Report - notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$

Report Overview

Submitted URL
notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
IP
104.26.9.237
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-23 18:11:24
Access
public
Website Title
Sign in to your account
Final URL
notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Tags
microsoft phishing
urlquery detections
Phishing - Microsoft

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-22	893 B	33 kB	104.17.24.14
lp.cybeready.net	unknown	2014-01-26	2015-12-30	2024-04-18	3.6 kB	231 kB	172.67.74.139
notifyhubss.net	unknown	2020-04-30	2021-07-09	2024-04-17	3.6 kB	28 kB	104.26.9.237
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-22	512 B	6.5 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$	63 B	2024-04-23	2024-04-23
Pretty URL notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$ IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 20:11:24 Last Seen2024-04-23 20:11:24 Times Seen1 Hash 428a2cbd8ed153acba8644eeada73be8 047d92d4012d1cdd9daaab94ef9158da8d1f96a6 28998e17902e7950b57e424b8633b51d3077f1aac6107dd8912680846a214988 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-03
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-03 19:14:46 Times Seen10909 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	lp.cybeready.net/Forms/MS-online/validator.js	1.1 kB	2023-03-07	2024-04-29
Pretty URL lp.cybeready.net/Forms/MS-online/validator.js IP 172.67.74.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:00:15 Last Seen2024-04-29 02:02:48 Times Seen284 Hash 1fcbee9832d717ec42da9239564aff2b c89b6868b60376a2d519d277eefe80a4b72187dc 531af0d0ceaca3ebdc13b4285eb12ca7089f628a149e842c5a2205b959018e4c Loading...

	lp.cybeready.net/common/landing-page.js	4.0 kB	2023-03-07	2024-05-02
Pretty URL lp.cybeready.net/common/landing-page.js IP 172.67.74.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:35 Last Seen2024-05-02 18:29:07 Times Seen369 Hash ac5716b9ccc0d5eb31e94d8c873227d4 39ed1b79df1f4a7eedc7f245f0cabb0618246951 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca Loading...

	notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$	1.1 kB	2024-04-23	2024-04-23
Pretty URL notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$ IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 20:11:24 Last Seen2024-04-23 20:11:24 Times Seen1 Hash 3aa035841a9746cc263bfb5190a704de 166bef3cf8f11cae9a7b0c69a99687bbc4a00f36 ede9d1d5db72e9f014b90a6c8bffe5227ec39eafd96225775f5f87adc3896a9a Loading...

	unknown	247 B	2024-04-23	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 20:11:24 Last Seen2024-04-23 20:11:24 Times Seen1 Hash f32ef16b0c098f3453fe5ad683f25f5d 2a06a939a02e2ae5467aac475084d84f6b332fea cbc0c7fbefee7540b1b644b4dc0e7322f0cdc21bbfdea094ea68d225f7854da7 Loading...

	notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-04-23	2024-04-23
Pretty URL notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 20:11:24 Last Seen2024-04-23 20:11:24 Times Seen2 Hash e07d03564a72107c3132a344c77ba267 2c72219371ea78782ca31fcd18b606c3890699d1 adb365904e119e3b4ee3f6765fbfaa965f1ac7c8192e9fd60d02c138825d6140 Loading...

HTTP Transactions (16)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

104.17.24.14

200 OK

4.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23577)
Size
4.4 kB (4364 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65993750-110c"
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 606201
expires: Sun, 13 Apr 2025 18:10:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zBU%2BeXyKCgaXN2iTR9kQS4LadfHl4Gw3572G3PTZZxtZugcj7%2B1w5Nd1HNHn1G0SKG0z0mHU6v8Bly3kpRcJcbQsDc%2FzO0yqDxp9Ke68U9gzcU%2FXfKeOiHWFHYv90%2FQKUQIZ6Eq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 878fd03cef4a569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 697158
expires: Sun, 13 Apr 2025 18:10:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6FJ6j%2FqJojV8AVi4jfaXlJfvI7YEbhwUNpWZExRoucsM9D%2FX9zbyeKd8zx7%2FIBDUgnuqRu7fWR9rWlz%2FhxLqPoPSRiqwC9QTiZg4ZBwgNXrT2iE1aIB7Hbe%2FipFl%2FqNyprRfvpJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 878fd03cef51569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/bannerlogo.png

172.67.74.139

200 OK

1.0 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/bannerlogo.png
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 159 x 35, 8-bit colormap, non-interlaced
Size
1.0 kB (1024 bytes)
Hash
24bfcce4b67e345caac4ce3849b26d5d
fd6b6d847ade5480f290cbce319cdee74016d859
de8d43f95c8743f71d53a6ca3d5dc0b3d2c29e96b7c565e52cf5a86c416c2400

