| liveflo.qxlva.io/home/signin/ | 104.18.39.59 | 302 Found | 0 B |
URL User Request GET HTTP/2liveflo.qxlva.io/home/signin/ IP104.18.39.59:443
CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /home/signin/ HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 03:49:14 GMT
content-length: 0
location: https://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
cf-cache-status: DYNAMIC
set-cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8CdLu1jFNypLthy6difoZ0HksX401yFO74j-OHs3Eb05uAxB0dWof3DJInY2dS7PfEtNxMrr1U3mI9p1RPBhqfV4QciiGqpbidzlXJCSicKF_4V_LD0DGz4LKO6PEUZEzmhwPu0x9_f4kVETzA-HRXEXEMFXtiJBCZKAQI_e06YX8oFtdVMhUFNCS8SLQ1zbC32DH5VZS5iRc6cVog8s2p2cCYdmuGZndwxeP4Cyh1Re_lqVGEeaaIWSWRv4p32wjo9m8knzCIT3J3_ln2UCvGI=N; expires=Wed, 24 Apr 2024 04:04:14 GMT; path=/signin-oidc; secure; samesite=none; httponly
.AspNetCore.Correlation.HwyrCc3d3LCwQkMhMZCBgxej6JnV_FAdp2dM3XYmVpk=N; expires=Wed, 24 Apr 2024 04:04:14 GMT; path=/signin-oidc; secure; samesite=none; httponly
__cf_bm=Jp0e0_zXkFCjb0iLvpaiu3HROm2zDs.CiPSsC9QiOOU-1713930554-1.0.1.1-1pwoeNhW5E2iEO3llHFKzQZmgZQNxA8XctcqMgv_VDlVslPJ3v0g_Rc9B5Ru3U06TzUpLI.ndF1qUlEu4FTruA; path=/; expires=Wed, 24-Apr-24 04:19:14 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931f4c5ba4b4fa-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 | 20.190.177.147 | 200 OK | 66 kB |
URL User Request GET HTTP/1.1liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 IP20.190.177.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (61642), with CRLF, LF line terminators Hashd84a1683657d677c734015ed88e6b474 78d252893471b34a5709e80f6e2c01e2be3a1156 f63950f9203e40302a50ee20e8b54a069ffb954ccdacb84202cd5afde9b4a2ee
GET /liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
x-ms-gateway-requestid: 94a99c9d-02c2-43d7-9e17-b1638c8ce6f7
X-UA-Compatible: IE=edge
X-Request-ID: 0dd23951-1f47-4e98-b25f-aea0a983f904
X-Build: 1.1.128.0
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.T0PLRCWpkNIi+ZHk.onXOmbgrfxkrzz0hxdO5dQ==.0.2kNi+qdGYTFVcner+FRpxWlycZIzqv2yiZMi8HhQtDvJG+bKfXL/1buWV1H9jUNBUiB+GRH895R4nFhxj3JHq5SzoaSpQE+hfbfCfzWOI88ZeU9VhTuxniKjPrqxU7yl1P53LVKIXW5lnn/w+w1sZRWiU3s6926QjxXorK7sU+teWZJGLk+C9GZ+3212zrglBph8l0jZhEHu/DL1Wj0fHRw8h2nXtSJKfzaqX/kJNM6YkpSQMDS0fGCGHthVP5urBxzMByJgP6PyU79yjQsmdtdfFHnPxnBiBnOYt+hNWJ1VZ2oKS7vjEu+bW7PwG3AqxVC68RP7hHuiyIhPbd7hdGXhKRWRz6vezQ==; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-csrf=dnlVWXBlbGZBVTBLQjg4b3NnbGdVN2VJejVuU3hvTnF0bnk5b3dXV1drM1BobnVhWWRienFWQVZta29mMFpmMUlneHMrUEVsSTJoU0VwYi9ENW9LdFE9PTsyMDI0LTA0LTI0VDAzOjQ5OjE0LjYzMjY0NDNaO01nMDZEU1g4QWNNWGk3TG5tS1MxR1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|utnsducfme6yx66gqyp5ba_0=m1.mPtgvSwpigWnuqlp.odtR8PCSrnfkV2/3E8C2Lw==.0.oiwFz1CyrH7SLivcfQDPpnLWZ1iiv56UlWJlP/Fx2u4bu/n2EfvFDNJCvQJDRje4vRvAix16R4+eI7OD+BJgyBss2zyIPqXTquxEQQeN7XUhuuY2/utcbC0XV1kLxT5UrFYZsho2byuLb2W6WVNtDgzhkIbihg0yEzJ/yKfyolhFP0xt4DMuSDNoJA6O3sndCyUriHZ5pmO5g3/mvEjBG269qIWp2RQNZli6Wsl4yO/KRnM8LX1aoAelqTIytDDUz5hMYAfhrohJS2PEM+V8GzNJQSTQ0sM2cGKj+saK7qxEBszHD3xRndMhLcpJRagtYqosCgGknq/Tl70rNVSbN0UWfoO6fx7ryIo7hCy5/ezIZOLkqbCS4T2ix9BQYB7zOe3cS5wQDmUjb5IELeQJ1vaVkTerUjxe/r+76Uhobvy1mdeTzAyB491H6ckQZYJMVG6co6k5L+5iigrObAhPx4Rt2jFLsR296LlorwYF5LOsiWwdYvfqxQ+kJfDY5ZNaTrtpbT7uQCaMIOPAn2lx/fybl3NKlWC/LRPhpKhctXL7zyBdHWpFLrVq/Z6CfED7bYt21yk0