Report - notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/

Report Overview

Submitted URL
notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
IP
104.26.9.237
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 17:46:17
Access
public
Website Title
Sign in to your account
Final URL
notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Tags
microsoft phishing
urlquery detections
Phishing - Microsoft

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
lp.cybeready.net	unknown	2014-01-26	2015-12-30	2024-04-17	3.6 kB	228 kB	172.67.74.139
notifyhubss.net	unknown	2020-04-30	2021-07-09	2024-04-17	3.4 kB	11 kB	104.26.9.237
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-25	893 B	33 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/	Outlook
2024-04-26	medium	notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/	Outlook

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	lp.cybeready.net/common/landing-page.js	4.0 kB	2023-03-07	2024-05-04
Pretty URL lp.cybeready.net/common/landing-page.js IP 172.67.74.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:35 Last Seen2024-05-04 17:32:50 Times Seen371 Hash ac5716b9ccc0d5eb31e94d8c873227d4 39ed1b79df1f4a7eedc7f245f0cabb0618246951 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca Loading...

	notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/	63 B	2024-04-26	2024-04-26
Pretty URL notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/ IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 19:46:17 Last Seen2024-04-26 19:46:17 Times Seen1 Hash 6a0a1e775b893a4eb3f70683248686be 592725ca09754ef83d929fccb4b426463d1f8d2c 506bbac717b4dc410b243225569124025f25e619e2d1a2d741fae43b94cfc567 Loading...

	unknown	247 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 19:46:17 Last Seen2024-04-26 19:46:17 Times Seen1 Hash 281ad5a5d44e5bbec073abeb1d0559fd 8b619a4f4dd5a705505eb16aac7b42c959f6f45e 18048216f418e51d12eae7d9538ec5a1e5033bd5a72e9b04d3b508ac27b08981 Loading...

	notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-04-26	2024-04-26
Pretty URL notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 19:46:17 Last Seen2024-04-26 19:46:18 Times Seen2 Hash 8f9446dd9b85e6d0bb0856d728a44759 5ffb715bd420f0537a0f817cbba81443ecfb2d91 59c1114a621009ca24cee7fbd4cf458a2be40694d739fbe642a226eb9f83ff35 Loading...

	notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/	1.1 kB	2024-04-26	2024-04-26
Pretty URL notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/ IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 19:46:17 Last Seen2024-04-26 19:46:17 Times Seen1 Hash 9366b1941d2ce5e14fa31e5601015bd7 69f8485085d09c73887ac6cb8dc2798c34bcd807 a7bd6b5df1a9f3efe7e7ea09926a1eb59cbf3975984c4b33b33a214265d5bc3d Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-07 18:23:47 Times Seen10927 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	lp.cybeready.net/Forms/MS-online/validator.js	1.1 kB	2023-03-07	2024-05-04
Pretty URL lp.cybeready.net/Forms/MS-online/validator.js IP 172.67.74.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:00:15 Last Seen2024-05-04 17:32:50 Times Seen286 Hash 1fcbee9832d717ec42da9239564aff2b c89b6868b60376a2d519d277eefe80a4b72187dc 531af0d0ceaca3ebdc13b4285eb12ca7089f628a149e842c5a2205b959018e4c Loading...

HTTP Transactions (15)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

104.17.24.14

200 OK

4.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23577)
Size
4.4 kB (4364 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65993750-110c"
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 863895
expires: Wed, 16 Apr 2025 17:45:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PEQEmxnTFDwyWcEY9Fj7VecwGKZjW7%2B%2BbblRXOVIKrAXZ6%2BIN9pFRXcpfrsXh%2BvZNDn0eSLenCwQyMF2ZoYSBook7g5ERIlJd%2BU8pz14T4m0lp0AgHG7jx9AXy57oSNboD9P7CQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a8639808fbb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 954852
expires: Wed, 16 Apr 2025 17:45:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFnnCUkU1kzcTpU%2FvkvmNUPAlVe5LQgoZn4VYrZald7IrW7CNWC0P2jevHDBQEg95ArM7hpbNEt%2BSrgsnykoIU%2F1XjNZxByK61wbYs%2FdYXBdemIzpyrOosrNh1%2Bu3Awtd31Cgs2l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a863984946b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/microsoft_logo.png

