Report - securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html

Report Overview

Visited public
2025-04-08 11:20:38
Tags
paypal phishing financial
URL
securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Finishing URL
securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
IP / ASN
104.26.1.97
#13335 CLOUDFLARENET
Title
Log in to your PayPal account
Phishing - PayPal

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-04-02	899 B	110 kB	104.17.24.14
lp.cybeready.net	unknown	2014-01-26	2015-12-30	2025-04-04	2.1 kB	23 kB	172.67.74.139
securepage.cloud	unknown	2024-02-29	2024-03-01	2025-04-03	1.1 kB	4.1 kB	172.67.70.21

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-04-07	medium	securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html	PayPal Inc.
2025-04-07	medium	securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html	PayPal Inc.

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html	ScriptElement	63 B	2025-04-08	2025-04-08
Pretty URL securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html IP 172.67.70.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-08 11:20 Last Seen2025-04-08 11:20 Times Seen1 Hash 6cb66cf46d3e5f95de07ea4decc4e8cf 8e472b06acac995bddd8327162713b94df0d1c18 ca3330a287f730306bb6e1801c27f9e31daa439615818a9e55cb373ba7fe6a79 Loading...

	lp.cybeready.net/Forms/PayPal/validator.js	ScriptElement	1.6 kB	2024-03-26	2025-05-06
Pretty URL lp.cybeready.net/Forms/PayPal/validator.js IP 172.67.74.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-26 04:46 Last Seen2025-05-06 13:09 Times Seen100 Hash 9949956ba262baa1705fbd6f66989fe1 36179713895356ab58cac08c1258a9d2be76ebdc 547b57a0e82b060295dc8cedd2881b65d8f5a9b3471ec8fecb0fa80810275863 Loading...

	lp.cybeready.net/common/landing-page.js	ScriptElement	7.7 kB	2023-03-07	2025-05-07
Pretty URL lp.cybeready.net/common/landing-page.js IP 172.67.74.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:38 Last Seen2025-05-07 21:52 Times Seen437 Hash dc85792ec27e1c3bf02af986d07c81eb c39b1be3530a69a460c3baadf28b8dbd7e8b36de c05334d2ef10e1f535203cd1257989fbaa79462c0744a105853eb37cbacc259f Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-09 08:59 Times Seen6763 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

HTTP Transactions (9)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.24.14

200 OK

84 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
84 kB (84355 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
cf-ray: 92d15fe6888a5697-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1539098
expires: Sun, 29 Mar 2026 11:20:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJqMO0Wulpx%2BGrATSCIGenfNNeqU%2BNLPmn0j2tCyRLnVCd136fPylAjZs33oGpR2QJO%2FJHLEd9A%2FX%2FFn%2BzyUGmJC69cPBoD7zKrjW8r1PoFIQ%2Bq6EkCUUvFPaYcgh%2BfVwaDbLNgQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/PayPal/logo.svg

172.67.74.139

200 OK

4.9 kB

URL GET
lp.cybeready.net/Forms/PayPal/logo.svg
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint83:E5:F3:24:55:2E:3B:93:44:E7:CD:09:70:02:A7:28:3C:ED:62:F2
ValiditySat, 05 Apr 2025 19:27:08 GMT - Fri, 04 Jul 2025 19:27:07 GMT

File type
SVG Scalable Vector Graphics image
Size
4.9 kB (4945 bytes)
Hash
0d105318575ea6a4fc653aa8290a3410
b8ef6c644ffdb3983c518014bc4c0ff4317a011b
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

HTTP Headers

GET /Forms/PayPal/logo.svg HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: image/svg+xml
x-amz-id-2: aQNur2gIQxuoyinpOKt8vJ9l0RoWdqz4Jh+KBw1+rEdwqX5Sboo6+GCVtt1nE5PCsg/1qRNRblg=
x-amz-request-id: F8ZPDP4DC1432PCR
last-modified: Mon, 08 Feb 2016 14:39:43 GMT
etag: W/"0d105318575ea6a4fc653aa8290a3410"
x-amz-version-id: null
cache-control: max-age=14400
cf-cache-status: HIT
age: 1993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyNfKoNd8ENC%2BAL1CrCclJWw07pVEJi7U4auVW5pOKa%2FbMYugBts1HyQ1Ahl1f0BHJ1rP7Ap4hT5goVnv05YYwzZHSZ1GKdkLI35UVS6o7XbMTskAhiTqjjBJDE4Nks01AE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92d15fe6fe00542a-TLL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=14880&min_rtt=14109&rtt_var=2944&sent=14&recv=13&lost=0&retrans=0&sent_bytes=7001&recv_bytes=1453&delivery_rate=205186&cwnd=198&unsent_bytes=0&cid=ff87d453856cf41a&ts=89&x=0"
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/PayPal/validator.js

