| liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 | 20.190.177.82 | 200 OK | 66 kB |
URL User Request GET HTTP/1.1liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 IP20.190.177.82:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (61642), with CRLF, LF line terminators Hashfcfd4e2e5032a58507427bb7b7441d26 c1862e66ee3a6a162ad3b49a5b8d1aad6ad33ee5 d2afb37a0a2880f3e4746e44bab66c31ed8ad1c25f88635c844353348b333fcf
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
x-ms-gateway-requestid: 0eff140b-d80b-43a5-8fd5-067c50ef3fb4
X-UA-Compatible: IE=edge
X-Request-ID: 0d065d63-a793-4431-8d8b-12d4a21f99e4
X-Build: 1.1.128.0
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.eTmRaSkqBIfin7Ox.Wg+oh6GsuYZe+U7/hqSq+g==.0.pJDAuKP7rqF+/yTsaeJsidObHXSoMPKREFOcP+OMN9nO1qkb85iWKiPAF1sY3iZskcgky1Xj8WjzmyexDiJC0tzRkuknD+GVJPvi8bJ+C/YTxbgjxzwio+FvkZMQOt2kx2d9chcpgBf6/CdqDsu3T39iZvXK/f358fwn/SO1lAMZeMsGMoEviF+z8V3iMHRtPHXRZk/xBZ6as8GjL/oVz3C8BRNd6Jy9HBKJMRvJ4I2nosQDvFf8Z+ZCi0Rs8B9W4FhWtgDFvup88T+3g0UJQIYnPq17H4weo34WuX9dOtkuqpTa+erl2g5fgbxZZX2io6XET5yJgKshW6CinYZYRN/Uiyv+; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-csrf=TEJLSVB3RHQza0Y2a0gyTlhuUkNFbHo1VzU0eVQ0dm5Manh3bjVCL3lueVNSZ3pKRkVYN2Q3VHpTQ0Jkekt2TldZYS85WS9tcmJYdmUvWFJ6NXdvV2c9PTsyMDI0LTA0LTI0VDAzOjQ4OjUxLjU5MzIxOTdaO3JhQkQ0VnFHVyttUlhnUWZlMEZrR3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|y10gdzonmusnixluoh-z5a_0=m1.uT+TOTyi/QAMfWmd.l/U9By4IZzLG6KjkzNyd2g==.0.6q779Gw7zyQB1u1j5iLp5VFlFigPkN4i+pq6JFpn3PSfNL6OiC/adT7t6OpxYPKv+enZlmdK+luGX7n2nrabhw7MReRbHTSog39Oq9ypDMpKjVHxeHpkB+qanwW3Xgpknxu+HhIxFRoL4ZTSLA9BOEUbQmqW0eGhPpe4UOHGvLJ2i8okbKJRPBLr3vUuu6is/1h8GYHw57rP7O+R/womjW07vigwTmVMAdXr8at9nx5NN9nFmbIFotFM4zKHsMn6CbrdGdc9SJtxIBVmmTv+Zm2KKBED9hlibRprm+14zJvV95PhsRD7mcey/VWHFDTPowJjV3UID+y6L/gAIjWcdhTNOfAGaHlOvqZ+mz9osdENCLwRtOypLHLigr5W0qM6C6ahm2avrj6yP27DScMCilgFxbBPq0AsKMQaiQER0tKGEgnjvhB5zRSx0LXQoa5QLQ9WI+sF/dzmZP0Zdu1ua/yqw5ZovCZfudLqeL6Y2UqHvwJuzX3VMikhoU6FabqM9QWcXILg4L/NQAdAHvud0mHJ91BOTO7dU/J0Ktoq1pWf6dg1i4SXmOvvLnKcQ5DYvpODqsKyPwo1Za0WiOcjDgjx8NlXv+pQC/j7yUBVvYQqkRxj4VaF8J5SVrL5xYg05PTD6QhKnQ0NoNEEtIuYGjsM+DvEioNsS399HRi3FHgRkSwSHXuOvKZ88g+pFxhYSbO6oikbze0T7v46iQERp+1BqFHb7a3SFsy56Gu9xg+D446/KfkRRSGwFlA52utyIAmz6LDsuYbOM43B/fU9m8pSzGm9h/zA3FVq7yOlUtRkpa02hk2BBLqDxcp5TA5gWaGFxtWazjDEa6l1tddQssmlg9ohOG7kAeUqVfrWEluJsLBJnphiXcQDBEl5DZACPc6T2vZVUfERMk/VqBq2GPvqn1B6056LK1nKmsBAsIai7RKGim3Gt6w5KLZC0KPSce0RKPKsTncJFB1Xb+E5F73TjWSIrzo2r4bkZkA157rgjH2CsszIvYQvr53hiIgzrXZcPGef72esb38iebqibfGNcUnGFu+RfpojaJKpVWQtHW49N/SiHxO5ijQXPlJa2gpqesJhP0czAJF94R8piPW5fD+6iTxpxqd4rPtwYUfD70EykqJBOvER3QVDd8leCMpYzkY7ytPFHYfLb3lNrYyGP+CI1TvqMyAt2bYEy1TC3M11Y/21gH9LQLt0BInWkSdLYUpu7XgXPkb2JUEk5ldpszgZH0Vt4n3aJ42ZHMXWAraqEmehZP4dMkWhEFjw+Wy9nnCRSVHIUmynDUlnmDm6Ckxh3OfRgl5WTIXiyIzuW4JPuYBtAQuqVM5G3nln8DN2ddHEUwsHuiLl1mSyiRr3v0kp+CwLNS2vjB+ivXb+TNntEr/TMAnabvCoelCF5zRTTwEnvi9srIUwRTGqDY1bl/+ZnhtVKkZAjN1rsH6x7y32bGNgLBYniJOTyJdVnbf4dK5daGGtT/0YYNF399/ZN6x7DsYSy9pXQBTRowf85BBF4Vs8TWDGxvypHTvCNqwnGDAn+ecE9adCTrsUXQNG5uSBNhIdwBSi; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCJ9; domain=liveflo.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 24 Apr 2024 03:48:50 GMT
Content-Length: 66344
|
|
| liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png | 104.18.39.59 | 200 OK | 3.5 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced Hasha0f7e1b728a42016b247dc54ee40d055 f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037 ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/govuk-apple-touch-icon-180x180.png HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: image/png
