| cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css | 104.17.24.14 | 200 OK | 2.0 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css IP104.17.24.14:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hasha69aa970266649e0b08c2cb4bc166568 d9314a52085a2bb6d284421bb18a4c546ecb73d4 ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
GET /ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/css; charset=utf-8
content-length: 1970
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f902e0e-62a6"
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 741793
expires: Mon, 14 Apr 2025 06:19:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIR%2B5ZspqK7lWFaDKkBOKKySMiLo4AXqXdx3dzfzoDKA5BByQ9AtDSBon2HKLT%2FMqvBbW439Gw40JmThrnL7uCVzkuE1DF2N%2FzcKexMi844WzU8vkWREuEk8bcrHshqoyBQuT0y6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8793fbb7a83756b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/jackocnr/intl-tel-input@v16.1.0/build/js/intlTelInput-jquery.min.js | 151.101.129.229 | 200 OK | 12 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/jackocnr/intl-tel-input@v16.1.0/build/js/intlTelInput-jquery.min.js IP151.101.129.229:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26909) Hash1276e809ac1e67db1cf1148bca9d2464 d4bb58214cb349defc491a1cc7ca26c1ee3a40f6 00585f1aa1b5313eb8423a5729f2cf12ee2f1a43e8ec091012b7504975deae15
GET /gh/jackocnr/intl-tel-input@v16.1.0/build/js/intlTelInput-jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 16.1.0
x-jsd-version-type: version
etag: W/"727f-1LtYIUyzSd78SRocx8omwe46QPY"
content-encoding: br
accept-ranges: bytes
age: 1344923
date: Wed, 24 Apr 2024 06:19:42 GMT
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11463
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/jackocnr/intl-tel-input@v16.1.0/build/js/intlTelInput.min.js | 151.101.129.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/jackocnr/intl-tel-input@v16.1.0/build/js/intlTelInput.min.js IP151.101.129.229:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26906) Hashcc0bdc24384ed991b006bac0c2f79ba1 6f0cfc33cd2de2b577f6aaa67cf8febbd23fc296 855910ef15fdcb0064cdef874a7608d0af02fe3d7020005e478c1725f1fb3074
GET /gh/jackocnr/intl-tel-input@v16.1.0/build/js/intlTelInput.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 16.1.0
x-jsd-version-type: version
etag: W/"70c6-bwz8M80t4rV39qqmfPj+u9I/wpY"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 06:19:42 GMT
age: 1582516
x-served-by: cache-fra-etou8220060-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11276
X-Firefox-Spdy: h2
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/login.css | 34.117.116.179 | 200 OK | 2.4 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/login.css IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
Hash40b0e55a144a71688123498f2955c127 a91f56cc5f73093fcc71d8ed15c83d15647b358e 8e9ee324a54d085cd4e410e81d897a058b100754881dc20b5fe4998dcb9b45c2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/css/login.css HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
date: Tue, 23 Apr 2024 10:59:47 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
content-length: 2418
age: 69595
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/js/bootstrap_v5.3.2.min.js | 34.117.116.179 | 200 OK | 17 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/js/bootstrap_v5.3.2.min.js IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash0b150d69327a3d3856c9ff243bfa27f5 f24a57c77816fd824a3e959446675274cab4fe6f e5b9086d2dd15d1032e99a3dfe018a2ccc948f6b8d5901e14cf5685df09d28d3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/js/bootstrap_v5.3.2.min.js HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/bootstrap_v5.3.2.min.css | 34.117.116.179 | 200 OK | 35 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/bootstrap_v5.3.2.min.css IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashc72f933c01f91c869a1f02de25de8099 4c18bed0a62a79c034440a5c90a55814f86d5320 00cef18529396de2b1aafeb9c452e74e480b38886858f2055a79853d8a34d98d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/css/bootstrap_v5.3.2.min.css HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/login-main.css | 34.117.116.179 | 200 OK | 208 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/login-main.css IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (537), with CRLF, LF line terminators Size208 kB (207528 bytes) Hashfe368df96931ac007bd7bb5bfafc07a7 b6b1c0f0363af62e37bae1ade9b069576a058940 b470870e5b6fa4640a528248fa610a84bf8b81f5fc43bb8cba4adf35891b8980
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/css/login-main.css HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.woff | 34.117.116.179 | 404 Not Found | 155 B |
URL GET HTTP/3lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.woff IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
Hash62181857923656521e3f30352afe25fb 97105319d64525e1435e32d74b751dd786ababfd 725d253537f38595eb56b139c75d8084e28ead219a79f987bf1a4a9076bcd2c8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.woff HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Cookie: AUTH_SESSION_ID=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; AUTH_SESSION_ID_LEGACY=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzZDE4MTUwOS1iYzEyLTQ4NTItYjVhOC0xNTMwZWRjYzYzNDkifQ.eyJjaWQiOiJ3d3ctbGlmYWZhLWNvbSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vYXBwLmxpZmFmYS5jb20vbW9fbG9naW4iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJjbGllbnRfcmVxdWVzdF9wYXJhbV9zdG9yZV9pZCI6ImluYm9tMjExMDAxNnMwMiIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSBtaWNyb3Byb2ZpbGUtand0IHJvbGVzIiwiaXNzIjoiaHR0cHM6Ly9sYXV0aC5saWZhZmEuY29tL2F1dGgvcmVhbG1zL0xpZmFmYSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9hcHAubGlmYWZhLmNvbS9tb19sb2dpbiIsInN0YXRlIjoiUzJWNVkyeHZZV3M9In19.uwXg8g7pAdJSRZzMMoDS0cTUc_2T7tS-8RcDWBOSCfw; storeTerminalId=inbom2110016s02; loginUrl=https://app.lifafa.com/user/login?store_id=inbom2110016s02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:19:44 GMT
content-type: application/json
content-length: 155
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.ttf | 34.117.116.179 | 404 Not Found | 154 B |
URL GET HTTP/3lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.ttf IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
Hashd8a20625070771828f05256f1820061a 0885431d72265216ff79113ec46536d446bef05e 53986841a625d87cbd32ae5603f588dbab70785cd965071878233ca15769b133
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.ttf HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: AUTH_SESSION_ID=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; AUTH_SESSION_ID_LEGACY=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzZDE4MTUwOS1iYzEyLTQ4NTItYjVhOC0xNTMwZWRjYzYzNDkifQ.eyJjaWQiOiJ3d3ctbGlmYWZhLWNvbSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vYXBwLmxpZmFmYS5jb20vbW9fbG9naW4iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJjbGllbnRfcmVxdWVzdF9wYXJhbV9zdG9yZV9pZCI6ImluYm9tMjExMDAxNnMwMiIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSBtaWNyb3Byb2ZpbGUtand0IHJvbGVzIiwiaXNzIjoiaHR0cHM6Ly9sYXV0aC5saWZhZmEuY29tL2F1dGgvcmVhbG1zL0xpZmFmYSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9hcHAubGlmYWZhLmNvbS9tb19sb2dpbiIsInN0YXRlIjoiUzJWNVkyeHZZV3M9In19.uwXg8g7pAdJSRZzMMoDS0cTUc_2T7tS-8RcDWBOSCfw; storeTerminalId=inbom2110016s02; loginUrl=https://app.lifafa.com/user/login?store_id=inbom2110016s02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:19:44 GMT
content-type: application/json
content-length: 154
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/fonts/cs-SegoeUI.woff2 | 34.117.116.179 | 200 OK | 16 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/fonts/cs-SegoeUI.woff2 IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16108, version 1.0 Hash5bc691d792e2a494b0dd996852c07cad cc3ebeb4201801bf3d39d3baf20cf0dd5010064d 46a169023591150152daf5698c6e819b72239db9ccd097dcd14ba114b9d54d9e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/fonts/cs-SegoeUI.woff2 HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:44 GMT