Pn+p20aZxMhzFdWK/cqRs8lZRtjEM7eaWVQm+yiB2Mk9SyAE1SJTTU3JQECXp9y+o6rCVsJoH4k1osHC2MXU497NS4RqL627nbPjygf66TePmvoFMrLOSXWvSg8IsdBj4wUP5o8cbm2BjLhbtZlRWjSZW5dD2a74lls5i1nfjR0TkLHEliGDyhDbKNjtmAZqthNFi9K8I/zAOlrsh08WlDasF1ghpzks00O5l8ctS8ffNW1vRW3/wsrqhLr2z+aDIDSjrLrf3W3MC7riAZSHx+lX+HMeE4UlEhAEBFZ77BrBcCcEWt6wJLf7rm7jhrluolRhOKq9AdQhfXnUoCDH2ctyiNwVjAZXA06xiSwbICseM2F2XDeRAFUKF4pPazoap+fEueYU76DsjVRFxBxp6YVhaxkO9Dy2gYj4ZkMpycwEYFtmj5dsLxXVcyXsOC1mMaDDYbRiGrqxgW++XsKBcDoL20X5D06GRalFgxMnw6jcrgdLQnSzF8gCy+2WnbRaaE7LDKktcSaowwjQ/SVRz/8nY6KYLmlvxnXJ3fgTMDiCYphwhLUSw0+y7HqbrpbiUi61OB+fZuWOL8td7M4Ivx6zRi38wZNi67dUhJyzyNtcBJ49jeB2jo7e5XSAKdYuRlrx9WT5CxVS6NA12u/K1LmYZI/Kkp276HqEYewH/ovfqat+/PYQnYPs5CMCiqOC3e//5ZSJ14MAXFcrXsql5JozL4j7ld8XOtcYX3ubaDKW1XXzB+KX2DC6rFzgh/rv5R/XpvrbzN8Rf4xWoczETGZNmJe3zfNetnb2Cynq6fDY+BSggkfIyxEkNvQs7uWmbAy4vOVdgKXIS1poVMjD8h+VMHT2+dykvsZCIeS/7ZK4n5f7bnsisMZSUZGZ9x34aCNwGJx1VTKd7X2f2DlRcuaaggym4OGLjTwkZ3BIAfmyAOUFsAdXIz/F8IjCflCRx/sr8OK9kdqZMlsHmEbt9g==; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCJ9; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 24 Apr 2024 03:49:14 GMT
Content-Length: 66347
|
|
| liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png | 172.64.148.197 | 200 OK | 3.5 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced Hasha0f7e1b728a42016b247dc54ee40d055 f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037 ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/govuk-apple-touch-icon-180x180.png HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: image/png
content-length: 3503
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524880baf"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
accept-ranges: bytes
set-cookie: __cf_bm=CldgLVXXS9vz.lkCB7SW0VgfjozI82KZDsMeEW_2KLA-1713930555-1.0.1.1-Na8L6RLutXCj4jCPw3ccyI4AMMHiAk2r5.F6d7uYqFTAMiYy.1DyYOhyWj2Vj2.Mr5YlGB.tgQV6_BWAP.XTMw; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f52c8a77130-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 20.190.177.147 | 404 Not Found | 103 B |
URL GET HTTP/1.1liveflo.b2clogin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP20.190.177.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash96c5637e1eb8f8f8c34172f2d23eafc6 2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9 90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0
Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.T0PLRCWpkNIi+ZHk.onXOmbgrfxkrzz0hxdO5dQ==.0.2kNi+qdGYTFVcner+FRpxWlycZIzqv2yiZMi8HhQtDvJG+bKfXL/1buWV1H9jUNBUiB+GRH895R4nFhxj3JHq5SzoaSpQE+hfbfCfzWOI88ZeU9VhTuxniKjPrqxU7yl1P53LVKIXW5lnn/w+w1sZRWiU3s6926QjxXorK7sU+teWZJGLk+C9GZ+3212zrglBph8l0jZhEHu/DL1Wj0fHRw8h2nXtSJKfzaqX/kJNM6YkpSQMDS0fGCGHthVP5urBxzMByJgP6PyU79yjQsmdtdfFHnPxnBiBnOYt+hNWJ1VZ2oKS7vjEu+bW7PwG3AqxVC68RP7hHuiyIhPbd7hdGXhKRWRz6vezQ==; x-ms-cpim-csrf=dnlVWXBlbGZBVTBLQjg4b3NnbGdVN2VJejVuU3hvTnF0bnk5b3dXV1drM1BobnVhWWRienFWQVZta29mMFpmMUlneHMrUEVsSTJoU0VwYi9ENW9LdFE9PTsyMDI0LTA0LTI0VDAzOjQ5OjE0LjYzMjY0NDNaO01nMDZEU1g4QWNNWGk3TG5tS1MxR1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|utnsducfme6yx66gqyp5ba_0=m1.mPtgvSwpigWnuqlp.odtR8PCSrnfkV2/3E8C2Lw==.0.oiwFz1CyrH7SLivcfQDPpnLWZ1iiv56UlWJlP/Fx2u4bu/n2EfvFDNJCvQJDRje4vRvAix16R4+eI7OD+BJgyBss2zyIPqXTquxEQQeN7XUhuuY2/utcbC0XV1kLxT5UrFYZsho2byuLb2W6WVNtDgzhkIbihg0yEzJ/yKfyolhFP0xt4DMuSDNoJA