content-length: 3503
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524880baf"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=i8g58zRlWGqBmY07HMeeluEuwvtavdmUXWTWcSuxeSg-1713930532-1.0.1.1-keJCrQUV0S2zG7LQvgBkhIX5AvZ97yJnOyyd4rQlgNUFn1ToBSuvaG4aLFD60lxsfwUNUy3GAMklE0.AXQ2S5w; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec3fd017128-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 20.190.177.82 | 404 Not Found | 103 B |
URL GET HTTP/1.1liveflo.b2clogin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP20.190.177.82:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash96c5637e1eb8f8f8c34172f2d23eafc6 2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9 90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0
Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.eTmRaSkqBIfin7Ox.Wg+oh6GsuYZe+U7/hqSq+g==.0.pJDAuKP7rqF+/yTsaeJsidObHXSoMPKREFOcP+OMN9nO1qkb85iWKiPAF1sY3iZskcgky1Xj8WjzmyexDiJC0tzRkuknD+GVJPvi8bJ+C/YTxbgjxzwio+FvkZMQOt2kx2d9chcpgBf6/CdqDsu3T39iZvXK/f358fwn/SO1lAMZeMsGMoEviF+z8V3iMHRtPHXRZk/xBZ6as8GjL/oVz3C8BRNd6Jy9HBKJMRvJ4I2nosQDvFf8Z+ZCi0Rs8B9W4FhWtgDFvup88T+3g0UJQIYnPq17H4weo34WuX9dOtkuqpTa+erl2g5fgbxZZX2io6XET5yJgKshW6CinYZYRN/Uiyv+; x-ms-cpim-csrf=TEJLSVB3RHQza0Y2a0gyTlhuUkNFbHo1VzU0eVQ0dm5Manh3bjVCL3lueVNSZ3pKRkVYN2Q3VHpTQ0Jkekt2TldZYS85WS9tcmJYdmUvWFJ6NXdvV2c9PTsyMDI0LTA0LTI0VDAzOjQ4OjUxLjU5MzIxOTdaO3JhQkQ0VnFHVyttUlhnUWZlMEZrR3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|y10gdzonmusnixluoh-z5a_0=m1.uT+TOTyi/QAMfWmd.l/U9By4IZzLG6KjkzNyd2g==.0.6q779Gw7zyQB1u1j5iLp5VFlFigPkN4i+pq6JFpn3PSfNL6OiC/adT7t6OpxYPKv+enZlmdK+luGX7n2nrabhw7MReRbHTSog39Oq9ypDMpKjVHxeHpkB+qanwW3Xgpknxu+HhIxFRoL4ZTSLA9BOEUbQmqW0eGhPpe4UOHGvLJ2i8okbKJRPBLr3vUuu6is/1h8GYHw57rP7O+R/womjW07vigwTmVMAdXr8at9nx5NN9nFmbIFotFM4zKHsMn6CbrdGdc9SJtxIBVmmTv+Zm2KKBED9hlibRprm+14zJvV95PhsRD7mcey/VWHFDTPowJjV3UID+y6L/gAIjWcdhTNOfAGaHlOvqZ+mz9osdENCLwRtOypLHLigr5W0qM6C6ahm2avrj6yP27DScMCilgFxbBPq0AsKMQaiQER0tKGEgnjvhB5zRSx0LXQoa5QLQ9WI+sF/dzmZP0Zdu1ua/yqw5ZovCZfudLqeL6Y2UqHvwJuzX3VMikhoU6FabqM9QWcXILg4L/NQAdAHvud0mHJ91BOTO7dU/J0Ktoq1pWf6dg1i4SXmOvvLnKcQ5DYvpODqsKyPwo1Za0WiOcjDgjx8NlXv+pQC/j7yUBVvYQqkRxj4VaF8J5SVrL5xYg05PTD6QhKnQ0NoNEEtIuYGjsM+DvEioNsS399HRi3FHgRkSwSHXuOvKZ88g+pFxhYSbO6oikbze0T7v46iQERp+1BqFHb7a3SFsy56Gu9xg+D446/KfkRRSGwFlA52utyIAmz6LDsuYbOM43B/fU9m8pSzGm9h/zA3FVq7yOlUtRkpa02hk2BBLqDxcp5TA5gWaGFxtWazjDEa6l1tddQssmlg9ohOG7kAeUqVfrWEluJsLBJnphiXcQDBEl5DZACPc6T2vZVUfERMk/VqBq2GPvqn1B6056LK1nKmsBAsIai7RKGim3Gt6w5KLZC0KPSce0RKPKsTncJFB1Xb+E5F73TjWSIrzo2r4bkZkA157rgjH2CsszIvYQvr53hiIgzrXZcPGef72esb38iebqibfGNcUnGFu+RfpojaJKpVWQtHW49N/SiHxO5ijQXPlJa2gpqesJhP0czAJF94R8piPW5fD+6iTxpxqd4rPtwYUfD70EykqJBOvER3QVDd8leCMpYzkY7ytPFHYfLb3lNrYyGP+CI1TvqMyAt2bYEy1TC3M11Y/21gH9LQLt0BInWkSdLYUpu7XgXPkb2JUEk5ldpszgZH0Vt4n3aJ42ZHMXWAraqEmehZP4dMkWhEFjw+Wy9nnCRSVHIUmynDUlnmDm6Ckxh3OfRgl5WTIXiyIzuW4JPuYBtAQuqVM5G3nln8DN2ddHEUwsHuiLl1mSyiRr3v0kp+CwLNS2vjB+ivXb+TNntEr/TMAnabvCoelCF5zRTTwEnvi9srIUwRTGqDY1bl/+ZnhtVKkZAjN1rsH6x7y32bGNgLBYniJOTyJdVnbf4dK5daGGtT/0YYNF399/ZN6x7DsYSy9pXQBTRowf85BBF4Vs8TWDGxvypHTvCNqwnGDAn+ecE9adCTrsUXQNG5uSBNhIdwBSi; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 24 Apr 2024 03:48:51 GMT
Content-Length: 103
|
|
| cdn.jsdelivr.net/npm/signature_pad@4.1.4/dist/signature_pad.umd.min.js | 151.101.65.229 | 200 OK | 4.0 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/signature_pad@4.1.4/dist/signature_pad.umd.min.js IP151.101.65.229:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (10935) Hashf08851c17deb20a2664ed852ba749c21 681b6700f1230eeebaa5f913f46d8477086ccec5 f56700d1f4addde549b8c8328ad1a6b912bf73ce9b65ecef2dc01c54c596e36b