172.67.74.139

200 OK

1.6 kB

URL GET
lp.cybeready.net/Forms/PayPal/validator.js
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint83:E5:F3:24:55:2E:3B:93:44:E7:CD:09:70:02:A7:28:3C:ED:62:F2
ValiditySat, 05 Apr 2025 19:27:08 GMT - Fri, 04 Jul 2025 19:27:07 GMT

File type
ASCII text
Size
1.6 kB (1571 bytes)
Hash
9949956ba262baa1705fbd6f66989fe1
36179713895356ab58cac08c1258a9d2be76ebdc
547b57a0e82b060295dc8cedd2881b65d8f5a9b3471ec8fecb0fa80810275863

HTTP Headers

GET /Forms/PayPal/validator.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: application/javascript
x-amz-id-2: pRogg0wQcvlWGcLYaZMkQM0chgAB3rvx8TYlQydmiSmaCHfAUrFO7mzbg72/z6aij7UTTfTvDCw=
x-amz-request-id: Z7W1S7FVE13X0RNK
last-modified: Mon, 08 Feb 2016 14:40:12 GMT
etag: W/"9949956ba262baa1705fbd6f66989fe1"
x-amz-version-id: null
cache-control: max-age=14400
cf-cache-status: HIT
age: 1993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6T%2FToGmmGwrDaUsZkRRSTzW%2F%2FK30fGqtBdo6NpqT685lsb0Ri2xxW423vbzW%2FmkHfnodRYJF65LXjrs3wjS1SRZa%2Bc5OhIfTDxXCiB%2FhPORcI8jVUsEqN%2FfjzFKyOPXaNqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92d15fe70e0e542a-TLL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=14880&min_rtt=14109&rtt_var=2944&sent=17&recv=13&lost=0&retrans=0&sent_bytes=9511&recv_bytes=1453&delivery_rate=205186&cwnd=198&unsent_bytes=0&cid=ff87d453856cf41a&ts=90&x=0"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

104.17.24.14

200 OK

24 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
ASCII text, with very long lines (23577)
Size
24 kB (23739 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: text/css; charset=utf-8
content-length: 4364
cf-ray: 92d15fe668705697-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65993750-110c"
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 414582
expires: Sun, 29 Mar 2026 11:20:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVgWboV9Md9FVhf%2FPFjSWisK0TkSODahqVM7sId27RycSE9btZ%2BdAhE63GJILLnsoSYENxmGlqOi6XTqWAR8zl2qOIV1wsCi8KiLKmb8sF14Wz63mef7N5fcbQlJXP%2BsuqN1dI44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/PayPal/sanitize.css

172.67.74.139

200 OK

1.0 kB

URL GET
lp.cybeready.net/Forms/PayPal/sanitize.css
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint83:E5:F3:24:55:2E:3B:93:44:E7:CD:09:70:02:A7:28:3C:ED:62:F2
ValiditySat, 05 Apr 2025 19:27:08 GMT - Fri, 04 Jul 2025 19:27:07 GMT

File type
ASCII text
Size
1.0 kB (1022 bytes)
Hash
4023fc4c0be2a30c1eafd0903d5f471b
5a279dbebb94d31a980c2ca9c93cc9bc67937080
0ffa5f55696b655040a68d06ccf741bb6c915abe78acaa5fdd74d781d128f4d6