HTTP Headers

GET /Forms/MS-online/bannerlogo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: image/png
content-length: 1024
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4585
etag: "9f09a27d4f69b3557c7433574a29d726"
last-modified: Mon, 09 May 2016 08:37:46 GMT
x-amz-id-2: oyREWeQpA7ftqsQ93j0SqJILSposezh8Gx8VKDj4nQorPklo2baX903qbosTcstbY/EGKBy4xcg=
x-amz-request-id: VG7FS237CKAWP6CE
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dp2xcQn7IMkZjTvYmNBfQaufFdAG4JgjdpCOK7EyjAge84%2BgiZNwZUBJ6Z9offC8YrMV23HuJodwxuVww2QZq2UIh7WrtE1sd8QSLsgove9I4tvExOnL49YMznjgHWmYCTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03cedd2b52d-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/microsoft_logo.png

172.67.74.139

200 OK

653 B

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/microsoft_logo.png
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 100 x 22, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
366222d8d10fa25f28a5c4b8c738a887
d64ae75cb36ee9bca1076b259ee3e8dc1f3fa09c
3f58f0f3a9d3cad69e0d008d752af773b81a2d29f92c855b796dc2cc3a8813f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/microsoft_logo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: image/png
content-length: 653
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1040
etag: "e4b675007dc6492ee590131d1f7dfbb3"
last-modified: Mon, 09 May 2016 08:37:44 GMT
x-amz-id-2: nuwL9vgbG/ekq/RxW2LQEr28j8DSzrvH3FxL7wr6F8zpO6fbKuJvzN8J9lBR0tO5f31McrZ1/vA=
x-amz-request-id: VTGQNQ6R8VGQHTMD
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXx0xKQyzinxa51Tt4Zxivdzm4NMAyF5brqMQ2iIQQWEXq197ZZBsyldQgZV%2F8NpgPCHqWO%2B5IfrDcQ1PVaKyHGyHoT2OoTBCmMrIfXgJ2yr5jnSAS8XaJSiBAaLeBZPUnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03cedd6b52d-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/heroillustration.jpg

172.67.74.139

200 OK

197 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/heroillustration.jpg
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JPEG image data, progressive, precision 8, 1420x1080, components 3
Size
197 kB (196768 bytes)
Hash
65a2cb0d1e14633606d9d0cdda66bf39
1653696f5d951a6046008160a7c2dda9c27ce6f2
7d07ffc8f9e7620f82bbc8d3930ebf428f185d6d3f8cde05580ecb3530c5bbea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/heroillustration.jpg HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lp.cybeready.net/Forms/MS-online/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: image/jpeg
content-length: 196768
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203294
etag: "65283b123eb235e6176ae98c02ac5b1c"
last-modified: Mon, 09 May 2016 08:37:52 GMT
x-amz-id-2: hBB3Wxj538WWr93lmdsBcDcClmWX3Zak6MLoIvljNAeATBcuGt3uJfai7ce17b37I0siQRoRYlI=
x-amz-request-id: 5SJ6SKKNJP2CY3P1
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGVxMs9Y1zBBmn04cp4HCUxfPoWw%2BqpFsezNnSfBpVV3C9%2FdFbnIVzN4KI%2BC36sE8JOtFO4LvJZz4zjYM82u%2FFFMwA7HjkcZB035AkEqr7IfI8Pg6D%2FQ6%2FjGEvVZex6%2BdSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03e2f1fb52d-OSL
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.9.237

302 Found

0 B

URL GET HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: requestid=3f7426424ee4510dbe7128f2a2b334bd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 23 Apr 2024 18:10:58 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOVuNssE7q%2Bm0RCgLrth9uxdAV%2Fu%2F5i%2BAcy174C2fwmvWhe1us1ir9ze0iEcwXVTb3KfEZP%2BCP7qSnDB9ZxJTavAGPJN%2BplGbC3ZFNPWN8c6hTCgmuBVaIlmZxrr2QKI3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03e7fa9b4fa-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/favicon.ico

172.67.74.139

5.8 kB

URL GET
lp.cybeready.net/Forms/MS-online/favicon.ico
IP
172.67.74.139:0
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
5.8 kB (5796 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/favicon.ico HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: image/x-icon
x-amz-id-2: 6INuEGBZE9oJXJPNfkMWFQpfrRs9jtzvoDFiiiK62HrjxfzS3ZnRb6xYEQaIn7RVI1dJidVwvKk=
x-amz-request-id: Q8KWSW825386B3NQ
last-modified: Mon, 09 May 2016 08:37:47 GMT
etag: W/"12e3dac858061d088023b2bd48e2fa96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=En%2BsU1Eb7tYWndPK3LPbKiVgkoVdAOMBkLdNoyNK4rfXGAZOCn3VpitNMd71rfs9Qy5lX3PDgkFqOQthJxdH1f9DFfaU9AmEb4UAAnbDkTCpP8sG%2FstR24Y%2Flu36gbH%2BUPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03e7f9bb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