GET /npm/signature_pad@4.1.4/dist/signature_pad.umd.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.4
x-jsd-version-type: version
etag: W/"2b6e-aBtnAPEjDu66pfkT9G2EdwhszsU"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 03:48:52 GMT
age: 670284
x-served-by: cache-fra-eddf8230038-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3993
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 20.190.177.82 | 404 Not Found | 103 B |
URL GET HTTP/1.1liveflo.b2clogin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP20.190.177.82:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash96c5637e1eb8f8f8c34172f2d23eafc6 2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9 90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.eTmRaSkqBIfin7Ox.Wg+oh6GsuYZe+U7/hqSq+g==.0.pJDAuKP7rqF+/yTsaeJsidObHXSoMPKREFOcP+OMN9nO1qkb85iWKiPAF1sY3iZskcgky1Xj8WjzmyexDiJC0tzRkuknD+GVJPvi8bJ+C/YTxbgjxzwio+FvkZMQOt2kx2d9chcpgBf6/CdqDsu3T39iZvXK/f358fwn/SO1lAMZeMsGMoEviF+z8V3iMHRtPHXRZk/xBZ6as8GjL/oVz3C8BRNd6Jy9HBKJMRvJ4I2nosQDvFf8Z+ZCi0Rs8B9W4FhWtgDFvup88T+3g0UJQIYnPq17H4weo34WuX9dOtkuqpTa+erl2g5fgbxZZX2io6XET5yJgKshW6CinYZYRN/Uiyv+; x-ms-cpim-csrf=TEJLSVB3RHQza0Y2a0gyTlhuUkNFbHo1VzU0eVQ0dm5Manh3bjVCL3lueVNSZ3pKRkVYN2Q3VHpTQ0Jkekt2TldZYS85WS9tcmJYdmUvWFJ6NXdvV2c9PTsyMDI0LTA0LTI0VDAzOjQ4OjUxLjU5MzIxOTdaO3JhQkQ0VnFHVyttUlhnUWZlMEZrR3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|y10gdzonmusnixluoh-z5a_0=m1.uT+TOTyi/QAMfWmd.l/U9By4IZzLG6KjkzNyd2g==.0.6q779Gw7zyQB1u1j5iLp5VFlFigPkN4i+pq6JFpn3PSfNL6OiC/adT7t6OpxYPKv+enZlmdK+luGX7n2nrabhw7MReRbHTSog39Oq9ypDMpKjVHxeHpkB+qanwW3Xgpknxu+HhIxFRoL4ZTSLA9BOEUbQmqW0eGhPpe4UOHGvLJ2i8okbKJRPBLr3vUuu6is/1h8GYHw57rP7O+R/womjW07vigwTmVMAdXr8at9nx5NN9nFmbIFotFM4zKHsMn6CbrdGdc9SJtxIBVmmTv+Zm2KKBED9hlibRprm+14zJvV95PhsRD7mcey/VWHFDTPowJjV3UID+y6L/gAIjWcdhTNOfAGaHlOvqZ+mz9osdENCLwRtOypLHLigr5W0qM6C6ahm2avrj6yP27DScMCilgFxbBPq0AsKMQaiQER0tKGEgnjvhB5zRSx0LXQoa5QLQ9WI+sF/dzmZP0Zdu1ua/yqw5ZovCZfudLqeL6Y2UqHvwJuzX3VMikhoU6FabqM9QWcXILg4L/NQAdAHvud0mHJ91BOTO7dU/J0Ktoq1pWf6dg1i4SXmOvvLnKcQ5DYvpODqsKyPwo1Za0WiOcjDgjx8NlXv+pQC/j7yUBVvYQqkRxj4VaF8J5SVrL5xYg05PTD6QhKnQ0NoNEEtIuYGjsM+DvEioNsS399HRi3FHgRkSwSHXuOvKZ88g+pFxhYSbO6oikbze0T7v46iQERp+1BqFHb7a3SFsy56Gu9xg+D446/KfkRRSGwFlA52utyIAmz6LDsuYbOM43B/fU9m8pSzGm9h/zA3FVq7yOlUtRkpa02hk2BBLqDxcp5TA5gWaGFxtWazjDEa6l1tddQssmlg9ohOG7kAeUqVfrWEluJsLBJnphiXcQDBEl5DZACPc6T2vZVUfERMk/VqBq2GPvqn1B6056LK1nKmsBAsIai7RKGim3Gt6w5KLZC0KPSce0RKPKsTncJFB1Xb+E5F73TjWSIrzo2r4bkZkA157rgjH2CsszIvYQvr53hiIgzrXZcPGef72esb38iebqibfGNcUnGFu+RfpojaJKpVWQtHW49N/SiHxO5ijQXPlJa2gpqesJhP0czAJF94R8piPW5fD+6iTxpxqd4rPtwYUfD70EykqJBOvER3QVDd8leCMpYzkY7ytPFHYfLb3lNrYyGP+CI1TvqMyAt2bYEy1TC3M11Y/21gH9LQLt0BInWkSdLYUpu7XgXPkb2JUEk5ldpszgZH0Vt4n3aJ42ZHMXWAraqEmehZP4dMkWhEFjw+Wy9nnCRSVHIUmynDUlnmDm6Ckxh3OfRgl5WTIXiyIzuW4JPuYBtAQuqVM5G3nln8DN2ddHEUwsHuiLl1mSyiRr3v0kp+CwLNS2vjB+ivXb+TNntEr/TMAnabvCoelCF5zRTTwEnvi9srIUwRTGqDY1bl/+ZnhtVKkZAjN1rsH6x7y32bGNgLBYniJOTyJdVnbf4dK5daGGtT/0YYNF399/ZN6x7DsYSy9pXQBTRowf85BBF4Vs8TWDGxvypHTvCNqwnGDAn+ecE9adCTrsUXQNG5uSBNhIdwBSi; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 24 Apr 2024 03:48:51 GMT
Content-Length: 103
|
|
