livefocused.icu
Open in
urlscan Pro
91.234.99.162
Malicious Activity!
Public Scan
Submission: On September 15 via api from CA
Summary
This is the only time livefocused.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 91.234.99.162 91.234.99.162 | 48666 (AS-MAROSN...) (AS-MAROSNET Moscow) | |
9 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
livefocused.icu
livefocused.icu |
251 KB |
9 | 1 |
Domain | Requested by | |
---|---|---|
9 | livefocused.icu |
livefocused.icu
|
9 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Primary Page:
http://livefocused.icu/budget/0neDrive/
Frame ID: 768FC27259EDE43F31F40DE5EE624E6C
Requests: 9 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
livefocused.icu/budget/0neDrive/ |
56 B 458 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
livefocused.icu/budget/0neDrive/ |
51 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
livefocused.icu/budget/0neDrive/Resources/ |
82 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
av011.png
livefocused.icu/budget/0neDrive/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt01.png
livefocused.icu/budget/0neDrive/img/ |
491 B 733 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
av051.png
livefocused.icu/budget/0neDrive/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt05.png
livefocused.icu/budget/0neDrive/img/ |
923 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginCheck.js
livefocused.icu/budget/0neDrive/Resources/ |
18 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
landing-devices-bg.png
livefocused.icu/budget/0neDrive/img/ |
88 KB 88 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _0x3918 function| _0x2718 function| _0x2df06e function| _0x33add9 function| _0x2ff419 function| _0x5c9060 function| _0x5c850a object| erp string| em function| _0x4d9ad2 number| tmp function| $ function| jQuery object| _0x39b0 function| _0x959d function| _0x486433 function| _0x45f314 function| _0x4aa175 function| _0x38d9f8 function| _0x3ef589 function| _0x28106f1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
livefocused.icu/ | Name: PHPSESSID Value: 9tdbr614n7eu6osj4mm18fofq2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
livefocused.icu
91.234.99.162
1060ba101d2a066d2f490291232af6df4fbc9d1285501c4c04b0e3249323da85
545fd3ec0a3f1b2ad6a1d82884e5e4a1ebded40991ec87e850a0a472b9539d74
605acf7940daee34302051b64968d31389aad38db8ea92805d8ff08704082a09
6bdd77a0448306ef0f6aea95131560c6fc2c81aaa25158bf975c91906616a237
a15b29fe61cdf379483582fe360b12868747042fa87bb40b0e9af42ccfd548ee
a609042b1ca43d30d0006c66a1417fea56b42766feeaeba8b20803a43e6dff09
bc1a464cf269178d8c6e77030104427d6a443e56551a248e1ba2dd99e46c4967
c859f6da518c9377dbb4396d1fee5858174fb937b396b898317a326b92db36f6
fbda0cd395020770edcdd6d04b2fdc5c038b1ea5bc70b37aeef3d9372b8de628