104.26.9.237

200 OK

25 kB

URL GET HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type
JavaScript source, ASCII text, with very long lines (7864), with no line terminators
Size
25 kB (24828 bytes)
Hash
e07d03564a72107c3132a344c77ba267
2c72219371ea78782ca31fcd18b606c3890699d1
adb365904e119e3b4ee3f6765fbfaa965f1ac7c8192e9fd60d02c138825d6140

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: requestid=3f7426424ee4510dbe7128f2a2b334bd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmT%2BBZ0X3F1cSooISGjoJpSKvXz%2FCGqeaLb1Rrd3sqyWitwQYKvM5uM5pxhc73FnTNq05XfoyBCOtsOg8g1rzTi0Qchdx5331e5wV0cHWvj5yGyiLBSv0uzbrsRGRgppgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878fd03e9fbfb4fa-OSL
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/h/b/jsd/r/878fd0397abeb4fa

104.26.9.237

200 OK

0 B

URL POST HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/h/b/jsd/r/878fd0397abeb4fa
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/878fd0397abeb4fa HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12428
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Cookie: requestid=3f7426424ee4510dbe7128f2a2b334bd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=i.KGH7Vs8ANJM.VKAm8XqYVQkuIVnMlPk0VWLtPfB0I-1713895859-1.0.1.1-8CPpBIaBKtXNgZuCl8vopkO7_fxH9iUUtHtskSPJz_dDiqVTE6BSuieHNmzLIzs9Q3TJ2RJjpd2tmvuvS3J6Mw; path=/; expires=Wed, 23-Apr-25 18:10:59 GMT; domain=.notifyhubss.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7DOmetlR8GKDxBOC5dt9dU%2FSGW%2FpkTkdou6FUVryAolNcRkkmYqM6jM780dnvIrEPDln721K3ACY5h6lX5S54K%2FEfEx3LSuf4R%2FnIf24mQyfndKvKXc%2Bg%2F2ZQDiQ%2F44hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878fd03fb91db4fa-OSL
X-Firefox-Spdy: h2

notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$

104.26.9.237

200 OK

0 B

URL User Request GET HTTP/2
notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$ HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Cookie: requestid=3f7426424ee4510dbe7128f2a2b334bd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:59 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=73c9be6307204c01b8e10e5e2306578a
requestid=79008abc70ecd3257af87525632e95ca
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLB6dkGvWohCqvdt7SQe4mtMF9wujEvoSzYbajrGU1v3%2F%2BScBmgHtmHyIcTmoke9aT4RBLgl0XUxVaOLs088WHpGRL6MMHUaVrgVO7jsbST5jpCnjgRvOLiVHcKxdib7FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878fd03fc931b4fa-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/common/landing-page.js

172.67.74.139

200 OK

2.0 kB

URL GET HTTP/2
lp.cybeready.net/common/landing-page.js
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JavaScript source, ASCII text, with very long lines (590)
Size
2.0 kB (2002 bytes)
Hash
ac5716b9ccc0d5eb31e94d8c873227d4
39ed1b79df1f4a7eedc7f245f0cabb0618246951
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /common/landing-page.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7666
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
x-amz-id-2: z8RsqbBiz1nWYtfNZb1HCsklBEOD8IM7WIC09NRnrI1IXGsWrJYoWs/x8VuE967G4EdDqZTcWR4=
x-amz-request-id: BGDVSRCCTTP72NXR
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKJ15Q2jyKXVw0Z2A588hp429WBWNo5JjSrjXk4WHYkmgtmX1mRj%2BhCC303eig3fo%2FJCNHmDX0PlGHwRmUZfj75NH%2FgKsZfTc7CxIOZOVWlnvxmLrlHX6MseE6b%2BGs%2Bfi0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03d3e43b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/sanitize.css

172.67.74.139

200 OK

752 B

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/sanitize.css
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (526), with no line terminators
Size
752 B (752 bytes)
Hash
2675cf7988f6a7a71b241bb7dbe69dec
7900859c6bf14e7c3a72db9bd4a9e49901f78173
4e9b51d07ce50cf3d2e065c34ba5f30d95d75227cd7642ae8d262d6772867e61

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/sanitize.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1014
etag: W/"61d79c3e015865ed0bca45e77eeac723"
last-modified: Mon, 09 May 2016 08:37:44 GMT
x-amz-id-2: HtxRyFtarpcGrcBTbmx/RAbYILShVqV/HXqBpX/hmjs8rUubW99GKMVr+ffagH9uRbjSEX3c1aQ=
x-amz-request-id: 53P3SQSENC68HHA9
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ya%2F0HSqQ46VvQ8r781ybXuLkdTGvhiIN5OFWC%2BVCahnkLGJ7cirvAi4msjE3VYjcj1CqZa6xP5iSpYcbPzmXpcUD3vyMuMg9p%2FDOM0NzZA2jdkeWc4vkVvG8qD8w5bOylZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03cddcab52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/index.css

