Report - www.livelogin.art/

Report Overview

Submitted URL
www.livelogin.art/
IP
104.219.248.113
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-28 20:27:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.7 kB	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.165.143.157
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
aadcdn.msauth.net	1421	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	896 B	21 kB	13.107.246.53
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
www.livelogin.art	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.5 kB	292 kB	104.219.248.113
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook
2022-09-28	medium	www.livelogin.art/	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	www.livelogin.art/	Phishing
2022-09-28	medium	www.livelogin.art/jquery.min.js	Phishing
2022-09-28	medium	www.livelogin.art/common.min.js	Phishing
2022-09-28	medium	www.livelogin.art/jstz.min.js	Phishing
2022-09-28	medium	www.livelogin.art/app.min.js	Phishing
2022-09-28	medium	www.livelogin.art/xskin.min.js	Phishing
2022-09-28	medium	www.livelogin.art/framework.min.js	Phishing
2022-09-28	medium	www.livelogin.art/scripts.min.js	Phishing
2022-09-28	medium	www.livelogin.art/bootstrap.bundle.min.js	Phishing
2022-09-28	medium	www.livelogin.art/ui.min.js	Phishing
2022-09-28	medium	www.livelogin.art/jquery-ui.min.js	Phishing
2022-09-28	medium	www.livelogin.art/fonts/roboto-v19-regular.woff2	Phishing
2022-09-28	medium	www.livelogin.art/fonts/roboto-v19-regular-700.woff2	Phishing
2022-09-28	medium	www.livelogin.art/fonts/roboto-v19-regular.woff	Phishing
2022-09-28	medium	www.livelogin.art/fonts/roboto-v19-regular-700.woff	Phishing
2022-09-28	medium	www.livelogin.art/js.cookie.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.livelogin.art/jquery.min.js	90 kB	2023-03-07	2024-04-16
Pretty URL www.livelogin.art/jquery.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-04-16 17:37:19 Times Seen481 Hash 80d6b39faaf27486264ff13531191401 03e255f1f19107a46b09da332347baa25231fc22 542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f Loading...

	www.livelogin.art/framework.min.js	12 kB	2023-03-07	2023-12-16
Pretty URL www.livelogin.art/framework.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2023-12-16 15:43:50 Times Seen124 Hash 6037408299eb4dbe83fe83c53e7e75fa 438de7879ef13bc6b63cee929b79125069757dc6 a3079df40eb26986884efd895189b6616a23256a7f2dc5ad2954340437e7f45a Loading...

	www.livelogin.art/	2.9 kB	2023-03-08	2023-03-08
Pretty URL www.livelogin.art/ IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:21 Last Seen2023-03-08 03:12:21 Times Seen1 Hash f048432dc40d2c070a2ef2ed246ce667 4d305f8a0b2ed056385ef3853e9618e1fd27187e 96ec8911a1fb68e7be61873bae097d509775b59911719a3ee904984fcf299d0c Loading...

	www.livelogin.art/jquery-ui.min.js	260 kB	2023-03-07	2024-04-16
Pretty URL www.livelogin.art/jquery-ui.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:24 Last Seen2024-04-16 17:45:13 Times Seen915 Hash fb752c6ba6b88ffa885f1d2a6492ef58 e20616dd323e0313e75de00ac055b7d249cb9056 59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834 Loading...

	www.livelogin.art/	35 B	2023-03-07	2024-03-16
Pretty URL www.livelogin.art/ IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:00 Last Seen2024-03-16 05:33:41 Times Seen80 Hash d0c5b963f8165f56493874746adedf97 e09c78d91814eebbd23a7080b6e90e06f4c84de1 1a1f1580c0b8e2a2101cf9e01c596bcee15c2e38657b69ec8bd9ee4a526fd168 Loading...

