adf35e4f49h93c66383o1abd5251.html
zyexx.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a044c4755b0147547a17c1895db6b3e51c04491ef916fc6f5c0da36ad7e96dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8eca0399c89ad128-CDG
content-encoding
br
content-type
text/html
date
Wed, 04 Dec 2024 07:16:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqAkFHlqCPT8JPv8kZERDX35l33OQTpjx7nOUk7U2O%2BPWWuBSzsVt29pSxdISJxX8SZp1yOnYTbQ8KXxFhJnw3M4NmfD%2BZ8yKyTxFfcDvhmtvWsytrJbxaRFPcy%2B8%2FLCC0zmNXInGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=17754&min_rtt=14824&rtt_var=4917&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2307&delivery_rate=250092&cwnd=254&unsent_bytes=0&cid=aca679d77aa3f607&ts=262&x=0"
x-amz-expiration
expiry-date="Fri, 03 Jan 2025 00:00:00 GMT", rule-id="DeleteAfter30Days"
x-amz-server-side-encryption
AES256
x-amz-version-id
zmA6sswZ86zczCKOkcspeK6_3netG5Rs
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65993750-110c"
age
365912
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJREPe4uJ1g%2FEPNzF0%2FCyHobLq3gaAUj41wM2gJFgQeMx3%2BjUnZ%2F7CpIm5Hrl7S9sFDC%2BQbI47yJ9elzhxy7ERq8aU7jOa8JS1mbtR5bMbHu2CeF8QZvbJwuZ9i4MVIhGe8TAW5J"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 24 Nov 2025 07:16:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 04 Dec 2024 07:16:58 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 06 Jan 2024 12:19:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8eca039bba3fd0a3-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
4364
server
cloudflare
sanitize.css
lp.cybeready.net/Forms/MS-online/ 		526 B
836 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/sanitize.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9b51d07ce50cf3d2e065c34ba5f30d95d75227cd7642ae8d262d6772867e61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"61d79c3e015865ed0bca45e77eeac723"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hO%2BzYk82Anc5%2FX0uQgwj1AG5nCfHTVGAAQe1aduknkwMMR38yiK013vnjVNFjEfGY9DqBbRjotb7XD6WuYeJF6uafteHtl0yozx1mIdbTD%2FpJ5nV9ccuD7tfwkTfuPuy6HiF9vN%2FHbKNG9ZF8W0%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=1014
server-timing
cfL4;desc="?proto=TCP&rtt=15011&min_rtt=13681&rtt_var=2883&sent=12&recv=18&lost=0&retrans=0&sent_bytes=6359&recv_bytes=2730&delivery_rate=276172&cwnd=254&unsent_bytes=0&cid=81987d923ce8eead&ts=220&x=0"
date
Wed, 04 Dec 2024 07:16:58 GMT
content-type
text/css
last-modified
Mon, 09 May 2016 08:37:44 GMT
vary
Accept-Encoding
x-amz-id-2
qPEV9Kvx+by/6Ocr/PHAOxC4nCpkbQI/DZ/Wj8ZOBZCF015R7snJ3LOoJzLRFafSJ4ac6in3Uw4=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0TQGK2MPV58ZMKH5
cf-ray
8eca039c3a20f18c-CDG
server
cloudflare
index.css
lp.cybeready.net/Forms/MS-online/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/index.css
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37832d133cb6c732bf679240fa023e1fdb4cf7c47e11c00fd4fe5d7f4c92be91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"f381725154f2d810562dc42f32c6bee2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXcqeIZfLIh9yJdfErTbBgJEa9HHlzPkVorjOidWbUJZERE4qn30jZc63AoX%2FeN64Qv8qOqEarhHSxdazZx6FDO%2FrRLsLlQRBVSSy%2FBlAWhbprHwd0or23BAQyH0pQ3%2BXfTZuFvnK7WJ0imkiEs%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=15011&min_rtt=13681&rtt_var=2883&sent=14&recv=18&lost=0&retrans=0&sent_bytes=7261&recv_bytes=2730&delivery_rate=276172&cwnd=254&unsent_bytes=0&cid=81987d923ce8eead&ts=228&x=0"
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
text/css
last-modified
Mon, 09 May 2016 08:37:42 GMT
vary
Accept-Encoding
x-amz-id-2
kwvbmdIgfbfn9kIhkERm5he8obk/epIjEXdWASU4YOvy7UiODiLKK63b4y0gbV8HMZ5HVfgyKQ8=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HP22G3ARRVTR53YH
cf-ray
8eca039c2a1ff18c-CDG
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-14983"
