Report - notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/

Report Overview

Submitted URL
notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
IP
104.26.9.237
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 23:44:34
Access
public
Website Title
Sign in to your account
Final URL
notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Tags
microsoft phishing
urlquery detections
Phishing - Microsoft

Detections

urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	893 B	33 kB	104.17.25.14
lp.cybeready.net	unknown	2014-01-26	2015-12-30	2024-04-18	3.5 kB	218 kB	104.26.8.233
notifyhubss.net	unknown	2020-04-30	2021-07-09	2024-04-17	3.4 kB	11 kB	104.26.9.237

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	notifyhubss.net	Sinkholed
2024-04-25	medium	notifyhubss.net	Sinkholed
2024-04-25	medium	notifyhubss.net	Sinkholed
2024-04-25	medium	notifyhubss.net	Sinkholed
2024-04-25	medium	notifyhubss.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-04-26	2024-04-26
Pretty URL notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:44:34 Last Seen2024-04-26 01:44:35 Times Seen2 Hash aeff840f69d198850709e0e60bfb4d09 556c26d44c2b41fc1e3e967348e0700b872fb0dd e0fd538645d63cc50f3360bb4cf99c14297e9de0a6cabbc077a1e30505bba981 Loading...

	notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/	63 B	2024-04-26	2024-04-26
Pretty URL notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/ IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:44:34 Last Seen2024-04-26 01:44:34 Times Seen1 Hash 97b14f595384cca475992ef36a7b0a77 c60ad30f8be904a7340626c45bc3c204ab3c1ec5 2f27b162d01d6c3c9f2eb63562333841e5295493b45d6f239188bc63a7107e06 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-04 23:21:48 Times Seen10919 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	lp.cybeready.net/Forms/MS-online/validator.js	1.1 kB	2023-03-07	2024-05-04
Pretty URL lp.cybeready.net/Forms/MS-online/validator.js IP 104.26.8.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:00:15 Last Seen2024-05-04 17:32:50 Times Seen286 Hash 1fcbee9832d717ec42da9239564aff2b c89b6868b60376a2d519d277eefe80a4b72187dc 531af0d0ceaca3ebdc13b4285eb12ca7089f628a149e842c5a2205b959018e4c Loading...

	lp.cybeready.net/common/landing-page.js	4.0 kB	2023-03-07	2024-05-04
Pretty URL lp.cybeready.net/common/landing-page.js IP 104.26.8.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:35 Last Seen2024-05-04 17:32:50 Times Seen371 Hash ac5716b9ccc0d5eb31e94d8c873227d4 39ed1b79df1f4a7eedc7f245f0cabb0618246951 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca Loading...

	notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/	1.1 kB	2024-04-26	2024-04-26
Pretty URL notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/ IP 104.26.9.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:44:35 Last Seen2024-04-26 01:44:35 Times Seen1 Hash 5622b1bb7edd5bef227f0f33666c5cdb 88de097a53cfa44a25ce2deaaefd7d4b1bc4d05e 45d2469b8c1b4b3689320ee2ef33610080c84eca1e83cf6ee06546f355af5b8e Loading...

	unknown	247 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:44:35 Last Seen2024-04-26 01:44:35 Times Seen1 Hash 69d7571cd944caba2016456fab09f92e 3bba6508429f82ca4df1ebe98b67e42a51b48649 3a9eea970119aa4800fc2642a2c2c0e850047a97c900bcf5f9fdf7d8ac497819 Loading...