172.67.74.139

200 OK

653 B

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/microsoft_logo.png
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 100 x 22, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
366222d8d10fa25f28a5c4b8c738a887
d64ae75cb36ee9bca1076b259ee3e8dc1f3fa09c
3f58f0f3a9d3cad69e0d008d752af773b81a2d29f92c855b796dc2cc3a8813f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/microsoft_logo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: image/png
content-length: 653
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1040
etag: "e4b675007dc6492ee590131d1f7dfbb3"
last-modified: Mon, 09 May 2016 08:37:44 GMT
x-amz-id-2: nuwL9vgbG/ekq/RxW2LQEr28j8DSzrvH3FxL7wr6F8zpO6fbKuJvzN8J9lBR0tO5f31McrZ1/vA=
x-amz-request-id: VTGQNQ6R8VGQHTMD
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjROPbfWPTfJFO6ZA69zfIxuUaVWoZ%2Fii5qcRtzRzUly1utBehTP3uc78HHFro24SlkQux6iSYqYW6tlfoI%2Fk8Lihx9KStiMPfKJMF%2Fukhmlidn4hYW%2FoUJIH%2BcWpgORcb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8639849e9b52d-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/bannerlogo.png

172.67.74.139

200 OK

1.0 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/bannerlogo.png
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 159 x 35, 8-bit colormap, non-interlaced
Size
1.0 kB (1024 bytes)
Hash
24bfcce4b67e345caac4ce3849b26d5d
fd6b6d847ade5480f290cbce319cdee74016d859
de8d43f95c8743f71d53a6ca3d5dc0b3d2c29e96b7c565e52cf5a86c416c2400

HTTP Headers

GET /Forms/MS-online/bannerlogo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: image/png
content-length: 1024
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4585
etag: "9f09a27d4f69b3557c7433574a29d726"
last-modified: Mon, 09 May 2016 08:37:46 GMT
x-amz-id-2: oyREWeQpA7ftqsQ93j0SqJILSposezh8Gx8VKDj4nQorPklo2baX903qbosTcstbY/EGKBy4xcg=
x-amz-request-id: VG7FS237CKAWP6CE
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3dHVKsjfU94525hRcK5paMCvueDgvewseMt%2Fb8tBMSrwEVVvF5QwZIChg2Ik4kbIZ2BeqGtshWMwxKnz05K97ghS79c6%2BZJtVsoAlF712d89N84ds2QZ%2B8nxeo4pFEcQTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8639839c6b52d-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/heroillustration.jpg

172.67.74.139

200 OK

197 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/heroillustration.jpg
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JPEG image data, progressive, precision 8, 1420x1080, components 3
Size
197 kB (196768 bytes)
Hash
65a2cb0d1e14633606d9d0cdda66bf39
1653696f5d951a6046008160a7c2dda9c27ce6f2
7d07ffc8f9e7620f82bbc8d3930ebf428f185d6d3f8cde05580ecb3530c5bbea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/heroillustration.jpg HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lp.cybeready.net/Forms/MS-online/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: image/jpeg
content-length: 196768
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203294
etag: "65283b123eb235e6176ae98c02ac5b1c"
last-modified: Mon, 09 May 2016 08:37:52 GMT
x-amz-id-2: alQHO9NmGNQqky2qSfG0BDV3rkEEiS8hpK+fj80pduyhAIwaKiLl9IY9ZrGkPQUTaFjn62qZ3Fs=
x-amz-request-id: VST104F4VYX7PMTP
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJlJBh0W7ciQ74f7lmB2qlDIfnmEJ4zXVnuEmLmkohioxvf4D%2FiUb7mrm2VOQ01B1bakHYK%2BRhXz5ZT0O3nS5EDN9uj%2Fg7XfB7IAXBZHCHL8UuYYali8BGvvj1fX8zUNqAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8639a1decb52d-OSL
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.9.237

302 Found

0 B

URL GET HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Fri, 26 Apr 2024 17:45:53 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYp%2FCfN3vvUI5EDFAs7bVttYn64iNW1zb86OPxHj7IyNlO0lMOmD0g3FCb0U1lRI1wZAjyiZBlHx5h2H4w5tTXl3FY6SLQxLcbd8oVH2wWktW7lP25T8sl3wvJtCejTKng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8639adab9b505-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/favicon.ico

172.67.74.139

5.8 kB

URL GET
lp.cybeready.net/Forms/MS-online/favicon.ico
IP
172.67.74.139:0
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
5.8 kB (5796 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/favicon.ico HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:53 GMT
content-type: image/x-icon
x-amz-id-2: 6INuEGBZE9oJXJPNfkMWFQpfrRs9jtzvoDFiiiK62HrjxfzS3ZnRb6xYEQaIn7RVI1dJidVwvKk=
x-amz-request-id: Q8KWSW825386B3NQ
last-modified: Mon, 09 May 2016 08:37:47 GMT
etag: W/"12e3dac858061d088023b2bd48e2fa96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mKkdg20s84C%2F5N0ntfmtRyGhJ5%2BiUV9x%2BiyPhbz%2FARsz2Lj5yQQ5VCYokKyn6hQ1JT1zf%2F%2FbP2TAGQU8q3TYqnfflvpAqFvd5kn2pDihH%2Bn3NWtAxhNZoruDi41uhnCRfGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8639adf0db52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/h/b/jsd/r/87a86393a8f6b505