age
448542
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUVyY%2FReBwZjO2x1Yk5PJcoGQSQjvE6mrM6zbp%2Bm4MR6CUg5cyOpqIy8%2FPUFNdjpkVsuxtJhFkz5sQXUeLp1Zmuwo0kB2hdvBjnlpuAG4o0qKstmH3uIQMMC%2B%2Ff3o77oIg%2F4nrE8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 24 Nov 2025 07:16:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 04 Dec 2024 07:16:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8eca039bba32d0a3-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
26660
server
cloudflare
validator.js
lp.cybeready.net/Forms/MS-online/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/validator.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f415364d3dbeaa57d1f456e4101b5e08aec9d92e4927a79bdde37d83e2869e6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"844cb6b1728575eb4bc8bc531bb5a4f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1MdX3oOa5jKVehWU98TjmVOq5c%2Ba1tHpiNl2%2FqkVMnWtS2LKBu%2FL2tW86t0XRb1IB4KPpMW5x7eJ1IR7WW6cyA%2BUjN71VRxlNW8WDe1K%2BBREJeDFZq80bC4xD2ynG8xtxYpsI1ZFsxAAg97F0Y%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=15011&min_rtt=13681&rtt_var=2883&sent=17&recv=18&lost=0&retrans=0&sent_bytes=8547&recv_bytes=2730&delivery_rate=276172&cwnd=254&unsent_bytes=0&cid=81987d923ce8eead&ts=231&x=0"
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
application/javascript
last-modified
Mon, 09 May 2016 10:28:26 GMT
vary
Accept-Encoding
x-amz-id-2
cUrbL5rg1KdAT6sZHIOCMOIjCUn2SkHHZaB7kXVMmm2DRg54/duKjvkZq/ZNboXUYrsVWhqnPEk=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
75NWEB5H2D9A4YRP
cf-ray
8eca039c3a22f18c-CDG
server
cloudflare
landing-page.js
lp.cybeready.net/common/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/common/landing-page.js
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"dc85792ec27e1c3bf02af986d07c81eb"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbeA5PykwUbTwKePi%2Bre0Mzi9OYsZXG77FrNVjBuT1djVdbBVICKHM69ZWhP5n3AZz0%2Fv5jx%2Bsm%2BuyHulffkXV77VZzs7o1eisRFkT0MQXMgkQr4QSn0jNt8Hz3DwoQL2d0Ni4PzYzlJwuMaff0%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=7666
server-timing
cfL4;desc="?proto=TCP&rtt=15011&min_rtt=13681&rtt_var=2883&sent=8&recv=18&lost=0&retrans=0&sent_bytes=3980&recv_bytes=2730&delivery_rate=276172&cwnd=254&unsent_bytes=0&cid=81987d923ce8eead&ts=218&x=0"
date
Wed, 04 Dec 2024 07:16:58 GMT
content-type
application/javascript
last-modified
Thu, 19 Nov 2015 18:47:02 GMT
vary
Accept-Encoding
x-amz-id-2
1ENwE5Kx0optqlO03zuFtKCTVaPGwmyxWu76kcHf4w6RrAfctT1RxMf/bGeUY7DqqxnDlsA9nhU=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
W8V6DPAA3E2F24D6
cf-ray
8eca039c3a24f18c-CDG
server
cloudflare
bannerlogo.png
lp.cybeready.net/Forms/MS-online/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/MS-online/bannerlogo.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8d43f95c8743f71d53a6ca3d5dc0b3d2c29e96b7c565e52cf5a86c416c2400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"9f09a27d4f69b3557c7433574a29d726"
x-amz-version-id
null
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQdxF16elFEtaqwR4nUS%2BoQFUPi5qLeOnQ1epOSPklbnOCFT5fgiERkr9GTZMGCtg97U0AF3M9VuHeoXXFPquakR5Atyulusyy0%2FXdqpLSN89EK6h8Qvconu3SOxor9bPYfaRlzaPR9kuuqljqw%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=4585
server-timing
cfL4;desc="?proto=TCP&rtt=14993&min_rtt=13681&rtt_var=721&sent=19&recv=24&lost=0&retrans=0&sent_bytes=9721&recv_bytes=2730&delivery_rate=488789&cwnd=257&unsent_bytes=0&cid=81987d923ce8eead&ts=239&x=0"
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
image/png
last-modified
Mon, 09 May 2016 08:37:46 GMT
vary
Accept-Encoding
x-amz-id-2
agpCRHlK+CqHZeBnbUuNGwHa7k6EkBWmQugoYg0bWOdxP9HHVzhA08+Q/JF8d4Bt2nf5rHCBv+c=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1R7MM9CEDYPJGXDY