HTTP Transactions (15)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 889948
expires: Tue, 15 Apr 2025 23:44:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1jBos%2BSK60cmVGWGz4dgfcf685klFAngVBIfmR9Y8hLC57196zpCqc42qTZJMBE4tEqcYDrhZJKR8revpRVaXa1J%2FvrOUqeyMcqn%2FhGasna0StYxtjjKP9cRQ%2BtzqJxu34GoCqo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a23308397db4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

104.17.25.14

200 OK

4.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23577)
Size
4.4 kB (4364 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:08 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65993750-110c"
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 798991
expires: Tue, 15 Apr 2025 23:44:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqfaQmd%2BcJ4zAbcKL1UnX%2Blwzs7ZRXeH5KVoWHusGIjQu9E%2BsJ5OfW6vf0ktnqaoVNcuGUxjv8FfE4P4rZXKohl4g4ftosSwCRgCRT6qwMoOMfw4N9Vk7nJDKGihBLPhTjDZ60QQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a23308297bb4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/bannerlogo.png

104.26.8.233

200 OK

1.0 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/bannerlogo.png
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 159 x 35, 8-bit colormap, non-interlaced
Size
1.0 kB (1024 bytes)
Hash
24bfcce4b67e345caac4ce3849b26d5d
fd6b6d847ade5480f290cbce319cdee74016d859
de8d43f95c8743f71d53a6ca3d5dc0b3d2c29e96b7c565e52cf5a86c416c2400

HTTP Headers

GET /Forms/MS-online/bannerlogo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: image/png
content-length: 1024
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4585
etag: "9f09a27d4f69b3557c7433574a29d726"
last-modified: Mon, 09 May 2016 08:37:46 GMT
x-amz-id-2: oyREWeQpA7ftqsQ93j0SqJILSposezh8Gx8VKDj4nQorPklo2baX903qbosTcstbY/EGKBy4xcg=
x-amz-request-id: VG7FS237CKAWP6CE
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcLGNvkhFyRjUJLiBQbIWZX376ZXy9QoEBaxaYPvSA%2F6htTFZBDc%2FLJUonvn%2ButLyDrq%2Fnt6YKLciGmu3Y3NOgdEWUYxlHR8Dp%2Bro9wjPYVdU9f6k5GOi6%2F3G6j1YRxNvbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a233089bb57128-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/microsoft_logo.png

104.26.8.233

200 OK

653 B

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/microsoft_logo.png
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
PNG image data, 100 x 22, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
366222d8d10fa25f28a5c4b8c738a887
d64ae75cb36ee9bca1076b259ee3e8dc1f3fa09c
3f58f0f3a9d3cad69e0d008d752af773b81a2d29f92c855b796dc2cc3a8813f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/microsoft_logo.png HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: image/png
content-length: 653
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1040
etag: "e4b675007dc6492ee590131d1f7dfbb3"
last-modified: Mon, 09 May 2016 08:37:44 GMT
x-amz-id-2: nuwL9vgbG/ekq/RxW2LQEr28j8DSzrvH3FxL7wr6F8zpO6fbKuJvzN8J9lBR0tO5f31McrZ1/vA=
x-amz-request-id: VTGQNQ6R8VGQHTMD
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWWSZvOHAQQF2aGNCP4iXmwc53KMmBUfm9RmgOLNYDupOO3kTN8usamEL9%2FzF952bAX58gfa%2FQIzuzuRcN%2FY43MJbkYjpZCc4yL8UOtfq7aZ%2B2UUi1sb7x7SGNkUSQG2z4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a233089bb47128-OSL
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.9.237

302 Found

0 B

URL GET HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 25 Apr 2024 23:44:09 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7C8KOYW0LWgDuU956VYblb3NfhzWasi9ADH16EG0U2bFQPKmL0af8MI3BLvSxAH9kdHFP%2FeqFwDcwJ1hrk1jxYskinKFKNlVHWfIRlQzKj92ZiLI53LprVySWXtKW%2FzuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a2330a884fb503-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/heroillustration.jpg