6O3sndCyUriHZ5pmO5g3/mvEjBG269qIWp2RQNZli6Wsl4yO/KRnM8LX1aoAelqTIytDDUz5hMYAfhrohJS2PEM+V8GzNJQSTQ0sM2cGKj+saK7qxEBszHD3xRndMhLcpJRagtYqosCgGknq/Tl70rNVSbN0UWfoO6fx7ryIo7hCy5/ezIZOLkqbCS4T2ix9BQYB7zOe3cS5wQDmUjb5IELeQJ1vaVkTerUjxe/r+76Uhobvy1mdeTzAyB491H6ckQZYJMVG6co6k5L+5iigrObAhPx4Rt2jFLsR296LlorwYF5LOsiWwdYvfqxQ+kJfDY5ZNaTrtpbT7uQCaMIOPAn2lx/fybl3NKlWC/LRPhpKhctXL7zyBdHWpFLrVq/Z6CfED7bYt21yk0Pn+p20aZxMhzFdWK/cqRs8lZRtjEM7eaWVQm+yiB2Mk9SyAE1SJTTU3JQECXp9y+o6rCVsJoH4k1osHC2MXU497NS4RqL627nbPjygf66TePmvoFMrLOSXWvSg8IsdBj4wUP5o8cbm2BjLhbtZlRWjSZW5dD2a74lls5i1nfjR0TkLHEliGDyhDbKNjtmAZqthNFi9K8I/zAOlrsh08WlDasF1ghpzks00O5l8ctS8ffNW1vRW3/wsrqhLr2z+aDIDSjrLrf3W3MC7riAZSHx+lX+HMeE4UlEhAEBFZ77BrBcCcEWt6wJLf7rm7jhrluolRhOKq9AdQhfXnUoCDH2ctyiNwVjAZXA06xiSwbICseM2F2XDeRAFUKF4pPazoap+fEueYU76DsjVRFxBxp6YVhaxkO9Dy2gYj4ZkMpycwEYFtmj5dsLxXVcyXsOC1mMaDDYbRiGrqxgW++XsKBcDoL20X5D06GRalFgxMnw6jcrgdLQnSzF8gCy+2WnbRaaE7LDKktcSaowwjQ/SVRz/8nY6KYLmlvxnXJ3fgTMDiCYphwhLUSw0+y7HqbrpbiUi61OB+fZuWOL8td7M4Ivx6zRi38wZNi67dUhJyzyNtcBJ49jeB2jo7e5XSAKdYuRlrx9WT5CxVS6NA12u/K1LmYZI/Kkp276HqEYewH/ovfqat+/PYQnYPs5CMCiqOC3e//5ZSJ14MAXFcrXsql5JozL4j7ld8XOtcYX3ubaDKW1XXzB+KX2DC6rFzgh/rv5R/XpvrbzN8Rf4xWoczETGZNmJe3zfNetnb2Cynq6fDY+BSggkfIyxEkNvQs7uWmbAy4vOVdgKXIS1poVMjD8h+VMHT2+dykvsZCIeS/7ZK4n5f7bnsisMZSUZGZ9x34aCNwGJx1VTKd7X2f2DlRcuaaggym4OGLjTwkZ3BIAfmyAOUFsAdXIz/F8IjCflCRx/sr8OK9kdqZMlsHmEbt9g==; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 24 Apr 2024 03:49:14 GMT
Content-Length: 103
|
|
| liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png | 172.64.148.197 | 200 OK | 3.5 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced Hasha0f7e1b728a42016b247dc54ee40d055 f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037 ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/govuk-apple-touch-icon-180x180.png HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: image/png
content-length: 3503
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524880baf"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5338c57130-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/lib/jquery/dist/jquery.min.js | 172.64.148.197 | 200 OK | 34 kB |
URL GET HTTP/2liveflo.qxlva.io/lib/jquery/dist/jquery.min.js IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash35d8e42df99031103b749606a3d678b7 8bd1ecd74c841d50990781bf17017eda3986ad45 f9bb1a41a0bf6d035190fb8adfbc648a4aacfad5bdf1975ec664310cf164f249
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /lib/jquery/dist/jquery.min.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452521c104"
last-modified: Mon, 06 Mar 2023 16:03:09 GMT
cf-cache-status: HIT
age: 23
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5358d57130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/js/moj-frontend.min.js | 172.64.148.197 | 200 OK | 39 kB |
URL GET HTTP/2liveflo.qxlva.io/js/moj-frontend.min.js IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash00b799ba28b431ee018aab34ebde7fd3 67020619e2c38dc9a384d6c5a9095a7d2b783040 f511e600fa2ae8c4b0fe66fb87d64b016f9a7ef8e4fc6bd88d6b485a6c737eb8