| liveflo.qxlva.io/assets/images/govuk-crest.png | 104.18.39.59 | 200 OK | 3.6 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/images/govuk-crest.png IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typePNG image data, 125 x 102, 8-bit colormap, non-interlaced Hashbcd5768bd7721641ee71ba103bb38900 42a8d445a3446dee17cc6684ea055703e490bf5e bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/govuk-crest.png HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.qxlva.io/css/govuk-frontend-4.2.0.min.css
Cookie: __cf_bm=O3d.Sp6GVAKhcMutHpmOhMWrr4Dgh50b5SYMmYLHcd8-1713930532-1.0.1.1-s90wmdbTeTk38kTLWVII9ZuizZOWq3b5EWfGv8gep3yvnREWIwcVFi4K6tkzmTm6H3yaLG5ITFJn0tjUL6fSsw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: image/png
content-length: 3584
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524880800"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec57d807128-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/fonts/light-94a07e06a1-v2.woff2 | 104.18.39.59 | 200 OK | 33 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/fonts/light-94a07e06a1-v2.woff2 IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33382, version 1.131 Hash94a07e06a104e76fe40583f74b204aee 3202361735eb0c59277c2140c34dd77879df43de eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/fonts/light-94a07e06a1-v2.woff2 HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.qxlva.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: application/font-woff2
content-length: 33382
access-control-allow-credentials: true
access-control-allow-origin: https://liveflo.b2clogin.com
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524888466"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=cjltgSHWKa62ME7Rqwzf4skX6_H.Y6TT0X8ra33rE_E-1713930532-1.0.1.1-VLLfjLuBloQDAKgpIKhOvHIiglMqMIWeop90U9Ews0kLEwMEcRSLrTHBGkMhx6ceTUxG2cePPgnezVhb.QV5nw; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931ec57d3756bf-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.b2clogin.com/liveflo.onmicrosoft.com/B2C_1_FLO_V2_Signup_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIwZDA2NWQ2My1hNzkzLTQ0MzEtOGQ4Yi0xMmQ0YTIxZjk5ZTQifQ&p=B2C_1_FLO_V2_Signup_Signin | 20.190.177.83 | 200 OK | 0 B |
URL POST HTTP/1.1liveflo.b2clogin.com/liveflo.onmicrosoft.com/B2C_1_FLO_V2_Signup_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIwZDA2NWQ2My1hNzkzLTQ0MzEtOGQ4Yi0xMmQ0YTIxZjk5ZTQifQ&p=B2C_1_FLO_V2_Signup_Signin IP20.190.177.83:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /liveflo.onmicrosoft.com/B2C_1_FLO_V2_Signup_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIwZDA2NWQ2My1hNzkzLTQ0MzEtOGQ4Yi0xMmQ0YTIxZjk5ZTQifQ&p=B2C_1_FLO_V2_Signup_Signin HTTP/1.1
Host: liveflo.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-CSRF-TOKEN: TEJLSVB3RHQza0Y2a0gyTlhuUkNFbHo1VzU0eVQ0dm5Manh3bjVCL3lueVNSZ3pKRkVYN2Q3VHpTQ0Jkekt2TldZYS85WS9tcmJYdmUvWFJ6NXdvV2c9PTsyMDI0LTA0LTI0VDAzOjQ4OjUxLjU5MzIxOTdaO3JhQkQ0VnFHVyttUlhnUWZlMEZrR3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
X-Requested-With: XMLHttpRequest
Content-Length: 5483
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0
Cookie: x-ms-cpim-sso:liveflo.onmicrosoft.com_0=m1.eTmRaSkqBIfin7Ox.Wg+oh6GsuYZe+U7/hqSq+g==.0.pJDAuKP7rqF+/yTsaeJsidObHXSoMPKREFOcP+OMN9nO1qkb85iWKiPAF1sY3iZskcgky1Xj8WjzmyexDiJC0tzRkuknD+GVJPvi8bJ+C/YTxbgjxzwio+FvkZMQOt2kx2d9chcpgBf6/CdqDsu3T39iZvXK/f358fwn/SO1lAMZeMsGMoEviF+z8V3iMHRtPHXRZk/xBZ6as8GjL/oVz3C8BRNd6Jy9HBKJMRvJ4I2nosQDvFf8Z+ZCi0Rs8B9W4FhWtgDFvup88T+3g0UJQIYnPq17H4weo34WuX9dOtkuqpTa+erl2g5fgbxZZX2io6XET5yJgKshW6CinYZYRN/Uiyv+; x-ms-cpim-csrf=TEJLSVB3RHQza0Y2a0gyTlhuUkNFbHo1VzU0eVQ0dm5Manh3bjVCL3lueVNSZ3pKRkVYN2Q3VHpTQ0Jkekt2TldZYS85WS9tcmJYdmUvWFJ6NXdvV2c9PTsyMDI0LTA0LTI0VDAzOjQ4OjUxLjU5MzIxOTdaO3JhQkQ0VnFHVyttUlhnUWZlMEZrR3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|y10gdzonmusnixluoh-z5a_0=m1.uT+TOTyi/QAMfWmd.l/U9By4IZzLG6KjkzNyd2g==.0.6q779Gw7zyQB1u1j5iLp5VFlFigPkN4i+pq6JFpn3PSfNL6OiC/adT7t6OpxYPKv+enZlmdK+luGX7n2nrabhw7MReRbHTSog39Oq9ypDMpKjVHxeHpkB+qanwW3Xgpknxu+HhIxFRoL4ZTSLA9BOEUbQmqW0eGhPpe4UOHGvLJ2i8okbKJRPBLr3vUuu6is/1h8GYHw57rP7O+R/womjW07vigwTmVMAdXr8at9nx5NN9nFmbIFotFM4zKHsMn6CbrdGdc9SJtxIBVmmTv+Zm2KKBED9hlibRprm+14zJvV95PhsRD7mcey/VWHFDTPowJjV3UID+y6L/gAIjWcdhTNOfAGaHlOvqZ+mz9osdENCLwRtOypLHLigr5W0qM6C6ahm2avrj6yP27DScMCilgFxbBPq0AsKMQaiQER0tKGEgnjvhB5zRSx0LXQoa5QLQ9WI+sF/dzmZP0Zdu1ua/yqw5ZovCZfudLqeL6Y2UqHvwJuzX3VMikhoU6FabqM9QWcXILg4L/NQAdAHvud0mHJ91BOTO7dU/J0Ktoq1pWf6dg1i4SXmOvvLnKcQ5DYvpODqsKyPwo1Za0WiOcjDgjx8NlXv+pQC/j7yUBVvYQqkRxj4VaF8J5SVrL5xYg05PTD6QhKnQ0NoNEEtIuYGjsM+DvEioNsS399HRi3FHgRkSwSHXuOvKZ88g+pFxhYSbO6oikbze0T7v46iQERp+1BqFHb7a3SFsy56Gu9xg+D446/KfkRRSGwFlA52utyIAmz6LDsuYbOM43B/fU9m8pSzGm9h/zA3FVq7yOlUtRkpa02hk2BBLqDxcp5TA5gWaGFxtWazjDEa6l1tddQssmlg9ohOG7kAeUqVfrWEluJsLBJnphiXcQDBEl5DZACPc6T2vZVUfERMk/VqBq2GPvqn1B6056LK1nKmsBAsIai7RKGim3Gt6w5KLZC0KPSce0RKPKsTncJFB1Xb+E5F73TjWSIrzo2r4bkZkA157rgjH2CsszIvYQvr53hiIgzrXZcPGef72esb38iebqibfGNcUnGFu+RfpojaJKpVWQtHW49N/SiHxO5ijQXPlJa2gpqesJhP0czAJF94R8piPW5fD+6iTxpxqd4rPtwYUfD70EykqJBOvER3QVDd8leCMpYzkY7ytPFHYfLb3lNrYyGP+CI1TvqMyAt2bYEy1TC3M11Y/21gH9LQLt0BInWkSdLYUpu7XgXPkb2JUEk5ldpszgZH0Vt4n3aJ42ZHMXWAraqEmehZP4dMkWhEFjw+Wy9nnCRSVHIUmynDUlnmDm6Ckxh3OfRgl5WTIXiyIzuW4JPuYBtAQuqVM5G3nln8DN2ddHEUwsHuiLl1mSyiRr3v0kp+CwLNS2vjB+ivXb+TNntEr/TMAnabvCoelCF5zRTTwEnvi9srIUwRTGqDY1bl/+ZnhtVKkZAjN1rsH6x7y32bGNgLBYniJOTyJdVnbf4dK5daGGtT/0YYNF399/ZN6x7DsYSy9pXQBTRowf85BBF4Vs8TWDGxvypHTvCNqwnGDAn+ecE9adCTrsUXQNG5uSBNhIdwBSi; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCIsIlQiOiJsaXZlZmxvLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9mbG9fdjJfc2lnbnVwX3NpZ25pbiIsIkMiOiJiYzUwNGFhOC04YmFjLTQzOGMtYjU5ZS05OTY3MTMzZDQzYjEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjBkMDY1ZDYzLWE3OTMtNDQzMS04ZDhiLTEyZDRhMjFmOTllNCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
x-ms-gateway-requestid: 773dc12c-8879-43f3-bce2-97630aafcfa5
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 24 Apr 2024 03:48:51 GMT
Content-Length: 0
|
|
| liveflo.qxlva.io/assets/fonts/bold-b542beb274-v2.woff2 | 104.18.39.59 | 200 OK | 32 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/fonts/bold-b542beb274-v2.woff2 IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 31480, version 1.0 Hashb542beb2746ca0e4a5a9aa7ea7767df7 edd7531eb22a9e4c7c17045d9ba5ec87e4c731d2 06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/fonts/bold-b542beb274-v2.woff2 HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.qxlva.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: application/font-woff2
content-length: 31480
access-control-allow-credentials: true
access-control-allow-origin: https://liveflo.b2clogin.com
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524887cf8"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=ylBQ8YcKnWvdgJ8PEMlJXFbVK4c72AGQxNi5pWebpc8-1713930532-1.0.1.1-ahoMwJ4tKzcn_aCCEA2smncCUP5_sJBNWPrNiXE4jr61YtH2ncL3LK89HnGnRNGVc8AMRex3TPTz0N5UqlKVPA; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931ec57d3456bf-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png | 104.18.39.59 | 200 OK | 3.5 kB |