content-type: application/octet-stream
content-length: 16108
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| storage.googleapis.com/public_document_upload_storage/lifafa/lifafa.com/drupal/files/2023-01/Final-02.jpg | 216.58.207.251 | 200 OK | 75 kB |
URL GET HTTP/2storage.googleapis.com/public_document_upload_storage/lifafa/lifafa.com/drupal/files/2023-01/Final-02.jpg IP216.58.207.251:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGoogle Trust Services LLC Subjectstorage.googleapis.com Fingerprint42:33:73:56:74:C7:8E:ED:CD:00:0D:AE:0E:4F:AF:8D:9D:61:F9:1D ValidityMon, 18 Mar 2024 20:54:36 GMT - Mon, 10 Jun 2024 20:54:35 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1080x1080, components 3 Hash68ea07d2fe988681ea767ecc35b3503d ffbb48bf0c97c6e191a0c37ef5d61d66382e0de0 c6f2f4765180f89491c0188431f88a9c48dd3d366d5d1cdbc0fae0d19e5d48ce
GET /public_document_upload_storage/lifafa/lifafa.com/drupal/files/2023-01/Final-02.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrQaTHLUavUldo_pKnqpoJj_pdLL1VdPTUE1IW3aRvEewH6k7wZ7f3ZcYVjbZnIBvqKTSa4VqCajg
expires: Wed, 24 Apr 2024 07:19:45 GMT
date: Wed, 24 Apr 2024 06:19:45 GMT
cache-control: public, max-age=3600
last-modified: Thu, 14 Mar 2024 12:20:56 GMT
etag: "68ea07d2fe988681ea767ecc35b3503d"
x-goog-generation: 1710418856690864
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 74871
x-goog-meta-goog-reserved-file-mtime: 1672742422
content-type: image/jpeg
x-goog-hash: crc32c=72dwJQ==, md5=aOoH0v6YhoHqdn7MNbNQPQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 74871
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| storage.googleapis.com/public_document_upload_storage/lifafa/lifafa.com/drupal/files/2022-12/WorkPerx%20Logo.png | 216.58.207.251 | 200 OK | 109 kB |
URL GET HTTP/2storage.googleapis.com/public_document_upload_storage/lifafa/lifafa.com/drupal/files/2022-12/WorkPerx%20Logo.png IP216.58.207.251:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGoogle Trust Services LLC Subjectstorage.googleapis.com Fingerprint42:33:73:56:74:C7:8E:ED:CD:00:0D:AE:0E:4F:AF:8D:9D:61:F9:1D ValidityMon, 18 Mar 2024 20:54:36 GMT - Mon, 10 Jun 2024 20:54:35 GMT
File typePNG image data, 3936 x 816, 8-bit/color RGBA, non-interlaced Size109 kB (109295 bytes) Hash454664e5a78a2ea7937e1e449ce75df1 ff34f866ee71999179f1f4c92422520c5bedf153 5e1c89f9189606f4b600290282c0fcab36524e05c3f549f80eebefd1bc64068a
GET /public_document_upload_storage/lifafa/lifafa.com/drupal/files/2022-12/WorkPerx%20Logo.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpSEAxObLP-1M_1XxsK0PYOXOnIQEqQh_NN3c1Z3-5GQj_oS9HClw20SsKy6gpMawliKRVWjrQ7Jg
expires: Wed, 24 Apr 2024 07:19:45 GMT
date: Wed, 24 Apr 2024 06:19:45 GMT
cache-control: public, max-age=3600
last-modified: Thu, 14 Mar 2024 12:20:53 GMT
etag: "454664e5a78a2ea7937e1e449ce75df1"
x-goog-generation: 1710418853413686
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 109295
x-goog-meta-goog-reserved-file-mtime: 1671473951
content-type: image/png
x-goog-hash: crc32c=ong9sw==, md5=RUZk5aeKLqeTfh5EnOdd8Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 109295
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/js/plugin.js | 34.117.116.179 | 200 OK | 43 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/js/plugin.js IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32012), with CRLF line terminators Hash92959c9c468e11dab12d9949ac765212 54152a9a8ad25e5df57a98bd73603c027a67e55c f889dad28abee49a603531066e58b281868a18572020e506800ecef8b4973ea7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/js/plugin.js HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js | 142.250.74.131 | 200 OK | 518 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js IP142.250.74.131:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (597) Size518 kB (518479 bytes) Hash8326c23d6b3eed35bc3e62f3294587fd edda17e74e53e85073e5eac9cb6be2163dbfa23c 57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lauth.lifafa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 13:34:04 GMT