cf-ray
8eca039c3a25f18c-CDG
accept-ranges
bytes
content-length
1024
server
cloudflare
microsoft_logo.png
lp.cybeready.net/Forms/MS-online/ 		653 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/MS-online/microsoft_logo.png
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f58f0f3a9d3cad69e0d008d752af773b81a2d29f92c855b796dc2cc3a8813f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"e4b675007dc6492ee590131d1f7dfbb3"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gt%2BSRTLfCsDI4IO6DzZD%2Fepf5SLlpZbVRbz9p%2F%2FqBTXuE5JTiO3Co%2BNJIwYrG5bBy767F6WVWNvtNRpQ8sz1VBxM5GTkM01WOikkxsFQpRBWXucF%2BVn1eu3Wt1v6QXSJC39JsZc86XjAujRcijg%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=1040
server-timing
cfL4;desc="?proto=TCP&rtt=14639&min_rtt=13681&rtt_var=913&sent=22&recv=30&lost=0&retrans=0&sent_bytes=11533&recv_bytes=2730&delivery_rate=549653&cwnd=257&unsent_bytes=0&cid=81987d923ce8eead&ts=275&x=0"
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
image/png
last-modified
Mon, 09 May 2016 08:37:44 GMT
vary
Accept-Encoding
x-amz-id-2
Vh2R7PzXSU7NGtnnZK/Hp5nm6RhtCzxOsjLy42ZAGQZ/6Zw4RSrzmOWJMdvUrAQxkR8RQrSOqKU=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
16BPV15KQ28V5TGM
cf-ray
8eca039c3a28f18c-CDG
accept-ranges
bytes
content-length
653
server
cloudflare
heroillustration.jpg
lp.cybeready.net/Forms/MS-online/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cybeready.net/Forms/MS-online/heroillustration.jpg
Requested by
Host: lp.cybeready.net
URL: https://lp.cybeready.net/Forms/MS-online/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d07ffc8f9e7620f82bbc8d3930ebf428f185d6d3f8cde05580ecb3530c5bbea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.cybeready.net/Forms/MS-online/index.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"65283b123eb235e6176ae98c02ac5b1c"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kN8f2kUl8mXRJYe7iiU%2BiSBWdITeuIJdlIuET3ffxbltP%2Fgcq%2FupqbNSk5JnKjknFH26%2FJ%2FgJ5VSHwj6SuZ0lfGK8k8rnT16tX6Qzo35Q7YLwD3m%2FKSyIQ4aEwpwAtVbdp%2F1gU2q0D8qTIymzrQ%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=203294
server-timing
cfL4;desc="?proto=TCP&rtt=14760&min_rtt=13681&rtt_var=929&sent=26&recv=32&lost=0&retrans=0&sent_bytes=12843&recv_bytes=2847&delivery_rate=549653&cwnd=257&unsent_bytes=0&cid=81987d923ce8eead&ts=444&x=0"
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
image/jpeg
last-modified
Mon, 09 May 2016 08:37:52 GMT
vary
Accept-Encoding
x-amz-id-2
54Tn0NH9ygiNHT6D5wzJTlEtjM+S7fE2fNrmGs0x0ZHvC8wO94VY8uFG6n2uacZ+1TBZO2+A5IA=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ERW21GQQ6B286YNK
cf-ray
8eca039d8b06f18c-CDG
accept-ranges
bytes
content-length
196768
server
cloudflare
main.js
zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 92F1
Redirect Chain
  • https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Requested by
Host: zyexx.com
URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Protocol
H2
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56c0dea7427f331d8f74605cc0d1898b24dfd1bd2abbcd025a3a89bb52d9796
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wYoM7U0Cs1BzNNSxrYyGmRgM%2FypseitBt2PonAK7NjN11x0NMRY1rTPesLT1uH7Ybj2F%2FdKas3rypisioNbTzOFDx3awQor9yn610liP%2BAPPJ6mSjlBAxDBhMiRe6CnloLn0YRkNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8eca039e392cd128-CDG
server-timing
cfL4;desc="?proto=TCP&rtt=17638&min_rtt=14824&rtt_var=4062&sent=12&recv=19&lost=0&retrans=0&sent_bytes=6651&recv_bytes=2544&delivery_rate=266192&cwnd=257&unsent_bytes=0&cid=aca679d77aa3f607&ts=828&x=0"
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfRetToVMh4Pj9Iec%2BR0upWMxrYS4xVK0dO4RjvAejLyN7MRFN4EkuBvITaTmzPjAzSS7CJ9UMcsQrZb1c8WNXKcYmHF4g4CO8Tc2GOU7xWMrsuIxl7yNL2O2WleKzd74Hn%2BI%2BwGyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eca039dc83bd128-CDG