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /js/moj-frontend.min.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524887e1d"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5348cf7130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/fonts/light-94a07e06a1-v2.woff2 | 172.64.148.197 | 200 OK | 33 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/fonts/light-94a07e06a1-v2.woff2 IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33382, version 1.131 Hash94a07e06a104e76fe40583f74b204aee 3202361735eb0c59277c2140c34dd77879df43de eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/fonts/light-94a07e06a1-v2.woff2 HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.qxlva.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: application/font-woff2
content-length: 33382
access-control-allow-credentials: true
access-control-allow-origin: https://liveflo.b2clogin.com
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524888466"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 23
accept-ranges: bytes
set-cookie: __cf_bm=NT.03wo4lfLVX7s5oCI1vditYROyCfd4LPeSZOP8a88-1713930555-1.0.1.1-frjuUsqr0sUxde4Peqhc1K_qMKo645OhhMF_VPpdNGIBo4Aq76c2jbaUPTrlwFKT5vrwDpBlFPE8EySz30xFlw; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931f539f305697-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/images/favicon.ico | 172.64.148.197 | | 2.7 kB |
URL GET liveflo.qxlva.io/assets/images/favicon.ico IP172.64.148.197:0
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash2b92681928806580779a40063b5b4846 40f778cea26e9a14c8158f737d02459450232887 bf9a289a241229c5e14c4ee79b82eced240017063a3accf15d0f06517b192a55
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/favicon.ico HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: image/x-icon
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524881eae"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5338c77130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/signature_pad@4.1.4/dist/signature_pad.umd.min.js | 151.101.65.229 | 200 OK | 4.0 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/signature_pad@4.1.4/dist/signature_pad.umd.min.js IP151.101.65.229:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (10935) Hashf08851c17deb20a2664ed852ba749c21 681b6700f1230eeebaa5f913f46d8477086ccec5 f56700d1f4addde549b8c8328ad1a6b912bf73ce9b65ecef2dc01c54c596e36b
GET /npm/signature_pad@4.1.4/dist/signature_pad.umd.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.4
x-jsd-version-type: version
etag: W/"2b6e-aBtnAPEjDu66pfkT9G2EdwhszsU"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 03:49:15 GMT
age: 670307
x-served-by: cache-fra-eddf8230038-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3993
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/liveflo.onmicrosoft.com/B2C_1_FLO_V2_Signup_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIwZGQyMzk1MS0xZjQ3LTRlOTgtYjI1Zi1hZWEwYTk4M2Y5MDQifQ&p=B2C_1_FLO_V2_Signup_Signin | 20.190.177.147 | 200 OK | 0 B |
URL POST HTTP/1.1liveflo.b2clogin.com/liveflo.onmicrosoft.com/B2C_1_FLO_V2_Signup_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIwZGQyMzk1MS0xZjQ3LTRlOTgtYjI1Zi1hZWEwYTk4M2Y5MDQifQ&p=B2C_1_FLO_V2_Signup_Signin IP20.190.177.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /liveflo.onmicrosoft.com/B2C_1_FLO_V2_Signup_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIwZGQyMzk1MS0xZjQ3LTRlOTgtYjI1Zi1hZWEwYTk4M2Y5MDQifQ&p=B2C_1_FLO_V2_Signup_Signin HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-CSRF-TOKEN: dnlVWXBlbGZBVTBLQjg4b3NnbGdVN2VJejVuU3hvTnF0bnk5b3dXV1drM1BobnVhWWRienFWQVZta29mMFpmMUlneHMrUEVsSTJoU0VwYi9ENW9LdFE9PTsyMDI0LTA0LTI0VDAzOjQ5OjE0LjYzMjY0NDNaO01nMDZEU1g4QWNNWGk3TG5tS1MxR1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
X-Requested-With: XMLHttpRequest
Content-Length: 9641
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0
Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.T0PLRCWpkNIi+ZHk.onXOmbgrfxkrzz0hxdO5dQ==.0.2kNi+qdGYTFVcner+FRpxWlycZIzqv2yiZMi8HhQtDvJG+bKfXL/1buWV1H9jUNBUiB+GRH895R4nFhxj3JHq5SzoaSpQE+hfbfCfzWOI88ZeU9VhTuxniKjPrqxU7yl1P53LVKIXW5lnn/w+w1sZRWiU3s6926QjxXorK7sU+teWZJGLk+C9GZ+3212zrglBph8l0jZhEHu/DL1Wj0fHRw8h2nXtSJKfzaqX/kJNM6YkpSQMDS0fGCGHthVP5urBxzMByJgP6PyU79yjQsmdtdfFHnPxnBiBnOYt+hNWJ1VZ2oKS7vjEu+bW7PwG3AqxVC68RP7hHuiyIhPbd7hdGXhKRWRz6vezQ==; x-ms-cpim-csrf=dnlVWXBlbGZBVTBLQjg4b3NnbGdVN2VJejVuU3hvTnF0bnk5b3dXV1drM1BobnVhWWRienFWQVZta29mMFpmMUlneHMrUEVsSTJoU0VwYi9ENW9LdFE9PTsyMDI0LTA0LTI0VDAzOjQ5OjE0LjYzMjY0NDNaO01nMDZEU1g4QWNNWGk3TG5tS1MxR1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|utnsducfme6yx66gqyp5ba_0=m1.mPtgvSwpigWnuqlp.odtR8PCSrnfkV2/3E8C2Lw==.0.oiwFz1CyrH7SLivcfQDPpnLWZ1iiv56UlWJlP/Fx2u4bu/n2EfvFDNJCvQJDRje4vRvAix16R4+eI7OD+BJgyBss2zyIPqXTquxEQQeN7XUhuuY2/utcbC0XV1kLxT5UrFYZsho2byuLb2W6WVNtDgzhkIbihg0yEzJ/yKfyolhFP0xt4DMuSDNoJA6O3sndCyUriHZ5pmO5g3/mvEjBG269qIWp2RQNZli6Wsl4yO/KRnM8LX1aoAelqTIytDDUz5hMYAfhrohJS2PEM+V8GzNJQSTQ0sM2cGKj+saK7qxEBszHD3xRndMhLcpJRagtYqosCgGknq/Tl70rNVSbN0UWfoO6fx7ryIo7hCy5/ezIZOLkqbCS4T2ix9BQYB7zOe3cS5wQDmUjb5IELeQJ1vaVkTerUjxe/r+76Uhobvy1mdeTzAyB491H6ckQZYJMVG6co6k5L+5iigrObAhPx4Rt2jFLsR296LlorwYF5LOsiWwdYvfqxQ+kJfDY5ZNaTrtpbT7uQCaMIOPAn2lx/fybl3NKlWC/LRPhpKhctXL7zyBdHWpFLrVq/Z6CfED7bYt21yk0Pn+p20aZxMhzFdWK/cqRs8lZRtjEM7eaWVQm+yiB2Mk9SyAE1SJTTU3JQECXp9y+o6rCVsJoH4k1osHC2MXU497NS4RqL627nbPjygf66TePmvoFMrLOSXWvSg8IsdBj4wUP5o8cbm2BjLhbtZlRWjSZW5dD2a74lls5i1nfjR0TkLHEliGDyhDbKNjtmAZqthNFi9K8I/zAOlrsh08WlDasF1ghpzks00O5l8ctS8ffNW1vRW3/wsrqhLr2z+aDIDSjrLrf3W3MC7riAZSHx+lX+HMeE4UlEhAEBFZ77BrBcCcEWt6wJLf7rm7jhrluolRhOKq9AdQhfXnUoCDH2ctyiNwVjAZXA06xiSwbICseM2F2XDeRAFUKF4pPazoap+fEueYU76DsjVRFxBxp6YVhaxkO9Dy2gYj4ZkMpycwEYFtmj5dsLxXVcyXsOC1mMaDDYbRiGrqxgW++XsKBcDoL20X5D06GRalFgxMnw6jcrgdLQnSzF8gCy+2WnbRaaE7LDKktcSaowwjQ/SVRz/8nY6KYLmlvxnXJ3fgTMDiCYphwhLUSw0+y7HqbrpbiUi61OB+fZuWOL8td7M4Ivx6zRi38wZNi67dUhJyzyNtcBJ49jeB2jo7e5XSAKdYuRlrx9WT5CxVS6NA12u/K1LmYZI/Kkp276HqEYewH/ovfqat+/PYQnYPs5CMCiqOC3e//5ZSJ14MAXFcrXsql5JozL4j7ld8XOtcYX3ubaDKW1XXzB+KX2DC6rFzgh/rv5R/XpvrbzN8Rf4xWoczETGZNmJe3zfNetnb2Cynq6fDY+BSggkfIyxEkNvQs7uWmbAy4vOVdgKXIS1poVMjD8h+VMHT2+dykvsZCIeS/7ZK4n5f7bnsisMZSUZGZ9x34aCNwGJx1VTKd7X2f2DlRcuaaggym4OGLjTwkZ3BIAfmyAOUFsAdXIz/F8IjCflCRx/sr8OK9kdqZMlsHmEbt9g==; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
x-ms-gateway-requestid: dc6b625e-bbf1-40b1-a352-01ac667a3cb2
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 24 Apr 2024 03:49:15 GMT
Content-Length: 0
|
|
| liveflo.qxlva.io/js/site.js | 172.64.148.197 | 200 OK | 5.7 kB |
URL GET HTTP/2liveflo.qxlva.io/js/site.js IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hashacb054feeace0e61b6039f42d4bea02c 07a6388a2e92bdb4875b017aa1dce8766902017b ebfd97793d02f28bfaa90ae5209e50ec9c92b708d6bce0e622a06cd85d56b261