104.26.8.233

200 OK

197 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/heroillustration.jpg
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JPEG image data, progressive, precision 8, 1420x1080, components 3
Size
197 kB (196768 bytes)
Hash
65a2cb0d1e14633606d9d0cdda66bf39
1653696f5d951a6046008160a7c2dda9c27ce6f2
7d07ffc8f9e7620f82bbc8d3930ebf428f185d6d3f8cde05580ecb3530c5bbea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/heroillustration.jpg HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lp.cybeready.net/Forms/MS-online/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: image/jpeg
content-length: 196768
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203294
etag: "65283b123eb235e6176ae98c02ac5b1c"
last-modified: Mon, 09 May 2016 08:37:52 GMT
x-amz-id-2: XG3+6C9mqc3QcWizhIvx4fgfZaJzRbXK2qXbN+jym50NzlPI2d9NhQOYshDZoileB+HtasAm91Y=
x-amz-request-id: T2K22ZSAQK4N2D6J
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYTaEiYcmeiGj3bGxc%2F4tv%2FEuPLun%2BAD07QRiOOehzgH7IVRA7f8bi%2B8W3qAtfuVSp7rPkcw%2BZo9cd7UlcB6C4PNtVDEykzPx6f2wSi%2FCGGw%2BPE5SyPO2mpbuKzBwgJSBjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a2330a4c4d7128-OSL
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/h/b/jsd/r/87a233058e31b503

104.26.9.237

200 OK

0 B

URL POST HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/h/b/jsd/r/87a233058e31b503
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a233058e31b503 HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12443
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=dS2u.FQmSpyJfGtjdbzhpuuxTbocFMfsNdeyZ3CHFuw-1714088649-1.0.1.1-at6xyYuZzG5mwusaOAo0LIKz.7VFc6ignnTBsrDBnmu8Oi0kq4Sb0KRWYims0QR6EBauGSHxarmyukRR_PCUHw; path=/; expires=Fri, 25-Apr-25 23:44:09 GMT; domain=.notifyhubss.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SX9NnSQZtLpYMLC8eRQzOLeyxVcK7%2Fc1kVVJRNAu5gHsxkObK4d15U9nqTnaQxyz2ekvU9x3lcINz0maiwJ4Kj1irCk8fHN6ZcnM6zT6uLLz7tN3wj%2Famu%2BQLjLEyr2%2FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a2330b98f3b503-OSL
X-Firefox-Spdy: h2

notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/

104.26.9.237

200 OK

0 B

URL User Request GET HTTP/2
notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/ HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Cookie: requestid=c5fa4d86efa174dba82b52a3a57daf75
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=5ec3052735091ca1581b51a94c5edd98
requestid=73c73d26139cbad4e11457cc94ba4692
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PD7vT6V9fsxN8bRL3T42tsuKLe7sNHwZPsSQOwDK4wdVl7GghByYPBLk5fYTYUtmkSEBxF07Ey5sa3oVO54fyZnzq%2FVT7Ouio82%2BVoLYfA9%2FsSYRe4OXuLMn5MEK0gLxeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a2330ba8f4b503-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/sanitize.css

104.26.8.233

200 OK

752 B

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/sanitize.css
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (526), with no line terminators
Size
752 B (752 bytes)
Hash
2675cf7988f6a7a71b241bb7dbe69dec
7900859c6bf14e7c3a72db9bd4a9e49901f78173
4e9b51d07ce50cf3d2e065c34ba5f30d95d75227cd7642ae8d262d6772867e61

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/sanitize.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1014
etag: W/"61d79c3e015865ed0bca45e77eeac723"
last-modified: Mon, 09 May 2016 08:37:44 GMT
x-amz-id-2: HtxRyFtarpcGrcBTbmx/RAbYILShVqV/HXqBpX/hmjs8rUubW99GKMVr+ffagH9uRbjSEX3c1aQ=
x-amz-request-id: 53P3SQSENC68HHA9
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJbCGolv6oTnQSXhDe2AIN7PZDjWn6Lj76t0gMp3OL56TAsR0VmisHez4qw2CFpDioADtbK81s%2Fh59O3NxKazBlxkXuJsl3XVO21LC%2Bqk84viV8OJzXzYx1Zz7savGzijtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a233089bb77128-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/index.css