HTTP Headers

GET /Forms/PayPal/sanitize.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: text/css
x-amz-id-2: ajSwWOIWDDZFvU3n1vP5XMn7swhYgLwgRspuTuHEP3QXRvHrez+NyyUGATVGaLqWfH+wdBZAmkc=
x-amz-request-id: F8ZY9K55Q2RS5TJP
last-modified: Mon, 08 Feb 2016 14:39:43 GMT
etag: W/"4023fc4c0be2a30c1eafd0903d5f471b"
x-amz-version-id: null
cache-control: max-age=14400
cf-cache-status: HIT
age: 1993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzpSHr57wHZ6L3seG%2F05Y1p%2BrUdb50G36zOSdvv2SQAZvDFN3ehHAxdV7LfbjYMS2iPnCsPxRXutXQeXd01nx8oAxSSfM%2B7gZOCrKu1bz%2FPKeQkE4sWDbh2SWfRc9SbiPHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92d15fe71e29542a-TLL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=14880&min_rtt=14109&rtt_var=2944&sent=20&recv=13&lost=0&retrans=0&sent_bytes=10679&recv_bytes=1453&delivery_rate=205186&cwnd=198&unsent_bytes=0&cid=ff87d453856cf41a&ts=99&x=0"
X-Firefox-Spdy: h2

lp.cybeready.net/Forms/PayPal/index.css

172.67.74.139

200 OK

2.5 kB

URL GET
lp.cybeready.net/Forms/PayPal/index.css
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint83:E5:F3:24:55:2E:3B:93:44:E7:CD:09:70:02:A7:28:3C:ED:62:F2
ValiditySat, 05 Apr 2025 19:27:08 GMT - Fri, 04 Jul 2025 19:27:07 GMT

File type
ASCII text
Size
2.5 kB (2476 bytes)
Hash
d544f8e0c80e3e76c62f3240eef5e417
14dbe0c42043a7397ba3405cd3c5f44152e33793
421d8f83ab12c8824657175da3196a5f4739491498a87ce05b581f4bcb3276b8

HTTP Headers

GET /Forms/PayPal/index.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: text/css
x-amz-id-2: 3m3QNCv/JEpZAhUd0JwHqUKhqI5BmCbsMeW0rpHiDdv5pAHPX+vEi2qg+Mx7G30wBOlcmviBWCY=
x-amz-request-id: Z7W1ZXVA87YVP7DR
last-modified: Mon, 08 Feb 2016 14:39:42 GMT
etag: W/"d544f8e0c80e3e76c62f3240eef5e417"
x-amz-version-id: null
cache-control: max-age=14400
cf-cache-status: HIT
age: 1993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHovCapLefLcO6ett4R96ktZSfh2qtdoAH2VmLh%2FmerUQ0BEwUJ1CFOd2fWW9TG49rpSofq8j2jm37kLbHb83e2b478b%2Fji4OWfUxaRHtJ5Z5oBVnW40luTGIjY0MGQBQVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92d15fe6fdfe542a-TLL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=14880&min_rtt=14109&rtt_var=2944&sent=8&recv=13&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1453&delivery_rate=205186&cwnd=198&unsent_bytes=0&cid=ff87d453856cf41a&ts=84&x=0"
X-Firefox-Spdy: h2

securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html

172.67.70.21

200 OK

0 B

URL POST
securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
IP
172.67.70.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerGoogle Trust Services
Subjectsecurepage.cloud
Fingerprint1E:2D:2C:5B:3A:B8:83:A6:73:E6:9B:65:7F:98:05:5A:EE:4B:0A:5C
ValidityMon, 17 Feb 2025 12:53:59 GMT - Sun, 18 May 2025 13:53:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - PayPal
OpenPhish	phishing	PayPal Inc.

HTTP Headers

POST /84ada84dbxd283423bn856cd34ejc70ef6b4.html HTTP/1.1
Host: securepage.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://securepage.cloud
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Cookie: requestid=fbadb4ed5f3f17fdac3d4f9aea5f9267
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:18 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=927c23310d2bbbceb69d71bdd95bfb97
requestid=9a290f84c41d9249274edb3e2d2765de
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MuLR4PAM55azVjkmbM2z7Ui1bCwKg5Sz%2FgtkSrkG4OVYF2qlxh5g%2Bs9sJ0z7fmuNKe5GBlt3G43wse2QV0WFuhQfbZq1rsTawk3ByEVN3BtEBWZSmVUz%2BRaDZPRI1qVfvr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92d15fe89822c7da-TLL
server-timing: cfL4;desc="?proto=TCP&rtt=16976&min_rtt=12897&rtt_var=8558&sent=11&recv=16&lost=0&retrans=0&sent_bytes=4919&recv_bytes=1636&delivery_rate=334642&cwnd=253&unsent_bytes=0&cid=2ea3dddc0a6948c7&ts=1015&x=0"
X-Firefox-Spdy: h2

securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html

172.67.70.21

200 OK

2.3 kB

URL User Request GET
securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
IP
172.67.70.21:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsecurepage.cloud
Fingerprint1E:2D:2C:5B:3A:B8:83:A6:73:E6:9B:65:7F:98:05:5A:EE:4B:0A:5C
ValidityMon, 17 Feb 2025 12:53:59 GMT - Sun, 18 May 2025 13:53:56 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
2.3 kB (2260 bytes)
Hash
0626b76edb05673ddb5822e40a4409ea
1b7714ff9d7b077e5f9789e7758b1920bfd37e0d
8f25040747f5a1c275f41652b4a2b3b4039e202a21c4beac9a1dd9538400da6b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - PayPal
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /84ada84dbxd283423bn856cd34ejc70ef6b4.html HTTP/1.1
Host: securepage.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: text/html
x-amz-expiration: expiry-date="Tue, 06 May 2025 00:00:00 GMT", rule-id="DeleteAfter30Days"
x-amz-server-side-encryption: AES256
x-amz-version-id: GgOd95kZJHt5a60sKAHfB7483AXekUim
set-cookie: requestid=fbadb4ed5f3f17fdac3d4f9aea5f9267
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkYiHwWkSLMBY4IJH%2B0dnCbBGTVdxunanrgrNIw15epeV4J0Mkh0uNF36defKV90M9Af0Ss0GxAahblp%2FyQp8X0QxX7Zk3D7G0wWvBdeL0QDd9WjQU9NxX2Zvgm7YxUCLO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92d15fe2ffa2c7da-TLL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=18969&min_rtt=13145&rtt_var=13174&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3286&recv_bytes=1276&delivery_rate=330141&cwnd=250&unsent_bytes=0&cid=2ea3dddc0a6948c7&ts=324&x=0"
X-Firefox-Spdy: h2

lp.cybeready.net/common/landing-page.js

172.67.74.139

200 OK

7.7 kB

URL GET
lp.cybeready.net/common/landing-page.js
IP
172.67.74.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://securepage.cloud/84ada84dbxd283423bn856cd34ejc70ef6b4.html
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint83:E5:F3:24:55:2E:3B:93:44:E7:CD:09:70:02:A7:28:3C:ED:62:F2
ValiditySat, 05 Apr 2025 19:27:08 GMT - Fri, 04 Jul 2025 19:27:07 GMT

File type
JavaScript source, ASCII text
Size
7.7 kB (7666 bytes)
Hash
dc85792ec27e1c3bf02af986d07c81eb
c39b1be3530a69a460c3baadf28b8dbd7e8b36de
c05334d2ef10e1f535203cd1257989fbaa79462c0744a105853eb37cbacc259f

HTTP Headers

GET /common/landing-page.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securepage.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Apr 2025 11:20:17 GMT
content-type: application/javascript
x-amz-id-2: T9w7JH1wX2NvF+sVu1/id765SjG3oY0Yre1RT+hBh/D6DTOIxcJ/XCN7bnKRVMACX4ESzbfNrAU=
x-amz-request-id: 7K4KH1G2XG4PBDQY
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
x-amz-version-id: null
cache-control: max-age=14400
cf-cache-status: HIT
age: 1993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PBEIhu2HfJyfTemS5%2BJgNvfiIDiGKrQgSQCPo6qKOH6Vi4WSVlgmV4OLzxZ4FVVNd4in56wwKtoexJZ0RUp%2BhJbvNEheFKePsna51bczykzIoHg%2BvPUyHS0PUbPn%2FJrHQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92d15fe6fe05542a-TLL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=14880&min_rtt=14109&rtt_var=2944&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4216&recv_bytes=1453&delivery_rate=205186&cwnd=198&unsent_bytes=0&cid=ff87d453856cf41a&ts=86&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN