urlscan.io logo urlscan.io
SecurityTrails logo

sekg-dith.com Open in urlscan Pro
151.106.107.214  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.id/yIATV
Effective URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Submission: On March 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 151.106.107.214, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is sekg-dith.com.
TLS certificate: Issued by R3 on February 21st 2021. Valid for: 3 months.
This is the only time sekg-dith.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
1 1 2402:ee80:59:... 132647 (IDNIC-PAN...)
3 9 151.106.107.214 47583 (AS-HOSTINGER)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 15 2.16.186.155 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 95.101.27.83 20940 (AKAMAI-ASN1)
29 6
1    2402:ee80:59:2::136 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)
s.id
9    151.106.107.214 (Germany)

ASN47583 (AS-HOSTINGER, CY)
sekg-dith.com
1    2606:4700:3030::6815:5ce5 (United States)

ASN13335 (CLOUDFLARENET, US)
js-codes.com
15    2.16.186.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-155.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
queue.livechatinc.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    95.101.27.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.livechat-files.com
cdn.livechat-static.com
Domain Requested by
9 sekg-dith.com 3 redirects sekg-dith.com
8 cdn.livechatinc.com sekg-dith.com
secure.livechatinc.com
4 cdn.livechat-files.com cdn.livechatinc.com
2 accounts.livechatinc.com 1 redirects cdn.livechatinc.com
2 fonts.gstatic.com fonts.googleapis.com
2 secure.livechatinc.com cdn.livechatinc.com
2 api.livechatinc.com cdn.livechatinc.com
1 queue.livechatinc.com cdn.livechatinc.com
1 cdn.livechat-static.com
1 fonts.googleapis.com secure.livechatinc.com
1 js-codes.com sekg-dith.com
1 s.id 1 redirects
29 12

This site contains no links.

Subject Issuer Validity Valid
sekg-dith.com
R3		 2021-02-21 -
2021-05-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-03 -
2021-08-03		 a year crt.sh
livechat.com
DigiCert Secure Site ECC CA-1		 2020-07-16 -
2021-07-16		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Frame ID: C84C7000C490F1A4826D50938829F292
Requests: 13 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Frame ID: 927A3160C10439EF32F058903F581657
Requests: 15 HTTP requests in this frame

Frame: https://accounts.livechatinc.com/static/postmessage.html
Frame ID: 9FC92C87F6600CD5D0000085434B2FE7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s.id/yIATV HTTP 301
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince HTTP 301
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/ HTTP 302
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/index HTTP 302
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

29
Requests

100 %
HTTPS

57 %
IPv6

8
Domains

12
Subdomains

6
IPs

3
Countries

903 kB
Transfer

1698 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.id/yIATV HTTP 301
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince HTTP 301
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/ HTTP 302
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/index HTTP 302
    https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://accounts.livechatinc.com/customer?license_id=12661356&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F12661356%2Fv2%2Fopen_chat.cgi&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F12661356%2Fv2%2Fopen_chat.cgi&state=%40livechat%2Fcustomer-auth HTTP 302
  • https://accounts.livechatinc.com/static/postmessage.html

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/
Redirect Chain
  • https://s.id/yIATV
  • https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince
  • https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/
  • https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/index
  • https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.107.214 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.13
Resource Hash
14fd587bd2c48ccea1112c7b29514b13e3a7e8cf17034ab1dba90261a3c0a312

Request headers

:method
GET
:authority
sekg-dith.com
:scheme
https
:path
/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=ff14e4ab9c74e4a3da1f0cc59cb05fce
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
PHP/7.4.13
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
2538
content-encoding
br
vary
Accept-Encoding
date
Tue, 09 Mar 2021 13:12:57 GMT
server
LiteSpeed