104.26.8.233

200 OK

6.6 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/index.css
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (2426), with no line terminators
Size
6.6 kB (6633 bytes)
Hash
8a755011320e63395ea79047f1b5073c
cdf05a68a5c6fe1c2566f63f92c3997f7352ab6f
bd5d2516f5c4a874a8f3d1c03b60ce1c33854626f0bb98ef55e56dda4e46db56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/index.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3105
etag: W/"f381725154f2d810562dc42f32c6bee2"
last-modified: Mon, 09 May 2016 08:37:42 GMT
x-amz-id-2: vNTVwsgZ/ssYJbpp0SHi+ulC+ZofQkDC16C0QRIkFdu6XYefnXiQtiQWaxwW73EmLrcrcRkjwY4=
x-amz-request-id: VG74JFR04HJXXY4Y
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBZTGHUvPgkVDKYbC08Xdnjy00qioyfAVMb81Xg2l4gVbthHQGR%2FpHRZm8qsG9u%2FttTk12f8yfkAq44nHe4rZvbyYJwHsKJvi46htHe3aqHgrUGOGjV4Xsu3BN74V2qabV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a23308abbc7128-OSL
content-encoding: br
X-Firefox-Spdy: h2

notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/

104.26.9.237

200 OK

0 B

URL User Request GET HTTP/2
notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/ HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 109
Origin: https://notifyhubss.net
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Cookie: requestid=73c73d26139cbad4e11457cc94ba4692; cf_clearance=dS2u.FQmSpyJfGtjdbzhpuuxTbocFMfsNdeyZ3CHFuw-1714088649-1.0.1.1-at6xyYuZzG5mwusaOAo0LIKz.7VFc6ignnTBsrDBnmu8Oi0kq4Sb0KRWYims0QR6EBauGSHxarmyukRR_PCUHw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:31 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=f4d6efdd9b05d76f8fdcdc30d39b0d16
requestid=fe7ef5ef3106e427f6df3dad3b763898
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNkDJ1eBzWgO6%2FhnpRgxKKfCy%2BVfLqmUprGnZwGcy6cQwO%2BaAbjvGpuYuF8%2FmvddKPALaP1csyGXfmhXuXh5tip8o5a9JGsse1u5N0h2W6oZ5%2FphxL42PNwqElMo4sCWvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a23396af2fb503-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/validator.js

104.26.8.233

200 OK

1.1 kB

URL GET HTTP/2
lp.cybeready.net/Forms/MS-online/validator.js
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
ASCII text, with very long lines (1158), with no line terminators
Size
1.1 kB (1141 bytes)
Hash
739cde09074e2d13657b46670db603ff
a3a8a20ccd8af534d0693fa9984ad57e9fb7d0d3
ab0eab4eb25b68afc38087d490df3e23b0e902130a9ae4326a6901b045a32d8b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Forms/MS-online/validator.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1569
etag: W/"844cb6b1728575eb4bc8bc531bb5a4f3"
last-modified: Mon, 09 May 2016 10:28:26 GMT
x-amz-id-2: zAeZmrBbHpjB2Wch38Za3vj7dfDT5GX963N6ddI2jLmyLq53vqs88+NFo+f5yk9sg6Oytuj+nrQ=
x-amz-request-id: B1C0XJZFX1GTCBRJ
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFR%2B0P9lev4wf1ooeqPt2Dy4urMzH7Hd3t0zNZJJByJ9rkr46e6T0AT3qdnSRhQFevFgpsbyY5yGMmt3qTADO0KCKV1HOJwdUgnNkyW74LiC%2FUDWs8DNdoDgylodZu%2FVHaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a233089bb37128-OSL
content-encoding: br
X-Firefox-Spdy: h2

notifyhubss.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

104.26.9.237

200 OK

7.8 kB

URL GET HTTP/2
notifyhubss.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
104.26.9.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectnotifyhubss.net
Fingerprint15:15:D9:8E:39:C7:06:EB:3E:95:E9:60:79:C1:C8:71:91:A7:DF:07
ValiditySat, 06 Apr 2024 23:22:32 GMT - Fri, 05 Jul 2024 23:22:31 GMT