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /js/site.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452488014f"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5358d77130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/govuk-frontend-4.2.0.min.css | 172.64.148.197 | 200 OK | 19 kB |
URL GET HTTP/2liveflo.qxlva.io/css/govuk-frontend-4.2.0.min.css IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hashd94b6d1d5c6296886b6129358fbdbe4b 3828303c2eb9188e7004483adbfdd3505f779160 df3c4bad26d308aab881036da9ca0553edf7a315de5159cec0eabbd5e7778acc
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/govuk-frontend-4.2.0.min.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452489ab16"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
set-cookie: __cf_bm=NDNiNXwBiotwo05hkyqkvcp4HI2Xx5pfsjb1JF_RjkI-1713930555-1.0.1.1-IpewoRAOmrld5A4lfsavehyJ45u3kUrxY7iGF4.MIRAk4lOy.0hBIg.TK9Ie7iBTDb9_hziRQVzaURd16.s02A; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f52e8b07130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/moj-frontend.min.css | 172.64.148.197 | 200 OK | 20 kB |
URL GET HTTP/2liveflo.qxlva.io/css/moj-frontend.min.css IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash197584f86a5c3d64b995452e3c44e2fa bcc3307a772dd1b3d689316cea5a6fcf3b56ba68 4ccf430387ab619dc3ce42d9738ef01fc600c1b2827397a5ff6d37acd9a1ff9e
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/moj-frontend.min.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452488d483"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
set-cookie: __cf_bm=9a0SydxLuPcCUParGUW7zy.4Eqkny_tXeh_cu3H9UmY-1713930555-1.0.1.1-5APvhEmlVTFDUD1YoUxZzwCHxxKl0lVPspmL5nkPQ9HN0T2hqiSQTf6ZpIZ2olNliiDDatjRW7544au37TzFVA; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f52f8b17130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/Home/Login | 172.64.148.197 | 200 OK | 31 kB |
URL GET HTTP/2liveflo.qxlva.io/Home/Login IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /Home/Login HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://liveflo.b2clogin.com
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
vary: Origin
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=O8kENCDASbCiyi93_XPnRcl5aVoGV.I5aHzB1gRm.yE-1713930555-1.0.1.1-MwuNy5NQTJvAqDWMcYHxMVuFg7vb7xCAb5XLmbBf6yuz2c9b3f8S5_w9.N4rirAhDYCIWGGu3boxWZWK6X2NIQ; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931f514e4d5697-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/images/govuk-crest.png | 172.64.148.197 | 200 OK | 3.6 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/images/govuk-crest.png IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typePNG image data, 125 x 102, 8-bit colormap, non-interlaced Hashbcd5768bd7721641ee71ba103bb38900 42a8d445a3446dee17cc6684ea055703e490bf5e bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/govuk-crest.png HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.qxlva.io/css/govuk-frontend-4.2.0.min.css
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: image/png
content-length: 3584
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524880800"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5388e77130-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/fonts/bold-b542beb274-v2.woff2 | 172.64.148.197 | 200 OK | 32 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/fonts/bold-b542beb274-v2.woff2 IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 31480, version 1.0 Hashb542beb2746ca0e4a5a9aa7ea7767df7 edd7531eb22a9e4c7c17045d9ba5ec87e4c731d2 06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/fonts/bold-b542beb274-v2.woff2 HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.qxlva.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: application/font-woff2