Redirect headers

x-powered-by
PHP/7.4.13
set-cookie
PHPSESSID=ff14e4ab9c74e4a3da1f0cc59cb05fce; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
location
signin
content-type
text/html; charset=UTF-8
content-length
0
date
Tue, 09 Mar 2021 13:12:57 GMT
server
LiteSpeed
signin.css
sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.107.214 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b23c0b83a601504ebc54a84623a2ae2b7cdf7208892499597401af735b35a832

Request headers

Referer
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:57 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 11:59:36 GMT
server
LiteSpeed
etag
"2c60-60476328-dc18973eaeabeb77;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2434
expires
Thu, 08 Apr 2021 13:12:57 GMT
jquery-3.3.1.min.js
sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/js/jquery-3.3.1.min.js
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.107.214 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:57 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 11:59:36 GMT
server
LiteSpeed
etag
"1538f-60476328-82252a975f3ae590;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29664
expires
Tue, 16 Mar 2021 13:12:57 GMT
modernizr.min.js
js-codes.com/modernizr/2.9.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-codes.com/modernizr/2.9.0/modernizr.min.js
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5ce5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express, Phusion Passenger 5.3.7
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Request headers

Referer
https://sekg-dith.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8679543
x-powered-by
Express, Phusion Passenger 5.3.7
status
200 OK
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b8b7963600004eb5b21be000000001
last-modified
Wed, 11 Oct 2017 07:04:24 GMT
server
cloudflare
etag
W/"edf-15f0a3fa4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WBCDghoFe5F4n4dhGc%2BtpHHKNL3FIJGG%2FomRknzpTArGgcjs4hatZROx1AziDXDOQqCzrvZrwfeewzC12Wz6k%2BwddpUXc%2BNzcWeaBulWybplYoP7IWP2BFA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
62d48ed05c534eb5-FRA
expires
Mon, 29 Nov 2021 02:13:53 GMT
logo_official.svg
sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/pics/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/pics/logo_official.svg
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.107.214 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Request headers

Referer
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:57 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 11:59:36 GMT
server
LiteSpeed
etag
"1351-60476328-c06cf4327333fe38;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1794
expires
Tue, 16 Mar 2021 13:12:57 GMT
p_small_regular.woff
sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/fonts/p_small_regular.woff
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.107.214 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8

Request headers

Origin
https://sekg-dith.com
Referer
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:57 GMT
last-modified
Tue, 09 Mar 2021 11:59:36 GMT
server
LiteSpeed
etag
"b8eb-60476328-35e19521c1ae11f3;;;"
content-type
application/font-woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
47339
expires
Tue, 16 Mar 2021 13:12:57 GMT
p_small_light.woff
sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/fonts/p_small_light.woff
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.107.214 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab

Request headers

Origin
https://sekg-dith.com
Referer
https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/lib/styles/signin.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:57 GMT
last-modified
Tue, 09 Mar 2021 11:59:36 GMT
server
LiteSpeed
etag
"b66f-60476328-34ba13d48e1a9fec;;;"
content-type
application/font-woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
46703
expires
Tue, 16 Mar 2021 13:12:57 GMT
tracking.js
cdn.livechatinc.com/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: sekg-dith.com
URL: https://sekg-dith.com/wp-includes/fonts/sqkol/.nknol/CLEANPrince/app/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
169d80197c2d5f173ea03b0ffd54adc068c7d7c457b709bacf61eca1a5ef2f3f

Request headers

Referer
https://sekg-dith.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qW.vC9o.aN87IuTs6s_Rlq98avQK07gP
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 06:33:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"dbec992fee05456059a00f1cb0b4bbe6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Tue, 09 Mar 2021 13:12:58 GMT
content-length
24977
x-amz-cf-id
OrJ8K9Xy1Fzar8TYzjULJe2i8F2VEKDgNfFetps4a8WVklNVSASk-A==
expires
Tue, 09 Mar 2021 21:12:58 GMT
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ 		258 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12661356&url=https%3A%2F%2Fsekg-dith.com%2Fwp-includes%2Ffonts%2Fsqkol%2F.nknol%2FCLEANPrince%2Fapp%2Fsignin&channel_type=code&jsonp=__y8xjl1vfl1j
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cbd9c108f5c8fb6b4b6e3951af342ffad044770f453a1c9340447eee7713a033
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://sekg-dith.com/;
X-Frame-Options allow-from https://sekg-dith.com/

Request headers

Referer
https://sekg-dith.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://sekg-dith.com/;
cache-control
private
x-frame-options
allow-from https://sekg-dith.com/
date
Tue, 09 Mar 2021 13:12:58 GMT
content-length
258
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
get_configuration
api.livechatinc.com/v3.3/customer/action/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12661356&version=11.1.1.7.12.11.7.1.1.1.1.4&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b3346728205df430ac3768b32e299916cfa2c40ac074936f11e00ad01742bb3a

Request headers

Referer
https://sekg-dith.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:59 GMT
content-encoding
gzip
cache-control
public, max-age=600
content-type
application/javascript; charset=UTF-8
content-length
1149
vary
Accept-Encoding
expires
Tue, 09 Mar 2021 13:22:59 GMT
open_chat.cgi
secure.livechatinc.com/licence/12661356/v2/ Frame 927A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b273e4755e77a1ad5fcacb5a92b6b9ee55d8f1f17233d67e728301bc5e8de5b1

Request headers

:method
GET
:authority
secure.livechatinc.com
:scheme
https
:path
/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sekg-dith.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sekg-dith.com/

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
expires
Tue, 09 Mar 2021 13:12:59 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 09 Mar 2021 13:12:59 GMT
content-length
1991
localization.en.0.f18dd4d9fb0b965b3781bba9707f6877_d437563c7d1e5863992354f5905f29e4.js
secure.livechatinc.com/licence/12661356/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/12661356/v2/localization.en.0.f18dd4d9fb0b965b3781bba9707f6877_d437563c7d1e5863992354f5905f29e4.js?jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
176a2510bcfdeafb54dab7aeeb53c2b10569a168618c48c619637471210939b2

Request headers

Referer
https://sekg-dith.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:12:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://api.chat.io
access-control-expose-headers
location
cache-control
public, max-age=600
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
3395
expires
Tue, 09 Mar 2021 13:22:59 GMT
css
fonts.googleapis.com/ Frame 927A 		5 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
186f350c18cd78e9b3032039dc1c28cd1e5a83f87165f9ef4f7e3927e61bd7a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 11:27:14 GMT
server
ESF
date
Tue, 09 Mar 2021 13:12:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Mar 2021 13:12:59 GMT
7.76ea489c.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 927A 		361 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/7.76ea489c.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fd818bbb69ccd1ae2b05a9b2ed2919e9ecd8ddb6172b7dfcd310ad83413ba8f4

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ysroaPS1B2v2TR41ogXiVUUlBhOl3wgz
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 09:42:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"16d695a56fc5f23dfede15ee16f52ca6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 09 Mar 2021 13:12:59 GMT
content-length
116748
x-amz-cf-id
QHCtaMWF0WG3oNeEeZSru2JCDCTUqlqetbKkcYvHOIm0knklUjFJcg==
expires
Wed, 09 Mar 2022 13:12:59 GMT
iframe.3172a766.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 927A 		361 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.3172a766.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
13017666fcc8737fa64c7becded92b2b1836a61f0a425f73b57a2139034570cf