104.26.9.237

200 OK

0 B

URL POST HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/h/b/jsd/r/87a86393a8f6b505
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a86393a8f6b505 HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12417
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=avKyWukXA98jjYxKr9N_XaMjmd.xVm3gIUd4gbdluK0-1714153553-1.0.1.1-T2FQ7ql_iDMRthQmVwbFvcDyGsMLFR3gjEXSfHCRhcX0eKV1vVpmTlfEwnZ2bTO0IFEK1j2ETbAShrFcYIZljw; path=/; expires=Sat, 26-Apr-25 17:45:53 GMT; domain=.notifyhubss.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZY4nP8XAmUvwv2STm8SrCOHuY8PzPYp0k2EB88kSgmT9WCUHvpIpzwAAye1Ka9DBC2SsPpRAz6thqvevUIVq94V7kyC9bb%2B%2BVbmMChgC7IUpKShkr5IzFAok7a3k%2ByNzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8639c7c9eb505-OSL
X-Firefox-Spdy: h2

notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/

104.26.9.237

200 OK

0 B

URL POST HTTP/2
notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Outlook

HTTP Headers

POST /49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/ HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Cookie: requestid=599915d7d784867122e3ddf9453703a8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:53 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=699bbb8e535a09dac0029d217d08be9a
requestid=6b49bc74b6d426249c35d2e8af45e811
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FS0ujXmCobcSrTF6Zx4Y8pfZpDVOpZpNdjUPNp5Jc0r85KMGxdEgE3TLtgEVMwPiHLU9bL8PSx3sA8tsZnRa0LaEUQF0tcdhvnIu8ovQ37UNRnYoAVv4%2BFzoJD5Q6Y5bVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8639c8cb4b505-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/sanitize.css

172.67.74.139

200 OK

752 B

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/sanitize.css
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (526), with no line terminators
Size
752 B (752 bytes)
Hash
2675cf7988f6a7a71b241bb7dbe69dec
7900859c6bf14e7c3a72db9bd4a9e49901f78173
4e9b51d07ce50cf3d2e065c34ba5f30d95d75227cd7642ae8d262d6772867e61

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/sanitize.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1014
etag: W/"61d79c3e015865ed0bca45e77eeac723"
last-modified: Mon, 09 May 2016 08:37:44 GMT
x-amz-id-2: HtxRyFtarpcGrcBTbmx/RAbYILShVqV/HXqBpX/hmjs8rUubW99GKMVr+ffagH9uRbjSEX3c1aQ=
x-amz-request-id: 53P3SQSENC68HHA9
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1DuqH6ZFiTGJXGgI%2F6pKH4TfH6F86CEQl0ZBzTcusLmBspyxZ%2F9HH8RtvQREygGoCuXltKai5g8s0Uiyu04eAvYLeTi%2BhxOuCU9w25p7TwD8N6krY1oZOMVASHQrFCCdyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8639849fdb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/validator.js

172.67.74.139

200 OK

8.7 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/validator.js
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text
Size
8.7 kB (8668 bytes)
Hash
1fcbee9832d717ec42da9239564aff2b
c89b6868b60376a2d519d277eefe80a4b72187dc
531af0d0ceaca3ebdc13b4285eb12ca7089f628a149e842c5a2205b959018e4c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/validator.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1569
etag: W/"844cb6b1728575eb4bc8bc531bb5a4f3"
last-modified: Mon, 09 May 2016 10:28:26 GMT
x-amz-id-2: zAeZmrBbHpjB2Wch38Za3vj7dfDT5GX963N6ddI2jLmyLq53vqs88+NFo+f5yk9sg6Oytuj+nrQ=
x-amz-request-id: B1C0XJZFX1GTCBRJ
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Q2CgsfKodwc6Ri5600gDxUGOhN1bx2nMvfMphou0rHAuYNhbaA8CWkxO6KsNk2qn%2Fk8Fa7mt1utcngxkApeNOEJ2w2hu8fDlaL13vLPccBRclFHaZX7v7s46NmyL%2B%2FxJis%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863986a47b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/common/landing-page.js