content-length: 31480
access-control-allow-credentials: true
access-control-allow-origin: https://liveflo.b2clogin.com
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524887cf8"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 23
accept-ranges: bytes
set-cookie: __cf_bm=K8qjfJ_HA2X.apXSqSxfk6wZ.R8cmpdbp5ZOMe_Qrjo-1713930555-1.0.1.1-R1Db9AaM9PaTYRsQOazm4KYuF4xbf2meSv7U59ylKaevNYrGemo4OuyS8FKf1rrH.9HkRCJVTOTM4Ho7ruQzkQ; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931f538f2d5697-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 20.190.177.147 | 404 Not Found | 0 B |
URL GET HTTP/1.1liveflo.b2clogin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP20.190.177.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.T0PLRCWpkNIi+ZHk.onXOmbgrfxkrzz0hxdO5dQ==.0.2kNi+qdGYTFVcner+FRpxWlycZIzqv2yiZMi8HhQtDvJG+bKfXL/1buWV1H9jUNBUiB+GRH895R4nFhxj3JHq5SzoaSpQE+hfbfCfzWOI88ZeU9VhTuxniKjPrqxU7yl1P53LVKIXW5lnn/w+w1sZRWiU3s6926QjxXorK7sU+teWZJGLk+C9GZ+3212zrglBph8l0jZhEHu/DL1Wj0fHRw8h2nXtSJKfzaqX/kJNM6YkpSQMDS0fGCGHthVP5urBxzMByJgP6PyU79yjQsmdtdfFHnPxnBiBnOYt+hNWJ1VZ2oKS7vjEu+bW7PwG3AqxVC68RP7hHuiyIhPbd7hdGXhKRWRz6vezQ==; x-ms-cpim-csrf=dnlVWXBlbGZBVTBLQjg4b3NnbGdVN2VJejVuU3hvTnF0bnk5b3dXV1drM1BobnVhWWRienFWQVZta29mMFpmMUlneHMrUEVsSTJoU0VwYi9ENW9LdFE9PTsyMDI0LTA0LTI0VDAzOjQ5OjE0LjYzMjY0NDNaO01nMDZEU1g4QWNNWGk3TG5tS1MxR1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|utnsducfme6yx66gqyp5ba_0=m1.mPtgvSwpigWnuqlp.odtR8PCSrnfkV2/3E8C2Lw==.0.oiwFz1CyrH7SLivcfQDPpnLWZ1iiv56UlWJlP/Fx2u4bu/n2EfvFDNJCvQJDRje4vRvAix16R4+eI7OD+BJgyBss2zyIPqXTquxEQQeN7XUhuuY2/utcbC0XV1kLxT5UrFYZsho2byuLb2W6WVNtDgzhkIbihg0yEzJ/yKfyolhFP0xt4DMuSDNoJA6O3sndCyUriHZ5pmO5g3/mvEjBG269qIWp2RQNZli6Wsl4yO/KRnM8LX1aoAelqTIytDDUz5hMYAfhrohJS2PEM+V8GzNJQSTQ0sM2cGKj+saK7qxEBszHD3xRndMhLcpJRagtYqosCgGknq/Tl70rNVSbN0UWfoO6fx7ryIo7hCy5/ezIZOLkqbCS4T2ix9BQYB7zOe3cS5wQDmUjb5IELeQJ1vaVkTerUjxe/r+76Uhobvy1mdeTzAyB491H6ckQZYJMVG6co6k5L+5iigrObAhPx4Rt2jFLsR296LlorwYF5LOsiWwdYvfqxQ+kJfDY5ZNaTrtpbT7uQCaMIOPAn2lx/fybl3NKlWC/LRPhpKhctXL7zyBdHWpFLrVq/Z6CfED7bYt21yk0Pn+p20aZxMhzFdWK/cqRs8lZRtjEM7eaWVQm+yiB2Mk9SyAE1SJTTU3JQECXp9y+o6rCVsJoH4k1osHC2MXU497NS4RqL627nbPjygf66TePmvoFMrLOSXWvSg8IsdBj4wUP5o8cbm2BjLhbtZlRWjSZW5dD2a74lls5i1nfjR0TkLHEliGDyhDbKNjtmAZqthNFi9K8I/zAOlrsh08WlDasF1ghpzks00O5l8ctS8ffNW1vRW3/wsrqhLr2z+aDIDSjrLrf3W3MC7riAZSHx+lX+HMeE4UlEhAEBFZ77BrBcCcEWt6wJLf7rm7jhrluolRhOKq9AdQhfXnUoCDH2ctyiNwVjAZXA06xiSwbICseM2F2XDeRAFUKF4pPazoap+fEueYU76DsjVRFxBxp6YVhaxkO9Dy2gYj4ZkMpycwEYFtmj5dsLxXVcyXsOC1mMaDDYbRiGrqxgW++XsKBcDoL20X5D06GRalFgxMnw6jcrgdLQnSzF8gCy+2WnbRaaE7LDKktcSaowwjQ/SVRz/8nY6KYLmlvxnXJ3fgTMDiCYphwhLUSw0+y7HqbrpbiUi61OB+fZuWOL8td7M4Ivx6zRi38wZNi67dUhJyzyNtcBJ49jeB2jo7e5XSAKdYuRlrx9WT5CxVS6NA12u/K1LmYZI/Kkp276HqEYewH/ovfqat+/PYQnYPs5CMCiqOC3e//5ZSJ14MAXFcrXsql5JozL4j7ld8XOtcYX3ubaDKW1XXzB+KX2DC6rFzgh/rv5R/XpvrbzN8Rf4xWoczETGZNmJe3zfNetnb2Cynq6fDY+BSggkfIyxEkNvQs7uWmbAy4vOVdgKXIS1poVMjD8h+VMHT2+dykvsZCIeS/7ZK4n5f7bnsisMZSUZGZ9x34aCNwGJx1VTKd7X2f2DlRcuaaggym4OGLjTwkZ3BIAfmyAOUFsAdXIz/F8IjCflCRx/sr8OK9kdqZMlsHmEbt9g==; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkZDIzOTUxLTFmNDctNGU5OC1iMjVmLWFlYTBhOTgzZjkwNCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 24 Apr 2024 03:49:15 GMT