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tPileYNxEeBm0G932sL1BgRMdIZcWOfV
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 16:56:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"df7e92efaa9c7b4fced54390f85410aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 09 Mar 2021 13:12:59 GMT
content-length
105342
x-amz-cf-id
nwlI3KbvEQtpDVGNeZwOYguHdeD-cXdkXPBtMe8-DbDf-t-_PrgKkg==
expires
Wed, 09 Mar 2022 13:12:59 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v11/ Frame 927A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secure.livechatinc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:52:32 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Sep 2020 00:08:03 GMT
server
sffe
age
570027
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Wed, 02 Mar 2022 22:52:32 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v11/ Frame 927A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secure.livechatinc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:21:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:50:59 GMT
server
sffe
age
283870
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
expires
Sun, 06 Mar 2022 06:21:49 GMT
postmessage.html
accounts.livechatinc.com/static/ Frame 9FC9
Redirect Chain
  • https://accounts.livechatinc.com/customer?license_id=12661356&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%...
  • https://accounts.livechatinc.com/static/postmessage.html
553 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/static/postmessage.html
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/iframe.3172a766.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae

Request headers

:method
GET
:authority
accounts.livechatinc.com
:scheme
https
:path
/static/postmessage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.livechatinc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.livechatinc.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
"06F41167B22D690E6AD57C16440DEC37558AF6A5"
vary
Accept-Encoding
content-length
365
date
Tue, 09 Mar 2021 13:12:59 GMT

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://accounts.livechatinc.com/static/postmessage.html#access_token=dal:jheLskwlQGCVSBW-88fhsg&entity_id=688d3385-cefc-4d8f-5479-c8d5c7f8e837&expires_in=28800&redirect_uri=https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi&state=@livechat/customer-auth&token_type=Bearer
pragma
no-cache
content-length
0
date
Tue, 09 Mar 2021 13:12:59 GMT
set-cookie
__lc_cid=688d3385-cefc-4d8f-5479-c8d5c7f8e837; Path=/customer; Domain=accounts.livechatinc.com; Expires=Thu, 09 Mar 2023 13:12:59 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc_cst=c2a19c7b119963f2f4b633066b8e33fd7bf2c5fee301811574d14cd4def91732126bc23f802ec0f2a299d6bb3a3fcdda8deebe33302217e9c8633d8e799b; Path=/customer; Domain=accounts.livechatinc.com; Expires=Thu, 09 Mar 2023 13:12:59 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc2_cid=688d3385-cefc-4d8f-5479-c8d5c7f8e837; Path=/licence; Domain=accounts.livechatinc.com; Expires=Thu, 09 Mar 2023 13:12:59 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc2_cst=c2a19c7b119963f2f4b633066b8e33fd7bf2c5fee301811574d14cd4def91732126bc23f802ec0f2a299d6bb3a3fcdda8deebe33302217e9c8633d8e799b; Path=/licence; Domain=accounts.livechatinc.com; Expires=Thu, 09 Mar 2023 13:12:59 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __oauth_redirect_detector=counter=1&t=1615295609&tag=c725b790769f5310109d3866008944e731c75274; Path=/; Expires=Tue, 09 Mar 2021 13:13:29 GMT; HttpOnly
/
cdn.livechatinc.com/cloud/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2FeyeCatchers%2Fnew108.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8

Request headers

Referer
https://sekg-dith.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BNr21rqHAp8nqnbnHeuvqEjoTFMAy6EH
last-modified
Tue, 06 Mar 2018 10:29:26 GMT
server
AmazonS3
x-amz-request-id
7125A81E8B7DA842
etag
"c2d03ed3cde151c08cb657df3a018dbb"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=44825398
date
Tue, 09 Mar 2021 13:13:00 GMT
accept-ranges
bytes
content-length
28303
x-amz-id-2
63juaKK1XNpRQuop6BIwOGTpLlkEcnzOGP5ct7SLue1YcBV8ST77Gk4M6aF0cIq6FFGnHDqREGk=
expires
Wed, 10 Aug 2022 08:42:58 GMT
greeting.0fe41ebb.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 927A 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/greeting.0fe41ebb.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
468cd8fa71a965fb24fc04793dae15f387deb56db13535c1a9b129ea3bad2de9

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tPzbczu3FxfgMvPEnlgsEsUGIla_8w0p
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 15:19:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"9c9d87f8ab3f0f403ae083b7eb9b5ba1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 09 Mar 2021 13:13:07 GMT
content-length
5656
x-amz-cf-id
RdCFRcVYdcQOTfco0mjWozcrf5YdeYNAYnDbemkwrg-UfgXIKdMiqg==
expires
Wed, 09 Mar 2022 13:13:07 GMT
616536c9a01889a0ec35e5225f2df64e.jpeg
cdn.livechat-files.com/api/file/lc/img/12661356/ Frame 927A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechat-files.com/api/file/lc/img/12661356/616536c9a01889a0ec35e5225f2df64e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
992c9cb6774a8d6fa85792279d33b9109fef2f871fdf8e79adad3da56179a4b2

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Mar 2021 13:13:07 GMT
cache-control
private, max-age=86396
content-length
4971
content-type
image/jpeg
new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ 		11 KB
11 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/media/new_message.a37211a6.ogg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

Request headers

Referer
https://sekg-dith.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
j67lpp016XxatQXyADKdZ6GBWrxAaFDZ
last-modified
Thu, 14 Jan 2021 13:36:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"a37211a6cfcda45352d5abcff1e446bb"
content-type
application/octet-stream
Content-Range
bytes 0-11403/11404
cache-control
max-age=31536000
date
Tue, 09 Mar 2021 13:13:07 GMT
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
11404
x-amz-cf-id
LYsBXR-YNV9VspD-iJyO6-LHcrg7LI7JGoadhD8AVtqi289AhH3Lbg==
expires
Wed, 09 Mar 2022 13:13:07 GMT
handwave.gif
cdn.livechat-static.com/api/file/lc/img/rich-greetings/ Frame 927A 		364 KB
365 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechat-static.com/api/file/lc/img/rich-greetings/handwave.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d368f73655941321fa294f8c0f5d63f0a6caaab3dccac499800b4e2e49358a51

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Mar 2021 13:13:09 GMT
cache-control
private, max-age=33938
content-length
372763
content-type
image/gif
logs
queue.livechatinc.com/ Frame 927A 		965 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://queue.livechatinc.com/logs
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/7.76ea489c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
f87c303d9ad5f9e6863fdaa5c07a0c9b712ae1a17abddaf2109c825937d11f17

Request headers

Accept
*/*
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 09 Mar 2021 13:13:09 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"3c5-POSaVsno6NrmCu/kex77kA"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.livechatinc.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
561
expires
Tue, 09 Mar 2021 13:13:09 GMT
1.719cfe5d.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 927A 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/1.719cfe5d.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0b0cfdfe02b35f788148c95f1d088e07f9d3d311d00f61656bab5b2c7bbddf51

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_Ohd2yFakCg9WCtQIATqKUKv5VzmD3b_
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 09:42:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"151e0401dafe343687541e38ebb6ed49"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 09 Mar 2021 13:13:10 GMT
content-length
21238
x-amz-cf-id
Q6SruBwhtTltuGShf3gcLqOLnfOUSwuD-7BhFzyXJnkjT1efYcc6Jw==
expires
Wed, 09 Mar 2022 13:13:10 GMT
main-view.e108d2fc.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 927A 		126 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/main-view.e108d2fc.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/12661356/v2/open_chat.cgi?license=12661356&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c07b13ec2089770823f573b35ff50d9bd6ced063dfeacb90802227e85831995f

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DjZqu3tJcOK47E45dPozRU_CjMNzQ3wQ
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 15:19:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"a175577a8513d51532be74f14d1bc1d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 09 Mar 2021 13:13:10 GMT
content-length
37231
x-amz-cf-id
r7pMBpLeekJWm2D1G1ecM9KIIAWuPKwI4hV5_9HkHmm1Hk4oyMWqfg==
expires
Wed, 09 Mar 2022 13:13:10 GMT
616536c9a01889a0ec35e5225f2df64e.jpeg
cdn.livechat-files.com/api/file/lc/img/12661356/ Frame 927A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechat-files.com/api/file/lc/img/12661356/616536c9a01889a0ec35e5225f2df64e.jpeg
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/7.76ea489c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
992c9cb6774a8d6fa85792279d33b9109fef2f871fdf8e79adad3da56179a4b2

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Mar 2021 13:13:10 GMT
cache-control
private, max-age=86393
content-length
4971
content-type
image/jpeg
616536c9a01889a0ec35e5225f2df64e.jpeg
cdn.livechat-files.com/api/file/lc/img/12661356/ Frame 927A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechat-files.com/api/file/lc/img/12661356/616536c9a01889a0ec35e5225f2df64e.jpeg
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/7.76ea489c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
992c9cb6774a8d6fa85792279d33b9109fef2f871fdf8e79adad3da56179a4b2

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Mar 2021 13:13:14 GMT
cache-control
private, max-age=86389
content-length
4971
content-type
image/jpeg
616536c9a01889a0ec35e5225f2df64e.jpeg
cdn.livechat-files.com/api/file/lc/img/12661356/ Frame 927A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechat-files.com/api/file/lc/img/12661356/616536c9a01889a0ec35e5225f2df64e.jpeg
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/7.76ea489c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
992c9cb6774a8d6fa85792279d33b9109fef2f871fdf8e79adad3da56179a4b2

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Mar 2021 13:13:17 GMT
cache-control
private, max-age=86386
content-length
4971
content-type
image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| html5 object| Modernizr object| __lc object| LiveChatWidget boolean| __lc_inited object| LC_API

1 Cookies

Domain/Path Name / Value
sekg-dith.com/ Name: PHPSESSID
Value: ff14e4ab9c74e4a3da1f0cc59cb05fce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
cdn.livechat-files.com
cdn.livechat-static.com
cdn.livechatinc.com
fonts.googleapis.com
fonts.gstatic.com
js-codes.com
queue.livechatinc.com
s.id
secure.livechatinc.com
sekg-dith.com
151.106.107.214
2.16.186.155
2402:ee80:59:2::136
2606:4700:3030::6815:5ce5
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
95.101.27.83
0b0cfdfe02b35f788148c95f1d088e07f9d3d311d00f61656bab5b2c7bbddf51
13017666fcc8737fa64c7becded92b2b1836a61f0a425f73b57a2139034570cf
14fd587bd2c48ccea1112c7b29514b13e3a7e8cf17034ab1dba90261a3c0a312
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
169d80197c2d5f173ea03b0ffd54adc068c7d7c457b709bacf61eca1a5ef2f3f
176a2510bcfdeafb54dab7aeeb53c2b10569a168618c48c619637471210939b2
186f350c18cd78e9b3032039dc1c28cd1e5a83f87165f9ef4f7e3927e61bd7a0
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
468cd8fa71a965fb24fc04793dae15f387deb56db13535c1a9b129ea3bad2de9
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
992c9cb6774a8d6fa85792279d33b9109fef2f871fdf8e79adad3da56179a4b2
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b23c0b83a601504ebc54a84623a2ae2b7cdf7208892499597401af735b35a832
b273e4755e77a1ad5fcacb5a92b6b9ee55d8f1f17233d67e728301bc5e8de5b1
b3346728205df430ac3768b32e299916cfa2c40ac074936f11e00ad01742bb3a
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
c07b13ec2089770823f573b35ff50d9bd6ced063dfeacb90802227e85831995f
cbd9c108f5c8fb6b4b6e3951af342ffad044770f453a1c9340447eee7713a033
d368f73655941321fa294f8c0f5d63f0a6caaab3dccac499800b4e2e49358a51
f87c303d9ad5f9e6863fdaa5c07a0c9b712ae1a17abddaf2109c825937d11f17
fd818bbb69ccd1ae2b05a9b2ed2919e9ecd8ddb6172b7dfcd310ad83413ba8f4