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=16880&min_rtt=14824&rtt_var=3394&sent=11&recv=17&lost=0&retrans=0&sent_bytes=6078&recv_bytes=2448&delivery_rate=266192&cwnd=257&unsent_bytes=0&cid=aca679d77aa3f607&ts=761&x=0"
content-length
0
date
Wed, 04 Dec 2024 07:16:59 GMT
vary
Accept-Encoding
server
cloudflare
8eca0399c89ad128
zyexx.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 92F1 		0
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/cdn-cgi/challenge-platform/h/b/jsd/r/8eca0399c89ad128
Requested by
Host: zyexx.com
URL: https://zyexx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6OpthCmliqo0YtK3dRCGXFGErpV8utVUpGV%2B1sUJoMbfLdrUrhRpt9x9e2XGJPcGL9Al2OYGyJPt0GG46vCQlx5AVlzO%2BchhSZl%2Fj7QpVajDKS9XkDZEQFMpB9xvJ2qwpCqOdfqwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eca039ffc7dd128-CDG
server-timing
cfL4;desc="?proto=TCP&rtt=15740&min_rtt=14376&rtt_var=2133&sent=25&recv=40&lost=0&retrans=0&sent_bytes=11384&recv_bytes=19006&delivery_rate=643392&cwnd=257&unsent_bytes=0&cid=aca679d77aa3f607&ts=1133&x=0"
content-length
0
date
Wed, 04 Dec 2024 07:16:59 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
c65ea9b2adf35e4f49h93c66383o1abd5251.html
zyexx.com/ 		0
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VS7gk5GlheIzObJKY8uzyNl%2Bushp%2BhbEth26iIeYuClIwCMfQgGqqDjiD2fhdDdmeocXB%2FgKEyqJ0MgiM2RWfqGyNSYSesEUjHJ%2BoxNwT2DksrquuzA%2FUyICp5VHgd%2F24xahYArzjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eca03a85ac5d128-CDG
server-timing
cfL4;desc="?proto=TCP&rtt=15565&min_rtt=14339&rtt_var=1950&sent=27&recv=43&lost=0&retrans=0&sent_bytes=12390&recv_bytes=19629&delivery_rate=643392&cwnd=257&unsent_bytes=0&cid=aca679d77aa3f607&ts=2512&x=0"
content-length
0
date
Wed, 04 Dec 2024 07:17:00 GMT
content-type
application/octet-stream
server
cloudflare
favicon.ico
lp.cybeready.net/Forms/MS-online/ 		17 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lp.cybeready.net/Forms/MS-online/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zyexx.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
x-amz-version-id
null
etag
W/"12e3dac858061d088023b2bd48e2fa96"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVlsPkbS%2F18R2oWGQzO7UMbZoHQrqWkpz%2FiqitY%2BGQzaV56iWcZgO9kPDltUHYzZI579WwTpe8sTfteT3Bnfu3R1fg4P%2FM0hbGhWfI1Rm4kp5YvM8uvG%2BDwjTrwmXYCx0HRNGMt7IyyxKGI4KSU%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=14777&min_rtt=13681&rtt_var=237&sent=183&recv=102&lost=0&retrans=0&sent_bytes=211864&recv_bytes=2923&delivery_rate=4499721&cwnd=261&unsent_bytes=0&cid=81987d923ce8eead&ts=2237&x=0"
date
Wed, 04 Dec 2024 07:17:01 GMT
content-type
image/x-icon
last-modified
Mon, 09 May 2016 08:37:47 GMT
vary
Accept-Encoding
x-amz-id-2
mR4tKgscAnOthNF5eAlnny3OS5EyqZf05xFXZ8JsC8vMjgLXh9msPuNnKUI7/ytj6mOX94gA1GM=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T69XRD2JKAXV48RF
cf-ray
8eca03a89a8ef18c-CDG
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getcrrid function| $ function| jQuery object| validator

2 Cookies

Domain/Path Name / Value
.zyexx.com/ Name: cf_clearance
Value: w3cJjA8de27pw5qBkhAMrU_v1aL6RBXyPkerFF7ltzE-1733296619-1.2.1.1-ja.nhaEZXGdKGwUz5HjQWmytGddfXB5MtLr9i7igdd6g0xczGdw8BxM_NR4e8Ak7.IKNsYRpuEVAvh_hd17ijD.lYv2ULN7vFEtaoV5pz4dkqm3f36soeDOoL2xJ23Qao3.0skNcy0AlNFmAQIX_MQCr81ZpJBdbrhU2R5aLh2o75MRHNr5CsiPnrzTTQw_wa3ptnCw3UfO0iDV3mC39ifWy.MBaQIw2DGVVJ0ISQcL5.aaYtDQsrA6drP8UOKblswGXUzH14dNJCQ089a.Tp6kBViUALI.KIdE2EXM3ihKHboh.4edcXP.M8NjuO.7fm8qA_VG8Y8mfVyOnEd7mOOzIBffoUDkrhtQGNvKfnfwnkODJTOLfBasFMXfkfj0Y
zyexx.com/ Name: requestid
Value: 1d804716cbf72d1a738f2cecc966e7a7

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://zyexx.com/c65ea9b2adf35e4f49h93c66383o1abd5251.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o