172.67.74.139

200 OK

9.0 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/index.css
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (2426), with no line terminators
Size
9.0 kB (8989 bytes)
Hash
8a755011320e63395ea79047f1b5073c
cdf05a68a5c6fe1c2566f63f92c3997f7352ab6f
bd5d2516f5c4a874a8f3d1c03b60ce1c33854626f0bb98ef55e56dda4e46db56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/index.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3105
etag: W/"f381725154f2d810562dc42f32c6bee2"
last-modified: Mon, 09 May 2016 08:37:42 GMT
x-amz-id-2: vNTVwsgZ/ssYJbpp0SHi+ulC+ZofQkDC16C0QRIkFdu6XYefnXiQtiQWaxwW73EmLrcrcRkjwY4=
x-amz-request-id: VG74JFR04HJXXY4Y
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBGSK01Gk1v6r%2BLXHxWqFIWAXvmQuMb0T1ZLoo96PuX1XueCT2TOM8jhEG4UCVldDRpbpHleLegT3GKCkGqka3uJO6FRrqvxAWzvs1hBOoZeDLlorcD4WZxHyjv1ttwq29w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03cfdf9b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/validator.js

172.67.74.139

200 OK

8.3 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/validator.js
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text
Size
8.3 kB (8274 bytes)
Hash
1fcbee9832d717ec42da9239564aff2b
c89b6868b60376a2d519d277eefe80a4b72187dc
531af0d0ceaca3ebdc13b4285eb12ca7089f628a149e842c5a2205b959018e4c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/validator.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:10:58 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1569
etag: W/"844cb6b1728575eb4bc8bc531bb5a4f3"
last-modified: Mon, 09 May 2016 10:28:26 GMT
x-amz-id-2: zAeZmrBbHpjB2Wch38Za3vj7dfDT5GX963N6ddI2jLmyLq53vqs88+NFo+f5yk9sg6Oytuj+nrQ=
x-amz-request-id: B1C0XJZFX1GTCBRJ
cache-control: max-age=14400
cf-cache-status: HIT
age: 660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hc3DTcYpoKsZTxmw%2BEgzHR3Y0WAloXzaQ%2BcHkySG8MKeqD9dlj7TgBBWMuQV5S0%2FlH5VGiQSC4riD3g4iPcO%2F1elgV0hvpt1syxUz%2FKLMERmZHaBgpaZZ4bxa374lWGPdYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878fd03cfe04b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

5.8 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
gzip compressed data, max speed, from Unix
Size
5.8 kB (5759 bytes)
Hash
aa33725c2d0a3d1c2f9c878d64914807
6e83d13ec860384a977738b04ff0891a01ab519a
fe412eadb3dc9820ec6cab7cb62349be057c509e34f7e2de6d23b28eacc98bfd

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:11:17 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=cBrkgeyb3R9_GfW0qeGElyGQ86zvUPGgLimmjBt0wY15o8A__0URkYNGYVbM_OOeonvuzVydmDNg2oqOuuPOidEVUGnPSf1KLGbIDpu4K8KF_eXoqXK0UiphA3eyx0f7
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$

104.26.9.237

200 OK

0 B

URL User Request GET HTTP/2
notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$ HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 109
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/4419d5733u64c64888l9223d5belafc887d0.html__;!!OepYZ6Q!6a0JnRhFyhQfncK-LhrwBwz4hNh8MS_qxKKgAFDPEKMOCOgQxgYx7CnrvR6bIX3SIR-AMI9IhS0nwyds8fRelwKk4eFibA$
Cookie: requestid=79008abc70ecd3257af87525632e95ca; cf_clearance=i.KGH7Vs8ANJM.VKAm8XqYVQkuIVnMlPk0VWLtPfB0I-1713895859-1.0.1.1-8CPpBIaBKtXNgZuCl8vopkO7_fxH9iUUtHtskSPJz_dDiqVTE6BSuieHNmzLIzs9Q3TJ2RJjpd2tmvuvS3J6Mw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 23 Apr 2024 18:11:21 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=d0e0b232dcdc8167c1e372671c80e600
requestid=436d3bd21e615817851dc314de439823
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47P9krAz%2B3RPrJUP3T0NPAfhTLzEwnT7qtTYVzQQ3YVxt3EgXDOnsQ9g8z7jim1Qi8eIttsc3TL3xvNknzb0boVqsTx%2FWfNRZRWJc1u1iRnErnWLAj1qH5g0ymHSe0kQPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878fd0ca9b5cb4fa-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN