livewinstrike.life Open in urlscan Pro
31.184.200.148 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hypercrypbankmontre.xyz/
Effective URL:
https://livewinstrike.life/?u=w5mkte4&o=qm8peb1
Submission: On May 16 via api (May 16th 2022, 10:08:49 am UTC) from GB — Scanned from GB

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 31.184.200.148, located in Fremont, United States and belongs to FASTCONTENT, DE. The main domain is livewinstrike.life.
TLS certificate: Issued by R3 on May 9th 2022. Valid for: 3 months.

This is the only time livewinstrike.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.131.46.249 45.131.46.249	212913 (TIMEHOST-AS) (TIMEHOST-AS)
1 1	23.227.194.183 23.227.194.183	29802 (HVC-AS) (HVC-AS)
22	31.184.200.148 31.184.200.148	209813 (FASTCONTENT) (FASTCONTENT)
22	1

1 45.131.46.249 (Russian Federation) 1 redirects

ASN212913 (TIMEHOST-AS, RU)
PTR: hypercrypbankmontre.xyz

hypercrypbankmontre.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.194.183 (Chicago, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: 23-227-194-183.static.hvvc.us

kidzy.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 31.184.200.148 (Fremont, United States)

ASN209813 (FASTCONTENT, DE)

livewinstrike.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	livewinstrike.life livewinstrike.life	2 MB
1	kidzy.club 1 redirects kidzy.club	954 B
1	hypercrypbankmontre.xyz 1 redirects hypercrypbankmontre.xyz	274 B
22	3

	Domain	Requested by
22	livewinstrike.life	livewinstrike.life
1	kidzy.club	1 redirects
1	hypercrypbankmontre.xyz	1 redirects
22	3

This site contains no links.

Subject Issuer	Validity	Valid
livewinstrike.life R3	`2022-05-09` - `2022-08-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1
Frame ID: 7A678F7B958CC46B37D1CE5C500BEC28
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mirror Report

Page URL History Show full URLs

http://hypercrypbankmontre.xyz/ HTTP 302
https://kidzy.club/markis?&se_referrer=http://beton-domodedovo.com HTTP 302
https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Page URL

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

1618 kB
Transfer

1737 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hypercrypbankmontre.xyz/ HTTP 302
https://kidzy.club/markis?&se_referrer=http://beton-domodedovo.com HTTP 302
https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response livewinstrike.life/ Redirect Chain http://hypercrypbankmontre.xyz/ https://kidzy.club/markis?&se_referrer=http://beton-domodedovo.com https://livewinstrike.life/?u=w5mkte4&o=qm8peb1	26 KB 10 KB	1105ms 455ms	Document text/html	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `de3929fe06a310369f5e949f16bdbba3267090afadb7dd8d5d50a5ea7481e742` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control private no-transform Connection keep-alive Content-Encoding gzip Content-Length 10376 Content-Type text/html Date Mon, 16 May 2022 10:08:42 GMT Server nginx Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Mon, 16 May 2022 10:08:41 GMT Expires 0 Last-Modified Mon, 16 May 2022 10:08:40 GMT Location https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Pragma no-cache Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	style.css livewinstrike.life/media/binary/mirror7/en/	34 KB 6 KB	163ms 162ms	Stylesheet text/css	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/media/binary/mirror7/en/style.css Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `605912fbf9473442672fe71e130a7d1db44a7168feb2c624aa33cc2ab671861b` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:40 GMT Server nginx ETag W/"60a60990-88d7" Vary Accept-Encoding Content-Type text/css Cache-Control no-transform Connection close
GET H/1.1	200 OK	clar_1.jpg livewinstrike.life/media/binary/mirror7/en/	54 KB 54 KB	303ms 161ms	Image image/jpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/clar_1.jpg Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `1478f249f0b6db81bcc25f1375f5691a56b43647664c1782371fbbf8cf5a0985` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:27 GMT Server nginx ETag W/"60a60983-d81f" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close
GET H/1.1	200 OK	clar_2.jpg livewinstrike.life/media/binary/mirror7/en/	150 KB 135 KB	1483ms 168ms	Image image/jpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/clar_2.jpg Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `6a4a60a7b49abc0eb9e55afefc7f29ce8142dca41b4e10a2ceec947a36746f54` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:43 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:28 GMT Server nginx ETag W/"60a60984-2592e" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close
GET H/1.1	200 OK	clar_3.jpg livewinstrike.life/media/binary/mirror7/en/	82 KB 73 KB	1601ms 163ms	Image image/jpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/clar_3.jpg Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `9e7184803e0d1403f4090a954bde7ae74aacdc5db70dbe49a46abc7dfc6f2b3c` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:43 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:29 GMT Server nginx ETag W/"60a60985-14751" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close
GET H/1.1	200 OK	bg.jpg livewinstrike.life/media/binary/mirror7/en/	112 KB 112 KB	2076ms 162ms	Image image/jpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/bg.jpg Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `af8ba2f5c20a01e96c1b50d108557fb55c2df7a15593342389a9539945b49e1d` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:25 GMT Server nginx ETag W/"60a60981-1bf78" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close
GET H/1.1	200 OK	tisdale.jpg livewinstrike.life/media/binary/mirror7/en/	571 KB 571 KB	2082ms 166ms	Image image/jpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/tisdale.jpg Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `5fa34653703872dd45f276452a05e7fc514e33962ea3bce22837a78acfa3edc5` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:39 GMT Server nginx ETag W/"60a6098f-8ec83" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close
GET H/1.1	200 OK	chartpart.png livewinstrike.life/media/binary/mirror7/en/	148 KB 148 KB	640ms 164ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/chartpart.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `1d6b238913e15af7daf3690735ac6cd7120880ff54a1cedad5fd60f4b7c1a11c` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:26 GMT Server nginx ETag W/"60a60982-24e1f" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side1.png livewinstrike.life/media/binary/mirror7/en/	34 KB 34 KB	612ms 161ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side1.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:34 GMT Server nginx ETag W/"60a6098a-8848" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side2.png livewinstrike.life/media/binary/mirror7/en/	34 KB 35 KB	1090ms 162ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side2.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:43 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:35 GMT Server nginx ETag W/"60a6098b-8945" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side3.png livewinstrike.life/media/binary/mirror7/en/	38 KB 38 KB	1089ms 163ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side3.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:43 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:35 GMT Server nginx ETag W/"60a6098b-97f6" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side4.png livewinstrike.life/media/binary/mirror7/en/	25 KB 25 KB	912ms 161ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side4.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:43 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:36 GMT Server nginx ETag W/"60a6098c-6476" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side5.png livewinstrike.life/media/binary/mirror7/en/	37 KB 37 KB	449ms 161ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side5.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:37 GMT Server nginx ETag W/"60a6098d-93e3" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side6.png livewinstrike.life/media/binary/mirror7/en/	34 KB 34 KB	637ms 161ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side6.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:37 GMT Server nginx ETag W/"60a6098d-88a3" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	side7.png livewinstrike.life/media/binary/mirror7/en/	30 KB 31 KB	641ms 161ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/side7.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:38 GMT Server nginx ETag W/"60a6098e-79a4" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	pop.jpg livewinstrike.life/media/binary/mirror7/en/	243 KB 230 KB	643ms 166ms	Image image/jpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/pop.jpg Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `a4d1ca6b3a2a3976817010b86a81d4da65a60f9a812a6086ebfdec899b43e859` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:32 GMT Server nginx ETag W/"60a60988-3cca0" Vary Accept-Encoding Content-Type image/jpeg Cache-Control no-transform Connection close
GET H/1.1	200 OK	js.cookie2.js Show response livewinstrike.life/cookie/	4 KB 2 KB	496ms 161ms	Script application/javascript	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/cookie/js.cookie2.js Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `589e6373958f4838e6f498ac2984cd44a7350ae6b7bc1c71b0abd4ddaaf8a353` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 05:56:26 GMT Server nginx ETag W/"60a5fa0a-1101" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	bbo.js Show response livewinstrike.life/media/	932 B 714 B	799ms 160ms	Script application/javascript	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/media/bbo.js Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `819dcf06ebcd42b36f897f6e2e32b44672cfa91d7d90ec09e00184f73a8d2ea1` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:43 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 05:58:32 GMT Server nginx ETag W/"60a5fa88-3a4" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	utils-bn.js Show response livewinstrike.life/util/	6 KB 2 KB	457ms 161ms	Script application/javascript	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/util/utils-bn.js Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `137529e860d7d2d0f756178fb5f76a107fa6dabd7209ec524e6ff599e813a4b0` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:44 GMT Content-Encoding br Last-Modified Mon, 21 Jun 2021 15:48:59 GMT Server nginx ETag W/"60d0b4eb-16c0" Vary Accept-Encoding Content-Type application/javascript Cache-Control no-transform Connection close
GET H/1.1	200 OK	logo.png livewinstrike.life/media/binary/mirror7/en/	5 KB 5 KB	450ms 162ms	Image image/png	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Show image Full URL https://livewinstrike.life/media/binary/mirror7/en/logo.png Requested by Host: livewinstrike.life URL: https://livewinstrike.life/media/binary/mirror7/en/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `2d551b631b50e692c812f12db82278b867efa3d63f740fa64441dde94fb5cb6b` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/media/binary/mirror7/en/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:31 GMT Server nginx ETag W/"60a60987-1391" Vary Accept-Encoding Content-Type image/png Cache-Control no-transform Connection close
GET H/1.1	200 OK	S6u9w4BMUTPHh50Xew8.ttf livewinstrike.life/media/binary/mirror7/en/	65 KB 32 KB	476ms 166ms	Font application/octet-stream	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/media/binary/mirror7/en/S6u9w4BMUTPHh50Xew8.ttf Requested by Host: livewinstrike.life URL: https://livewinstrike.life/media/binary/mirror7/en/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `3aa190b0e78c467b9297e397f2548fa1f3d310c2ec9b7f89adf4b87ebce749e8` Request headers Referer https://livewinstrike.life/media/binary/mirror7/en/style.css Origin https://livewinstrike.life accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:42 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:32 GMT Server nginx ETag W/"60a60988-10420" Vary Accept-Encoding Content-Type application/octet-stream Cache-Control no-transform Connection close
GET H/1.1	200 OK	alert.mp3 Show response livewinstrike.life/media/binary/mirror7/en/	2 KB 2 KB	668ms 190ms	XHR audio/mpeg	31.184.200.148 FASTCONTENT
General Check archive.org Show headers Download Go to Full URL https://livewinstrike.life/media/binary/mirror7/en/alert.mp3 Requested by Host: livewinstrike.life URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 31.184.200.148 Fremont, United States, ASN209813 (FASTCONTENT, DE), Reverse DNS Software nginx / Resource Hash `67a6dc7e24f4a3c142724bb37a358037538befb731478c33d58f236ba836ed78` Request headers accept-language en-GB,en;q=0.9 Referer https://livewinstrike.life/?u=w5mkte4&o=qm8peb1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 16 May 2022 10:08:45 GMT Content-Encoding br Last-Modified Thu, 20 May 2021 07:02:25 GMT Server nginx ETag W/"60a60981-97c" Vary Accept-Encoding Content-Type audio/mpeg Cache-Control no-transform Connection close

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kidzy.club/	1970-01-20 03:49:34	Name: _subid Value: hn6imglpe
kidzy.club/	1970-01-20 03:49:34	Name: _token Value: uuid_hn6imglpe_hn6imglpe628222a9018e20.49661400
kidzy.club/	1970-02-08 14:55:27	Name: f7d7c Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEzXCI6MTY1MjY5NTcyMH0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTY1MjY5NTcyMH0sXCJ0aW1lXCI6MTY1MjY5NTcyMH0ifQ.4sQKvznIgXkMdRw-wsQmCIPFeB94Nrr7owidAzH52kQ
livewinstrike.life/	1969-12-31 23:59:59	Name: sid Value: t1~wlembc0lhasriici1o05wbuw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1(Line 352) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://livewinstrike.life/?u=w5mkte4&o=qm8peb1(Line 366) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hypercrypbankmontre.xyz
kidzy.club
livewinstrike.life
23.227.194.183
31.184.200.148
45.131.46.249
137529e860d7d2d0f756178fb5f76a107fa6dabd7209ec524e6ff599e813a4b0
1478f249f0b6db81bcc25f1375f5691a56b43647664c1782371fbbf8cf5a0985
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1d6b238913e15af7daf3690735ac6cd7120880ff54a1cedad5fd60f4b7c1a11c
2d551b631b50e692c812f12db82278b867efa3d63f740fa64441dde94fb5cb6b
3aa190b0e78c467b9297e397f2548fa1f3d310c2ec9b7f89adf4b87ebce749e8
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
589e6373958f4838e6f498ac2984cd44a7350ae6b7bc1c71b0abd4ddaaf8a353
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
5fa34653703872dd45f276452a05e7fc514e33962ea3bce22837a78acfa3edc5
605912fbf9473442672fe71e130a7d1db44a7168feb2c624aa33cc2ab671861b
67a6dc7e24f4a3c142724bb37a358037538befb731478c33d58f236ba836ed78
6a4a60a7b49abc0eb9e55afefc7f29ce8142dca41b4e10a2ceec947a36746f54
819dcf06ebcd42b36f897f6e2e32b44672cfa91d7d90ec09e00184f73a8d2ea1
9e7184803e0d1403f4090a954bde7ae74aacdc5db70dbe49a46abc7dfc6f2b3c
a4d1ca6b3a2a3976817010b86a81d4da65a60f9a812a6086ebfdec899b43e859
af8ba2f5c20a01e96c1b50d108557fb55c2df7a15593342389a9539945b49e1d
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
de3929fe06a310369f5e949f16bdbba3267090afadb7dd8d5d50a5ea7481e742
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e

livewinstrike.life Open in urlscan Pro 31.184.200.148 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

1618 kBTransfer

1737 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

livewinstrike.life Open in urlscan Pro
31.184.200.148 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

1618 kB
Transfer

1737 kB
Size

4
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!