Content-Length: 103
|
|
| liveflo.qxlva.io/css/patterns.css | 172.64.148.197 | 200 OK | 2.7 kB |
URL GET HTTP/2liveflo.qxlva.io/css/patterns.css IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeASCII text, with very long lines (2803), with no line terminators Hasha9e724ee68c6f09727b3a9992182e492 b0e05c2c2a51fd369e11696b47a888d549d4301d 6b868b42838b6c5a124ba9a10eddc3395fb73469cd85c835e577a8a6a2ffb912
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/patterns.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524880c5c"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
set-cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f52f8b37130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/site.css | 172.64.148.197 | 200 OK | 2.4 kB |
URL GET HTTP/2liveflo.qxlva.io/css/site.css IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeASCII text, with very long lines (2563), with no line terminators Hash34932459b6be678d5c7014bedae25fa1 b3e7005c987e20259c67a43c25bffe7fca8c7d8d 6155f31839bc5942017e448af3a7f9c550275a4329ca71b4eba2eba807b581fc
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/site.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524880f4b"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
set-cookie: __cf_bm=LSIN0kin_FSObpcas9LtwgpzcGMvEJP46lXoC_5..TM-1713930555-1.0.1.1-V6sy1RXn.T0tH_40qFmn7v2fozkMjtLZZ9BNiADZJP2ZujOcOnzvQqhg6id4jXhpCf9n1AB8.RE.g3IK4YU3dg; path=/; expires=Wed, 24-Apr-24 04:19:15 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f52f8b27130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/js/govuk-frontend-4.2.0.min.js | 172.64.148.197 | 200 OK | 39 kB |
URL GET HTTP/2liveflo.qxlva.io/js/govuk-frontend-4.2.0.min.js IP172.64.148.197:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495273544055083.Yzg5MzJmYmEtODc3Yy00ZGNkLThhMWMtOGZiMWVjMTIzZjgwZjZmMzMxOTctMDdlZS00MThmLTlkYjgtMDZmY2Y2ZWE4ZmUw&state=CfDJ8CdLu1jFNypLthy6difoZ0G6vlME5hNY5BgbqgSnMRqTsLbHlysN-sFL7Jj2MISd73hEFxi2eAY2bbJK8SnOGVnyOs4n7ndu8hi6oeyOWrToZl79jHK1aNi4BKezRaQlcFybErPiUdDVpVNbMcnjdCNFHCX78OXd8Tucu7rAzq9ky35UqjRz0qk1gw73i-okM2Wi5XqfPzo4GNuFNDdfEwQZBG2Zt6DpJKd1iKBhTP3NSCmkmfiRz0kGSCf3-WTBvU6LN4TTbgoI516yovghiBPtjoAMcX78_25pujNDESK05AAM-rON4QYgBtqsBt-Nbw&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeJavaScript source, ASCII text, with very long lines (39289) Hasha625c8222f9fac4ca8b579c17a1411dd 4a6f58702dc50a7238814b162b4e9ad69e294a20 85ca59ddf7b2f1b42772ffd59947d82c727ddcbd9d0d7c10388902ae08a9843c
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /js/govuk-frontend-4.2.0.min.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=HKZUeSr9tUp5Js0LIHMBgnNMwHz369pPeczp.yl7DfI-1713930555-1.0.1.1-gUvV8iMSweVxI_1YpsPU9xN3VL411uROxAGCIsrXCIe0iHlzCaXWfUZ7m7h.3R9gntSE8l0oDBVxDYTCcbGz1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:49:15 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524889f7a"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 23
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931f5348cd7130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|