File type
JavaScript source, ASCII text, with very long lines (7828), with no line terminators
Size
7.8 kB (7828 bytes)
Hash
aeff840f69d198850709e0e60bfb4d09
556c26d44c2b41fc1e3e967348e0700b872fb0dd
e0fd538645d63cc50f3360bb4cf99c14297e9de0a6cabbc077a1e30505bba981

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: notifyhubss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpgNYrY3SzjgSgYyVRhXRqJWakMtKyelnaBTW4AbsjAK%2FblYT0Ec%2B%2BwUQpVK8Ay38IQDMkvbzF8TTZVLI5N8Z0zG0aCilgDhMmuPUZvM2YIBhGTY6bNtEz5pef7nfHM%2F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a2330ac86eb503-OSL
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/MS-online/favicon.ico

0.0.0.0

0 B

URL GET
lp.cybeready.net/Forms/MS-online/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Forms/MS-online/favicon.ico HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: image/x-icon
x-amz-id-2: 6INuEGBZE9oJXJPNfkMWFQpfrRs9jtzvoDFiiiK62HrjxfzS3ZnRb6xYEQaIn7RVI1dJidVwvKk=
x-amz-request-id: Q8KWSW825386B3NQ
last-modified: Mon, 09 May 2016 08:37:47 GMT
etag: W/"12e3dac858061d088023b2bd48e2fa96"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56NHCnUGJHIx5X5BBJtzCVxKot50rE282is70CU%2BQMn%2F7Ckcy0UdSXm63iyRwcOCB9IVKopiKN4beZgOOn%2Fp5rRfH4dDSQ6t%2BsVBUbQURrUSBd7XJ%2Fl3oMcQz2EYNWv54cY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a2330b2c8f7128-OSL
content-encoding: br
X-Firefox-Spdy: h2

lp.cybeready.net/common/landing-page.js

104.26.8.233

200 OK

4.0 kB

URL GET HTTP/2
lp.cybeready.net/common/landing-page.js
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://notifyhubss.net/4f5bb27bcuccfc491fl9846768bl85479ebb.html__;!!OepYZ6Q!5OFWk218tbDtKrq_2w79K77Am0vSxyjMUWmljJ4vpGh3V4GWYEXJIMS-zsRgYuGdJZYrrt6cXHalbS0teKGNDzcTq9hSoFNm-Q/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
FingerprintBB:28:14:F8:09:02:DF:1E:F0:B6:74:8B:09:67:6A:55:A6:0D:A0:38
ValidityTue, 16 Apr 2024 23:13:46 GMT - Mon, 15 Jul 2024 23:13:45 GMT

File type
JavaScript source, ASCII text, with very long lines (4058), with no line terminators
Size
4.0 kB (4037 bytes)
Hash
31c9d5c1c040c6f1d6e924471ce8179b
051fbd8b0dd9cc8567fcb71fedf2726d0c7cb321
13935b3ce2cace0bb7bd02421279995e5a519bc5622c494ee1536a1ef880f670

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /common/landing-page.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notifyhubss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:44:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7666
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
x-amz-id-2: z8RsqbBiz1nWYtfNZb1HCsklBEOD8IM7WIC09NRnrI1IXGsWrJYoWs/x8VuE967G4EdDqZTcWR4=
x-amz-request-id: BGDVSRCCTTP72NXR
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BErZU3vRcaA%2BdQZurXItX2kVGIWjiRu3vKnsRXIeYp0Sqfd8koUbbpptsfcMEnacpmJWRmcX6GJaP%2BCDM%2BvxDIAaj4WuIC848JTOIWjCYeEdyL5e%2Fdeth3RmGjVv%2FG2jchE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a233089bb97128-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size