URL GET HTTP/2liveflo.qxlva.io/assets/images/govuk-apple-touch-icon-180x180.png IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced Hasha0f7e1b728a42016b247dc54ee40d055 f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037 ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/govuk-apple-touch-icon-180x180.png HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=O3d.Sp6GVAKhcMutHpmOhMWrr4Dgh50b5SYMmYLHcd8-1713930532-1.0.1.1-s90wmdbTeTk38kTLWVII9ZuizZOWq3b5EWfGv8gep3yvnREWIwcVFi4K6tkzmTm6H3yaLG5ITFJn0tjUL6fSsw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: image/png
content-length: 3503
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: "1d9504524880baf"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 0
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec67ddc7128-OSL
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/govuk-frontend-4.2.0.min.css | 104.18.39.59 | 200 OK | 14 kB |
URL GET HTTP/2liveflo.qxlva.io/css/govuk-frontend-4.2.0.min.css IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hashf96abf5e7879802a0d9a5e5ea0b9c4af ab858a1e415cb31098aa6f9a82ede8f55085917b b92b08e898f181c45b1cf1e0e6c45a4015ac5300115bef8ffc2545ff78a53f41
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/govuk-frontend-4.2.0.min.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452489ab16"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
set-cookie: __cf_bm=O3d.Sp6GVAKhcMutHpmOhMWrr4Dgh50b5SYMmYLHcd8-1713930532-1.0.1.1-s90wmdbTeTk38kTLWVII9ZuizZOWq3b5EWfGv8gep3yvnREWIwcVFi4K6tkzmTm6H3yaLG5ITFJn0tjUL6fSsw; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec41d0f7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/site.css | 104.18.39.59 | 200 OK | 1.4 kB |
URL GET HTTP/2liveflo.qxlva.io/css/site.css IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash379d1f2f0e7bd4e0e70a1fe31d651660 70df32c4b1b537244e51e63a732c58bdfe833d8e 229476ee5343fe1a9fd8cf24ac1e16662d047f017dafe37ca277a4ce9a7cc030
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/site.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524880f4b"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
set-cookie: __cf_bm=q83d4ruCzWKltMQshSUVmBa0TIdhJ_O6R9uE8HQlB4Y-1713930532-1.0.1.1-n469.Cq6ACTKUBvdDl5.7aDtjuXiLnaK4zC5Wa5wGhUolb4uCUyo.V_7kUeiqcgCx2ObXcdQlgahfXmJtchsiA; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec41d0d7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/patterns.css | 104.18.39.59 | 200 OK | 11 kB |
URL GET HTTP/2liveflo.qxlva.io/css/patterns.css IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash3e8fb31916bd15259fe1c52d8559a500 3d6b68262d1ead43666d4f11eb2cb92887d52883 cfe8ed7390c47cc496e93e076f360d143630802c1ca74a662f33346478bbe54d
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/patterns.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524880c5c"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
set-cookie: __cf_bm=muR.FSatwi79jGQMElAXbRe7mCOu1R1YPqWZ.MSopJA-1713930532-1.0.1.1-YxK8oNO4.v3BPwrN9I7sEgrBnD7C9STb2Ln_o7fc1FfvqWhbBKv5zrmoJJBVo6Lie8CQf0H6o117Pwdo25Fk_Q; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec40d097128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/css/moj-frontend.min.css | 104.18.39.59 | 200 OK | 14 kB |
URL GET HTTP/2liveflo.qxlva.io/css/moj-frontend.min.css IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typegzip compressed data, from Unix Hash893b9ecdd16cd3c505b2138228c7b043 d4cc804164220946fce2d430cb77188f0d60ee6b 7dfec88bf013ea62bf594b3c0b9a1a37f8a05f9ef7e37569ab79b01fe3bb87cc
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /css/moj-frontend.min.css HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452488d483"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