expires: Tue, 22 Apr 2025 13:34:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 146739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap | 142.250.74.106 | 200 OK | 15 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap IP142.250.74.106:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash696e3794cafa2ce18247791f25e86de6 0453ad6e895fcae7732195afb30445ec7bee274c 452e3cb42b9d0ad5ab72d6518eeb847c281095806c2bce8bbb02441f6ab6ae20
GET /css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 06:19:42 GMT
date: Wed, 24 Apr 2024 06:19:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/js/jquery.min.js | 34.117.116.179 | 200 OK | 96 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/js/jquery.min.js IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32047), with CRLF line terminators Hashb96645e9d8930a8eed696642dc08717d 679c3f7e5a9478c6005305bbcecd022194862ea6 ec2300a967c70384dd895bad296e1498dc60dcb8beb92586465812a22954635c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/js/jquery.min.js HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | 200 OK | 850 B |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.164:443
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeJavaScript source, ASCII text, with very long lines (850), with no line terminators Hash7c792e0e26e2bd74f8e53c7da0d6b8a2 a43099555724ee257f66ca05de55cb56a14c8fca d782a59ef4bab02833ce95b5e9c9bd622f328683659f43a34f1dbcf54f1d4443
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 24 Apr 2024 06:19:42 GMT
date: Wed, 24 Apr 2024 06:19:42 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/fonts/cs-SegoeUI-Bold.woff2 | 34.117.116.179 | 200 OK | 16 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/fonts/cs-SegoeUI-Bold.woff2 IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16500, version 1.0 Hash4ec093de8848899cd6cdb81beae7612a a62c471fdb879597075efbaa044951cd0dd5a59e b7f87e4a6266b32a444af9ce58fc818c06570338c8dcde0b3fc34181dd8d7d8e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/fonts/cs-SegoeUI-Bold.woff2 HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:43 GMT
content-type: application/octet-stream
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/main.css | 34.117.116.179 | 200 OK | 3.1 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/main.css IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (3239), with no line terminators Hash1dbb9711ea06d8f7dc69014760dd38f2 93575701facc12b3a2880a229770074765b31146 a51e4a339138aa6c9478edbd97823a25de43162f23ac0a5ea08fb52e804c2f70
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/css/main.css HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/intlTelInput.css | 34.117.116.179 | 200 OK | 19 kB |
URL GET HTTP/3lauth.lifafa.com/auth/resources/ri4tq/login/lifafa/css/intlTelInput.css IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (19157), with no line terminators Hash6b7fb2ee130535419a67afb198f41c2b ffb8a25633c4ddeab81d1b1742ac2fd0b442a4c6 c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/resources/ri4tq/login/lifafa/css/intlTelInput.css HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.woff2 | 34.117.116.179 | 404 Not Found | 156 B |
URL GET HTTP/3lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.woff2 IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash9c08f749e47371176ba741cfc4666567 fe7716aa1c8f12f25ea8a49f31b557af7d62a685 d39cd938a57590e19a4568d34971b97a6767a4b467fe2f2963e54633c31ee07c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/realms/Lifafa/protocol/openid-connect/fonts/cs-SegoeUI.woff2 HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Cookie: AUTH_SESSION_ID=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; AUTH_SESSION_ID_LEGACY=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzZDE4MTUwOS1iYzEyLTQ4NTItYjVhOC0xNTMwZWRjYzYzNDkifQ.eyJjaWQiOiJ3d3ctbGlmYWZhLWNvbSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vYXBwLmxpZmFmYS5jb20vbW9fbG9naW4iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJjbGllbnRfcmVxdWVzdF9wYXJhbV9zdG9yZV9pZCI6ImluYm9tMjExMDAxNnMwMiIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSBtaWNyb3Byb2ZpbGUtand0IHJvbGVzIiwiaXNzIjoiaHR0cHM6Ly9sYXV0aC5saWZhZmEuY29tL2F1dGgvcmVhbG1zL0xpZmFmYSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9hcHAubGlmYWZhLmNvbS9tb19sb2dpbiIsInN0YXRlIjoiUzJWNVkyeHZZV3M9In19.uwXg8g7pAdJSRZzMMoDS0cTUc_2T7tS-8RcDWBOSCfw; storeTerminalId=inbom2110016s02; loginUrl=https://app.lifafa.com/user/login?store_id=inbom2110016s02
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:19:43 GMT
content-type: application/json
content-length: 156
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 | 34.117.116.179 | 200 OK | 15 kB |
URL User Request GET HTTP/2lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 IP34.117.116.179:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 HTTP/1.1
Host: lauth.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:19:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: no-store, must-revalidate, max-age=0
set-cookie: AUTH_SESSION_ID=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; Version=1; Path=/auth/realms/Lifafa/; SameSite=None; Secure; HttpOnly
AUTH_SESSION_ID_LEGACY=0bc4e8c8-3242-493e-9e1e-39996904857c.afd139c575e9; Version=1; Path=/auth/realms/Lifafa/; Secure; HttpOnly
KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzZDE4MTUwOS1iYzEyLTQ4NTItYjVhOC0xNTMwZWRjYzYzNDkifQ.eyJjaWQiOiJ3d3ctbGlmYWZhLWNvbSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vYXBwLmxpZmFmYS5jb20vbW9fbG9naW4iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJjbGllbnRfcmVxdWVzdF9wYXJhbV9zdG9yZV9pZCI6ImluYm9tMjExMDAxNnMwMiIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSBtaWNyb3Byb2ZpbGUtand0IHJvbGVzIiwiaXNzIjoiaHR0cHM6Ly9sYXV0aC5saWZhZmEuY29tL2F1dGgvcmVhbG1zL0xpZmFmYSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9hcHAubGlmYWZhLmNvbS9tb19sb2dpbiIsInN0YXRlIjoiUzJWNVkyeHZZV3M9In19.uwXg8g7pAdJSRZzMMoDS0cTUc_2T7tS-8RcDWBOSCfw; Version=1; Path=/auth/realms/Lifafa/; Secure; HttpOnly
storeTerminalId=inbom2110016s02; Version=1; Path=/auth/realms/Lifafa
loginUrl=https://app.lifafa.com/user/login?store_id=inbom2110016s02; Version=1; Path=/auth/realms/Lifafa
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer
content-security-policy: frame-src 'self' *; frame-ancestors 'self' *; object-src 'none';
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-language: en
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| app.lifafa.com/sites/app.lifafa.com/themes/custom/lifafa/images/user.png | 34.117.125.83 | 200 OK | 4.3 kB |
URL GET HTTP/2app.lifafa.com/sites/app.lifafa.com/themes/custom/lifafa/images/user.png IP34.117.125.83:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://lauth.lifafa.com/auth/realms/Lifafa/protocol/openid-connect/auth?client_id=www-lifafa-com&scope=email%20profile%20microprofile-jwt%20roles&redirect_uri=https://app.lifafa.com/mo_login&response_type=code&state=S2V5Y2xvYWs=&store_id=inbom2110016s02 CertificateIssuerSectigo Limited Subject*.lifafa.com Fingerprint55:EC:72:FE:C5:FE:11:D3:4C:3B:BB:1C:38:E5:1B:6D:1E:55:20:87 ValidityWed, 31 Jan 2024 00:00:00 GMT - Sun, 02 Mar 2025 23:59:59 GMT
File typePNG image data, 41 x 41, 8-bit/color RGBA, non-interlaced Hash53ff16a808675ed70fc3651944855049 f71133d114a67548fa790bc6af04cb0ec91a15a0 56d2694b6a231fbdb17ec54ce6ec05d4d881592fc3cf6b5678c353b2c73a39fb
GET /sites/app.lifafa.com/themes/custom/lifafa/images/user.png HTTP/1.1
Host: app.lifafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
content-length: 4290
accept-ranges: bytes
via: 1.1 google
date: Wed, 24 Apr 2024 06:19:43 GMT
last-modified: Mon, 08 Apr 2024 05:30:08 GMT
etag: "661380e0-10c2"
content-type: image/png
age: 0
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|