	www.livelogin.art/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-04-16
Pretty URL www.livelogin.art/bootstrap.bundle.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:50 Last Seen2024-04-16 17:37:19 Times Seen443 Hash a187431872552aacc1d4df6a65638f6a b61a4dc554a133bc455c09713a464ffea357643f 3e735a9880bf0bf27c32641063cccc60d93c53a7a77306dd6221f3db3c57ea20 Loading...

	www.livelogin.art/ui.min.js	60 kB	2023-03-07	2024-04-04
Pretty URL www.livelogin.art/ui.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:53:12 Last Seen2024-04-04 17:40:51 Times Seen140 Hash 619e25d3dfe214522737b0abd39c90ac 1cadec14683b7cce74d3c1ac0ac2033b539ca5a8 d121d589a86366cf825702742c5242bcaca10f6ec7bcdbeb3cb86e005f88df30 Loading...

	www.livelogin.art/common.min.js	13 kB	2023-03-07	2024-04-04
Pretty URL www.livelogin.art/common.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:24 Last Seen2024-04-04 17:40:51 Times Seen255 Hash 049e268d7293af03f8592ca0742f9eae 8b541c5cbe301227ceb20d93751b44fef18102f1 753efdc34aa0463369369e8beba0129f264d71a02a2035a197599b5faf3889f2 Loading...

	www.livelogin.art/jstz.min.js	14 kB	2023-03-07	2024-04-14
Pretty URL www.livelogin.art/jstz.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:24 Last Seen2024-04-14 19:32:15 Times Seen506 Hash e49675269ad4c407f199cabd3ed5f677 037747a66af956ca18c5975764a0ad65c99bcb77 c9893f911334bfa540b0ab825cc670dfc4dfbdc6030d67e3658b496f5c7d344a Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 17:01:32 Times Seen37041807 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.livelogin.art/js.cookie.min.js	2.0 kB	2023-03-07	2024-02-06
Pretty URL www.livelogin.art/js.cookie.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:53:12 Last Seen2024-02-06 05:17:58 Times Seen100 Hash f0e6c982ac9bf7ebf41b0982b2422d80 6f051c9af4960a584f167812cd7bd92e648640dc f8847d309bdd04e35edd4e3169ad4ed6da29f4fa4b5d2ed63f0b9a7cc880e020 Loading...

	www.livelogin.art/xskin.min.js	2.5 kB	2023-03-07	2023-12-16
Pretty URL www.livelogin.art/xskin.min.js IP 104.219.248.113 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2023-12-16 15:43:50 Times Seen127 Hash f1f432857ded2eef0d074376f957d100 b7bd8a9a8ca0f81d01272b2625fe8791a410da14 f4a6fef4ccb64e20732cf7dfc2a51906cdb5513d1b72f1a19f36cde1f250f41b Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11331
Expires: Wed, 28 Sep 2022 23:36:17 GMT
Date: Wed, 28 Sep 2022 20:27:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 20:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TpCV_fBNj44iwQzU0DP0xJuhpNU09CumsRA6YWO6kgiVWNgyJKGtnw==
Age: 707

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YSPcgKeas9zbSFzujr-sJ8DzOcmksRYzhPQhD-YiczZz-wtGGCrizg==
age: 53940
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 20:27:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
75eb3f93161b5a98f610781317211690
3d466207e2c6001ed1a7e8e0c7174638439c7bba
f451d8acfd0bffe3e1764e3fa1d46d1fa61a28ab8a87aabe47879429524d6fba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 20:27:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 00:21:37 GMT
Expires: Wed, 05 Oct 2022 00:21:36 GMT
Etag: "3d466207e2c6001ed1a7e8e0c7174638439c7bba"
Cache-Control: max-age=531849,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f3842cc0efab8-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L4w8TP5F6WtfW4Co382p-_IFwzGrXMx-kQXvwqLGnG-A2khphHLrVg==
Age: 3473

www.livelogin.art/

104.219.248.113

200 OK

2.7 kB

URL HTTP/2
www.livelogin.art/
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1242)
Size
2.7 kB (2697 bytes)
Hash
3c6186862092075b8747a8d26dcb661d
d158f6bf5acbd6ed2c70ebe6f8811f990b316030
66f46777fd237fe0dbc78f546da9da13793a5357acafea87e2c6720f21a0a5f3