set-cookie: __cf_bm=IHsJlBAIaLkH3nfRmHQej818CD3khxDvlzaBx06I4BA-1713930532-1.0.1.1-BD9o7fG.rKsms6XGLrwGToF78hospNOV9nfmpYYrYO6HKqjQYFyKTeam2_uceHrIiqnnprfOVUbvhRSLXTxHUQ; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec3fd037128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/images/favicon.ico | 0.0.0.0 | | 0 B |
URL GET liveflo.qxlva.io/assets/images/favicon.ico IP0.0.0.0:0
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/favicon.ico HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=O3d.Sp6GVAKhcMutHpmOhMWrr4Dgh50b5SYMmYLHcd8-1713930532-1.0.1.1-s90wmdbTeTk38kTLWVII9ZuizZOWq3b5EWfGv8gep3yvnREWIwcVFi4K6tkzmTm6H3yaLG5ITFJn0tjUL6fSsw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: image/x-icon
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524881eae"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
age: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec67ddd7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/js/moj-frontend.min.js | 104.18.39.59 | 200 OK | 31 kB |
URL GET HTTP/2liveflo.qxlva.io/js/moj-frontend.min.js IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeJavaScript source, ASCII text, with very long lines (30749), with no line terminators Hashe6e51f8fb81b0362bb78ff4da1d175c7 1aec630ce50d1f96d45a2e113dc8b9dfc870c002 093ca0401e75e6572bec9e035c3bd02babe5b2848d700da42bf0598d5b06cb8a
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /js/moj-frontend.min.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=q83d4ruCzWKltMQshSUVmBa0TIdhJ_O6R9uE8HQlB4Y-1713930532-1.0.1.1-n469.Cq6ACTKUBvdDl5.7aDtjuXiLnaK4zC5Wa5wGhUolb4uCUyo.V_7kUeiqcgCx2ObXcdQlgahfXmJtchsiA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524887e1d"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec48d267128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/lib/jquery/dist/jquery.min.js | 104.18.39.59 | 200 OK | 90 kB |
URL GET HTTP/2liveflo.qxlva.io/lib/jquery/dist/jquery.min.js IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /lib/jquery/dist/jquery.min.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=q83d4ruCzWKltMQshSUVmBa0TIdhJ_O6R9uE8HQlB4Y-1713930532-1.0.1.1-n469.Cq6ACTKUBvdDl5.7aDtjuXiLnaK4zC5Wa5wGhUolb4uCUyo.V_7kUeiqcgCx2ObXcdQlgahfXmJtchsiA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452521c104"
last-modified: Mon, 06 Mar 2023 16:03:09 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec49d2c7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/js/govuk-frontend-4.2.0.min.js | 104.18.39.59 | 200 OK | 39 kB |
URL GET HTTP/2liveflo.qxlva.io/js/govuk-frontend-4.2.0.min.js IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeJavaScript source, ASCII text, with very long lines (39289) Hasha625c8222f9fac4ca8b579c17a1411dd 4a6f58702dc50a7238814b162b4e9ad69e294a20 85ca59ddf7b2f1b42772ffd59947d82c727ddcbd9d0d7c10388902ae08a9843c
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /js/govuk-frontend-4.2.0.min.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=q83d4ruCzWKltMQshSUVmBa0TIdhJ_O6R9uE8HQlB4Y-1713930532-1.0.1.1-n469.Cq6ACTKUBvdDl5.7aDtjuXiLnaK4zC5Wa5wGhUolb4uCUyo.V_7kUeiqcgCx2ObXcdQlgahfXmJtchsiA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524889f7a"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec48d257128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/js/site.js | 104.18.39.59 | 200 OK | 1.9 kB |
URL GET HTTP/2liveflo.qxlva.io/js/site.js IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