172.67.74.139

200 OK

5.3 kB

URL GET HTTP/2
lp.cybeready.net/common/landing-page.js
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JavaScript source, ASCII text, with very long lines (590)
Size
5.3 kB (5341 bytes)
Hash
ac5716b9ccc0d5eb31e94d8c873227d4
39ed1b79df1f4a7eedc7f245f0cabb0618246951
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /common/landing-page.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7666
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
x-amz-id-2: z8RsqbBiz1nWYtfNZb1HCsklBEOD8IM7WIC09NRnrI1IXGsWrJYoWs/x8VuE967G4EdDqZTcWR4=
x-amz-request-id: BGDVSRCCTTP72NXR
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kdb%2B6%2FAOjiGnk%2FpxE80b9AVQFhxopy9AtYe0ck8VAWQcJfb%2FOsP6%2F9yGcvTykrpywMy%2FsGI5pwAkpT6n3hodIMLzrpo3%2B0ye%2Bf%2FzKkGvGA7it3DyGE0zfI66UdvoZ5XdI64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863986a7ab52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/

104.26.9.237

200 OK

0 B

URL POST HTTP/2
notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Outlook

HTTP Headers

POST /49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/ HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 109
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Cookie: requestid=6b49bc74b6d426249c35d2e8af45e811; cf_clearance=avKyWukXA98jjYxKr9N_XaMjmd.xVm3gIUd4gbdluK0-1714153553-1.0.1.1-T2FQ7ql_iDMRthQmVwbFvcDyGsMLFR3gjEXSfHCRhcX0eKV1vVpmTlfEwnZ2bTO0IFEK1j2ETbAShrFcYIZljw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:14 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=ca594c1200fc1eb73930aaee8c42c313
requestid=3494f18443d68d1479f4ef021b5a940d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUfLMJTVUg0j3E5%2FSwK6C48%2Boyn776y4DacwkRibyK%2FlU1md9bITI65tWRPKxxQy42ZHTPWj4yVxRnwaH584g4%2BDAmh4ma0mJdCN2PIiPkA%2BbOhBBf9vWb%2FJSdN4vLaaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8642268a3b505-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/index.css

172.67.74.139

200 OK

2.4 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/index.css
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (2426), with no line terminators
Size
2.4 kB (2426 bytes)
Hash
8a755011320e63395ea79047f1b5073c
cdf05a68a5c6fe1c2566f63f92c3997f7352ab6f
bd5d2516f5c4a874a8f3d1c03b60ce1c33854626f0bb98ef55e56dda4e46db56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/index.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:52 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3105
etag: W/"f381725154f2d810562dc42f32c6bee2"
last-modified: Mon, 09 May 2016 08:37:42 GMT
x-amz-id-2: vNTVwsgZ/ssYJbpp0SHi+ulC+ZofQkDC16C0QRIkFdu6XYefnXiQtiQWaxwW73EmLrcrcRkjwY4=
x-amz-request-id: VG74JFR04HJXXY4Y
cache-control: max-age=14400
cf-cache-status: HIT
age: 691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mev%2By5bXp%2BQx3BcBenZt%2BQzQ7%2Fr5utw4UCU7ow9uXzJc6SExKmQjBG%2BudTgAiFCc0JG0CY5P8VkKVwmgRZG1qpcYNWJhA6QPeg%2BAzav2gAlFXjPNM1yNLGC9uBjzJ%2F8YbjU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863982989b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

104.26.9.237

200 OK

7.8 kB

URL GET HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/49a96cfebu85654dcel8f3f5665lad61597d.html__;!!OepYZ6Q!_gmr9Sv0zpQEPSoSOkcNKkh_bkdPExatp8DcXXmM4p7UGZ5taP9hQnZjqf11FIFeMgsnGl87T4JKXf5O3bXsCxqS/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type
JavaScript source, ASCII text, with very long lines (7834), with no line terminators
Size
7.8 kB (7834 bytes)
Hash
8f9446dd9b85e6d0bb0856d728a44759
5ffb715bd420f0537a0f817cbba81443ecfb2d91
59c1114a621009ca24cee7fbd4cf458a2be40694d739fbe642a226eb9f83ff35

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:45:53 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRRqdIep%2BD%2B4ORVF8e3KKi20FC1A7ihNK0JcJLpM62L783SMoxVPGR5gq%2BlVz1DuDBqFX2gvGxT8Rr6Imye5a5oegoGtBU%2B1uxnSldkI1k5rMNNz7S7Xbvv9G1xHWwh6fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8639b4b3cb505-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size