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
content-length: 2697
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 20:27:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Last-Modified: Wed, 28 Sep 2022 18:56:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

13.107.246.53

200 OK

1.4 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
1.4 kB (1435 bytes)
Hash
9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1435
content-type: image/svg+xml
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373CB2849
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: be898e47-801e-0037-604e-d0c76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0y8wyYwAAAABOFC/FDNwfRK1O8lamO8WrQU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0L640YwAAAABQbt2wOJQHT4O821ST7Ae9U1ZHMjBFREdFMDYxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 20:27:26 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.165.143.157

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.143.157:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: szXxUIIW3VnZ/5F7rY2qkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +6dI2HORlKnZsXDVlfP0Ap7gnas=

www.livelogin.art/styles.css

104.219.248.113

200 OK

19 kB

URL HTTP/2
www.livelogin.art/styles.css
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (18706 bytes)
Hash
54a0066360dbed87a97af21d691812e5
037579f25e9062bdb6baa655c2eba30b53efeafd
3f5fbb0fe0be923947abfd3cd14ded1a7083c58300a8fada48a2b75327bf83d5

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /styles.css HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 19:39:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18706
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/bootstrap.min.css

104.219.248.113

200 OK

21 kB

URL HTTP/2
www.livelogin.art/bootstrap.min.css
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65324)
Size
21 kB (20900 bytes)
Hash
737d235045251cf89edb0d4c53d11d4d
9efff37090aff9fb2229d53c462f093b045fb7d0
e2fe89a9e415601d8f5f0cf17526342140d32b96e7e1e07b1934ee3f28af81f4

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /bootstrap.min.css HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 19:39:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20900
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/elastic.css

104.219.248.113

200 OK

23 kB

URL HTTP/2
www.livelogin.art/elastic.css
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
23 kB (23174 bytes)
Hash
d9ecc926efe60b3c5dbb0f3332fedf17
484c5441a90b28bdba96f24d044d4db1a709976f
bd901e61ee249a170df76dfb60e6dce4584c210dfa35720af3ed1618ab1eda9a

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /elastic.css HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 19:41:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23174
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/styles3.css

104.219.248.113

200 OK

3.4 kB

URL HTTP/2
www.livelogin.art/styles3.css
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.4 kB (3365 bytes)
Hash
96eab0da4a44b77ad54b7d93e855d43f
c0f2766e14da281da86ca4267ba910cc55c1663d
dbae6af65e1da3d20a5b619a0b934cf1d0dac92b77a00b864a6e71e3fbf58e9b

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /styles3.css HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 19:39:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3365
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/jquery-ui.css

104.219.248.113

200 OK

7.6 kB

URL HTTP/2
www.livelogin.art/jquery-ui.css
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2515)
Size
7.6 kB (7563 bytes)
Hash
bd49c3d7c200369840f4f7fed3f4b7f8
03a7ef1f9503a6bcb2fb1fceb300ad8d30d78411
2b2b090f0ec1ecea98c6431fe7952b6595e67ad6563132a6e0e2fa1fd614f2af

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /jquery-ui.css HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 19:40:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7563
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/jquery.min.js

104.219.248.113

200 OK

31 kB

URL HTTP/2
www.livelogin.art/jquery.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (64001)
Size
31 kB (30744 bytes)
Hash
754f09af436756a31c38d106dfe264a4
94ce18a259030f68b748e7cfd6b53912cf543e8e
17e43893308b35e0e1c49ee2f8315eaedbd706b0d58b489933494baf2554483c

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:39:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30744
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/styles2.css

104.219.248.113

200 OK

1.8 kB

URL HTTP/2
www.livelogin.art/styles2.css
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.8 kB (1780 bytes)
Hash
59cf955cd4298d7c5a68106b927b1a4e
b08a5a1f8eddbfde647acd8c88f0ad67b01e5c4d
235db6b4cdbd9ee182df1107863a61ff58864611203e1575bffec00b77e469f9

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /styles2.css HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 19:39:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1780
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/common.min.js

104.219.248.113

200 OK

4.7 kB

URL HTTP/2
www.livelogin.art/common.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1382)
Size
4.7 kB (4653 bytes)
Hash
73ddeba4a05bb975f55a03072649e2e3
082ca2315d4331c51bae7bb53e64adf2d2c8e5a4
f70d8e1cfc7d86613d4d4871722f66daa785ea2c50ae8fede4e16f8bbbd2a0c4

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /common.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:39:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4653
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:27:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:27:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 20:27:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12016 bytes)
Hash
4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 81530
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13299 bytes)
Hash
ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 81444
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5319 bytes)
Hash
46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:32:06 GMT
age: 82522
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14464 bytes)
Hash
aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 81685
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 54317
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 81510
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.livelogin.art/jstz.min.js

104.219.248.113

200 OK

4.6 kB

URL HTTP/2
www.livelogin.art/jstz.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12020)
Size
4.6 kB (4566 bytes)
Hash
1cb2059e3b7d28365f66095e063cd1fb
2b7dfbb528e8236fa8dcd35f1e9f90c83a4c8298
a00ce3964ff2587312f05b34b2ea388d858b2f18c51693f64095a9af1c149d23

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /jstz.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:40:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4566
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/app.min.js

104.219.248.113

200 OK

47 kB

URL HTTP/2
www.livelogin.art/app.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (690)
Size
47 kB (47065 bytes)
Hash
5e2a8adec7a6adbe89f2008fcf1358b5
db0d742abf7f4dcd470096eead95bf33b7a33600
7e325ef4828972b5b91c3f5a2392afe02633ee1fdb1ef3735ff7cd742abab378

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /app.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:40:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 47065
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/xskin.min.js

104.219.248.113

200 OK

939 B

URL HTTP/2
www.livelogin.art/xskin.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2521), with no line terminators
Size
939 B (939 bytes)
Hash
470c3882827149b95a000087ee9a876c
fa0a98330800375d088cc32f2a5c901866fcb4df
b4e9e3cf64e105aae68e65bff9633742661ef5c304a489a55e2987b2951ee72d

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /xskin.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:45:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 939
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/skins/elastic/images/logo.svg?s=1598303020

104.219.248.113

404 Not Found

1.2 kB

URL HTTP/2
www.livelogin.art/skins/elastic/images/logo.svg?s=1598303020
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /skins/elastic/images/logo.svg?s=1598303020 HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/framework.min.js

104.219.248.113

200 OK

3.3 kB

URL HTTP/2
www.livelogin.art/framework.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12118), with no line terminators
Size
3.3 kB (3268 bytes)
Hash
c81cac3edc7d876050d52aac3b7ff6b7
94f2e759be66a7b93b3edd104dba08c94053bf64
aa41dad58e0f92541f83427dcd6c6633352e1cd926c4c32ae880029fcdee453e

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /framework.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:45:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3268
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/scripts.min.js

104.219.248.113

200 OK

0 B

URL HTTP/2
www.livelogin.art/scripts.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /scripts.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:45:52 GMT
accept-ranges: bytes
content-length: 0
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/bootstrap.bundle.min.js

104.219.248.113

200 OK

21 kB

URL HTTP/2
www.livelogin.art/bootstrap.bundle.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65297)
Size
21 kB (21346 bytes)
Hash
c87fcc0afa5c5b0de9302d604c48b8fb
65007940b59c7fc89e427acf0d7ac9716d8323a8
3eecef8b1cae1d33cc392d24e2c870471f96f9476119ecd5b7cd0389da655010

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /bootstrap.bundle.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:49:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21346
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/ui.min.js