File typeJavaScript source, ASCII text, with very long lines (1932), with no line terminators Hash163c5b10d6caf428ffeb3d047a685332 77066dbd2d2771a390ccaed9bf0c8f21c0489864 29060213467e169961857b3bdb8b39213ee4996e77d03e35812bb4d9f5e638a5
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /js/site.js HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Cookie: __cf_bm=q83d4ruCzWKltMQshSUVmBa0TIdhJ_O6R9uE8HQlB4Y-1713930532-1.0.1.1-n469.Cq6ACTKUBvdDl5.7aDtjuXiLnaK4zC5Wa5wGhUolb4uCUyo.V_7kUeiqcgCx2ObXcdQlgahfXmJtchsiA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: application/javascript
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d950452488014f"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec49d2f7128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/Home/Login | 104.18.39.59 | 200 OK | 31 kB |
URL GET HTTP/2liveflo.qxlva.io/Home/Login IP104.18.39.59:443
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /Home/Login HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveflo.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://liveflo.b2clogin.com
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
vary: Origin
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=m_7izshPUzntpQwVDazByPRHsil2eP9KJ6piab5rUFE-1713930532-1.0.1.1-iHFgwHhoNKQngesmXL6l6qEQu1rblzyy6Fomw4hYymTQzjWsd7xOcchWemtfb4BbVTN7Msla9b0.Dqqb1JDI_w; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87931ec28bcf56bf-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| liveflo.qxlva.io/assets/images/favicon.ico | 0.0.0.0 | | 0 B |
URL GET liveflo.qxlva.io/assets/images/favicon.ico IP0.0.0.0:0
Requested byhttps://liveflo.b2clogin.com/liveflo.onmicrosoft.com/b2c_1_flo_v2_signup_signin/oauth2/v2.0/authorize?client_id=bc504aa8-8bac-438c-b59e-9967133d43b1&redirect_uri=https%3A%2F%2Fliveflo.qxlva.io%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&nonce=638495109179844532.MTI0Y2E2ZDYtZDMyMS00ZTlkLThmYWEtODUwMjI0OWQ2ZDJhNzQ1ZTIxMDEtNGQzYS00NDY5LTk3NTUtMzFmN2UxNTBkM2Qx&state=CfDJ8CdLu1jFNypLthy6difoZ0Fkf9uKs0LciErvu4-m5QRKOsXCvF3lI7Ws_YVUirG-1EAGqb8pFTxeKWMuy8qInP2nyOV3d62vJ4nHA4EAAz2xRbpw9utFq2rVxu5F4UEALW2h9wocD50gUNO2LOSppMPGOv533U8P7OLlI97e-cDIq9mNZQLXJFblHIOti9059m43KH8QO7fFWYhAmFgzQdJ3jaL4qjruQvMUEJ28dtkCXIE8GXB93aSeoW1gPRG-7Bx7KGNIXRHx0I8d26teWJUcPEAhl1KszJxZUE4wl6YZ1BieyJpGtEhBwOw5sopdxQ&x-client-SKU=ID_NET6_0&x-client-ver=6.20.0.0 CertificateIssuerLet's Encrypt Subjectliveflo.qxlva.io FingerprintAB:7D:DA:7D:E8:53:D3:D7:1C:B0:FA:62:C4:57:9C:8D:D0:E2:E6:1A ValidityTue, 19 Mar 2024 18:42:12 GMT - Mon, 17 Jun 2024 18:42:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | HM Revenue & Customs |
GET /assets/images/favicon.ico HTTP/1.1
Host: liveflo.qxlva.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://liveflo.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:48:52 GMT
content-type: image/x-icon
content-security-policy: default-src 'self'; script-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://liveflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://liveflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://liveflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
etag: W/"1d9504524881eae"
last-modified: Mon, 06 Mar 2023 16:03:08 GMT
cf-cache-status: HIT
set-cookie: __cf_bm=a2CnWz7ICjCn2cq5IV_guF0_GNM0XaKpnsZX69fWl48-1713930532-1.0.1.1-4kccCq.fmLd_CGYik.Qb0fXc3OUanLMioZHtvN8eisOzM4ldmxU85khDlCu9fCJRLBbz58mOUu19xRlm1xqJVw; path=/; expires=Wed, 24-Apr-24 04:18:52 GMT; domain=.qxlva.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87931ec3fd047128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|