104.219.248.113

200 OK

19 kB

URL HTTP/2
www.livelogin.art/ui.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (597)
Size
19 kB (18570 bytes)
Hash
d27ee9e77a9898229b9d4835099a31a2
935344f40d010b5f61192039030749903afdba9d
7de794493269fd7f65e160e02a9ea60146b6f9f7c5bf25a48d4a5fc5ea8c95d5

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /ui.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:49:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18570
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/jquery-ui.min.js

104.219.248.113

200 OK

68 kB

URL HTTP/2
www.livelogin.art/jquery-ui.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (33303)
Size
68 kB (67460 bytes)
Hash
ec2c071fe633fa13decb6e5d3c3109e0
9321cd895067c3c0db578bd8cd168993bddd68c6
528a15c42db5796ae6a24ed1b92cb1d92e3df9518a3b5177e5d481491d8dcd9b

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /jquery-ui.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:45:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 67460
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/fonts/roboto-v19-regular.woff2

104.219.248.113

404 Not Found

1.2 kB

URL HTTP/2
www.livelogin.art/fonts/roboto-v19-regular.woff2
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /fonts/roboto-v19-regular.woff2 HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.livelogin.art/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Sep 2022 20:27:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/fonts/roboto-v19-regular-700.woff2

104.219.248.113

404 Not Found

1.2 kB

URL HTTP/2
www.livelogin.art/fonts/roboto-v19-regular-700.woff2
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /fonts/roboto-v19-regular-700.woff2 HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.livelogin.art/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Sep 2022 20:27:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/skins/elastic/images/logo.svg?s=1598303020

104.219.248.113

404 Not Found

1.2 kB

URL HTTP/2
www.livelogin.art/skins/elastic/images/logo.svg?s=1598303020
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /skins/elastic/images/logo.svg?s=1598303020 HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Sep 2022 20:27:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/fonts/roboto-v19-regular.woff

104.219.248.113

404 Not Found

1.2 kB

URL HTTP/2
www.livelogin.art/fonts/roboto-v19-regular.woff
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /fonts/roboto-v19-regular.woff HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.livelogin.art/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Sep 2022 20:27:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.livelogin.art/fonts/roboto-v19-regular-700.woff

104.219.248.113

404 Not Found

1.2 kB

URL HTTP/2
www.livelogin.art/fonts/roboto-v19-regular-700.woff
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /fonts/roboto-v19-regular-700.woff HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.livelogin.art/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Sep 2022 20:27:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico

13.107.246.53

200 OK

17 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 81f7ae53-201e-002d-6a35-d2795b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0OaEyYwAAAAAL6EjDZEqvSb8IlrOUQoN6QU1TMDRFREdFMTkxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0Mq40YwAAAAASZWnpzQfkQbLTdbGzHnOUU1ZHMjBFREdFMDYxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 20:27:29 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Quattrocento&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Quattrocento&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Quattrocento&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 20:27:27 GMT
date: Wed, 28 Sep 2022 20:27:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Merienda&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Merienda&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Merienda&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 20:27:27 GMT
date: Wed, 28 Sep 2022 20:27:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.livelogin.art/js.cookie.min.js

104.219.248.113

200 OK

0 B

URL HTTP/2
www.livelogin.art/js.cookie.min.js
IP
104.219.248.113:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /js.cookie.min.js HTTP/1.1
Host: www.livelogin.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 20:27:27 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 19:45:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 927
date: Wed, 28 Sep 2022 20:27:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Sarala&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Sarala&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Sarala&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 20:27:27 GMT
date: Wed, 28 Sep 2022 20:27:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Cairo&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Cairo&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Cairo&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 20:27:27 GMT
date: Wed, 28 Sep 2022 20:27:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat+Alternates&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat+Alternates&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat+Alternates&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.livelogin.art/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 20:27:27 GMT
date: Wed, 28 Sep 2022 20:27:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations