agentportal.livecleanrwanda.com Open in urlscan Pro
144.91.101.209 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://agentportal.livecleanrwanda.com/
Effective URL:
https://agentportal.livecleanrwanda.com/
Submission: On November 27 via api (November 27th 2023, 10:45:07 pm UTC) from GB — Scanned from GB

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 144.91.101.209, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is agentportal.livecleanrwanda.com.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time agentportal.livecleanrwanda.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 16Shop (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 24	144.91.101.209 144.91.101.209	51167 (CONTABO) (CONTABO)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
30	5

24 144.91.101.209 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: qonics.com

agentportal.livecleanrwanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	livecleanrwanda.com 1 redirects agentportal.livecleanrwanda.com	1 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	137 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	357 B
30	4

	Domain	Requested by
24	agentportal.livecleanrwanda.com	1 redirects agentportal.livecleanrwanda.com
3	www.googletagmanager.com	agentportal.livecleanrwanda.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
30	5

This site contains no links.

Subject Issuer	Validity	Valid
www.agentportal.livecleanrwanda.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://agentportal.livecleanrwanda.com/
Frame ID: 0A2AC62F93909E022F9F862037417C60
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login To Online Marketing Agents

Page URL History Show full URLs

http://agentportal.livecleanrwanda.com/ HTTP 301
https://agentportal.livecleanrwanda.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1224 kB
Transfer

1489 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://agentportal.livecleanrwanda.com/ HTTP 301
https://agentportal.livecleanrwanda.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
agentportal.livecleanrwanda.com/
Redirect Chain

http://agentportal.livecleanrwanda.com/
https://agentportal.livecleanrwanda.com/

5 KB
6 KB

280ms
158ms

Document
text/html

144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.21

Resource Hash

24c984ebd52001b0d847586f54224d35a9ae7a3639db319918547927d4307dcf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Nov 2023 22:45:01 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.21

Redirect headers

Connection: Keep-Alive
Content-Length: 248
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 27 Nov 2023 22:45:01 GMT
Keep-Alive: timeout=5, max=100
Location: https://agentportal.livecleanrwanda.com/
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK bootstrap.min.css
agentportal.livecleanrwanda.com/vendor/bootstrap/css/ 122 KB
122 KB 73ms
70ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 10 Aug 2017 19:52:12 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "1e822-5566b88503300"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 124962

GET
H/1.1 200
OK font-awesome.min.css
agentportal.livecleanrwanda.com/fonts/font-awesome-4.7.0/css/ 30 KB
31 KB 170ms
62ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/fonts/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 23 May 2017 15:43:54 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "7918-55032dadc2280"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31000

GET
H/1.1 200
OK icon-font.min.css
agentportal.livecleanrwanda.com/fonts/Linearicons-Free-v1.0.0/ 7 KB
8 KB 175ms
67ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/fonts/Linearicons-Free-v1.0.0/icon-font.min.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 27 Nov 2017 15:43:30 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "1cba-55ef8c3986c80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7354

GET
H/1.1 200
OK animate.css
agentportal.livecleanrwanda.com/vendor/animate/ 23 KB
24 KB 182ms
64ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/animate/animate.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 31 Aug 2017 11:02:26 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "5d28-5580a94633480"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23848

GET
H/1.1 200
OK hamburgers.min.css
agentportal.livecleanrwanda.com/vendor/css-hamburgers/ 19 KB
20 KB 182ms
64ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/css-hamburgers/hamburgers.min.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 16 Aug 2017 20:45:52 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "4ce6-556e4fb49c000"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19686

GET
H/1.1 200
OK animsition.min.css
agentportal.livecleanrwanda.com/vendor/animsition/css/ 27 KB
27 KB 187ms
69ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/animsition/css/animsition.min.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

14020e649186932b88a7f815ad52ff939db3e2ba4228cad195831d1825acb54a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 12 Aug 2017 07:56:10 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "6b56-55689c342da80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27478

GET
H/1.1 200
OK select2.min.css
agentportal.livecleanrwanda.com/vendor/select2/ 15 KB
15 KB 237ms
62ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/select2/select2.min.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 23 Aug 2017 19:52:38 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "3b5c-557710dcccd80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15196

GET
H/1.1 200
OK daterangepicker.css
agentportal.livecleanrwanda.com/vendor/daterangepicker/ 8 KB
8 KB 284ms
61ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/daterangepicker/daterangepicker.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

9e4450a60b4d6d5b4a8304ade07576767dc3f64f7653b0f95bce43bf11d854b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 08 Aug 2017 20:09:34 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "1fe3-556438abd1b80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8163

GET
H/1.1 200
OK util.css
agentportal.livecleanrwanda.com/css/ 85 KB
85 KB 306ms
66ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/css/util.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 13 Dec 2017 13:44:00 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "1531e-56038f5b0e800"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 86814

GET
H/1.1 200
OK main.css
agentportal.livecleanrwanda.com/css/ 10 KB
10 KB 305ms
64ms Stylesheet
text/css 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/css/main.css

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

7edf44fd7660960f04eac887a7cf39a5de012a1782f92df04ae42e98525cb3a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 02 Apr 2021 15:59:28 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "27d6-5beff6ec69800"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10198

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 152ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-185678008-1

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d254fd1316f2664ce8f2db9063c25d137f77c413e0a499c87e3e999e2eaaf370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 27 Nov 2023 22:45:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 22:45:02 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
agentportal.livecleanrwanda.com/vendor/jquery/ 85 KB
85 KB 310ms
64ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/jquery/jquery-3.2.1.min.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 28 Jul 2017 10:24:16 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "15283-5555e1549d400"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 86659

GET
H/1.1 200
OK animsition.min.js Show response
agentportal.livecleanrwanda.com/vendor/animsition/js/ 5 KB
6 KB 313ms
64ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/animsition/js/animsition.min.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

f32da6bf81134c664b32582076b8260b3b614d508d5c651d0907b581df2a9323

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 12 Aug 2017 07:56:10 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "15ef-55689c342da80"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5615

GET
H/1.1 200
OK popper.js Show response
agentportal.livecleanrwanda.com/vendor/bootstrap/js/ 80 KB
80 KB 344ms
60ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/bootstrap/js/popper.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 27 Sep 2017 16:59:16 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "13f06-55a2eb63d0100"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 81670

GET
H/1.1 200
OK bootstrap.min.js Show response
agentportal.livecleanrwanda.com/vendor/bootstrap/js/ 50 KB
50 KB 348ms
58ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/bootstrap/js/bootstrap.min.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 10 Aug 2017 19:51:22 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "c7c7-5566b85554280"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 51143

GET
H/1.1 200
OK select2.min.js Show response
agentportal.livecleanrwanda.com/vendor/select2/ 65 KB
65 KB 371ms
66ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/select2/select2.min.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 23 Aug 2017 19:52:52 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "10468-557710ea26d00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 66664

GET
H/1.1 200
OK moment.min.js Show response
agentportal.livecleanrwanda.com/vendor/daterangepicker/ 46 KB
46 KB 378ms
65ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/daterangepicker/moment.min.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:01 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 08 Aug 2017 20:09:34 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "b635-556438abd1b80"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 46645

GET
H/1.1 200
OK daterangepicker.js Show response
agentportal.livecleanrwanda.com/vendor/daterangepicker/ 68 KB
69 KB 432ms
67ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/daterangepicker/daterangepicker.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

2c3836208d9d0a3f9dab8ef05dda493c6e98c175155e7e7abba3575207ad0244

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:02 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 24 Aug 2017 12:30:14 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "11090-5577efd7ee180"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 69776

GET
H/1.1 200
OK countdowntime.js Show response
agentportal.livecleanrwanda.com/vendor/countdowntime/ 1 KB
2 KB 435ms
66ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/vendor/countdowntime/countdowntime.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

4cff184248850f8767575963eb504ee95bbfabff946cdbfb4271474442b80ecd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:02 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 09 Nov 2017 13:34:12 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "53c-55d8cdc09fd00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1340

GET
H/1.1 200
OK main.js Show response
agentportal.livecleanrwanda.com/js/ 2 KB
2 KB 459ms
58ms Script
application/javascript 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/js/main.js

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

5359dda9d8df5a541d57bffd04489704f9a3d9884f1840353edfc12aae979609

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:02 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Wed, 17 Mar 2021 16:12:42 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "70e-5bdbdc0a41280"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1806

GET
H/1.1 200
OK bg-01.jpg
agentportal.livecleanrwanda.com/images/ 24 KB
24 KB 122ms
64ms Image
image/jpeg 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agentportal.livecleanrwanda.com/images/bg-01.jpg

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

f49138dff2e408e75c496680b3d0994baefcb220c821013f18429ebd15080682

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:02 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 18 Dec 2017 10:27:06 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "5f11-5609acaba7280"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 24337

GET
H/1.1 200
OK Poppins-Bold.ttf
agentportal.livecleanrwanda.com/fonts/poppins/ 138 KB
138 KB 75ms
67ms Font
font/ttf 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/fonts/poppins/Poppins-Bold.ttf

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

210933fb1bb4e846d37ef00c92cae636ac35633132cf2157c7ac879f27f82068

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://agentportal.livecleanrwanda.com/css/main.css
Origin: https://agentportal.livecleanrwanda.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:02 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 02 Jun 2015 23:00:00 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "227cc-51790e6e43c00"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 141260

GET
H/1.1 200
OK Poppins-Regular.ttf
agentportal.livecleanrwanda.com/fonts/poppins/ 142 KB
142 KB 86ms
59ms Font
font/ttf 144.91.101.209
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://agentportal.livecleanrwanda.com/fonts/poppins/Poppins-Regular.ttf

Requested by

Host: agentportal.livecleanrwanda.com
URL: https://agentportal.livecleanrwanda.com/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

144.91.101.209 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

qonics.com

Software

Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /

Resource Hash

2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://agentportal.livecleanrwanda.com/css/main.css
Origin: https://agentportal.livecleanrwanda.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 27 Nov 2023 22:45:02 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 02 Jun 2015 23:00:00 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag: "237a0-51790e6e43c00"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 145312

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0TB0JD9PDN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185678008-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61a0a7a16d5306b983732ccc3902b1c9a23b81a6a1164ce200aab1b3f673100b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 27 Nov 2023 22:45:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 22:45:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
31ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185678008-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 20:58:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6380
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 27 Nov 2023 22:58:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 113ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0TB0JD9PDN&gtm=45je3b81v888077917&_p=1701125102010&gcd=11l1l1l1l1&dma=0&cid=382578054.1701125102&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701125102&sct=1&seg=0&dl=https%3A%2F%2Fagentportal.livecleanrwanda.com%2F&dt=Login%20To%20Online%20Marketing%20Agents&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1172
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0TB0JD9PDN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 22:45:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://agentportal.livecleanrwanda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
218 B 38ms
38ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=375050026&t=pageview&_s=1&dl=https%3A%2F%2Fagentportal.livecleanrwanda.com%2F&ul=en-us&de=UTF-8&dt=Login%20To%20Online%20Marketing%20Agents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=805394279&gjid=955523133&cid=382578054.1701125102&tid=UA-185678008-1&_gid=520824700.1701125102&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1343004583

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agentportal.livecleanrwanda.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 22:45:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://agentportal.livecleanrwanda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 54ms
54ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=448994513&rv=3b81&h=Ag&gtm=457e3b81&ccid=_UA-185678008-1&cid=UA-185678008-1&l=UA-185678008-1.L802.S1.Y1.B7.E155.I896.EC6.TC2.HTC0~gtm.init.S0.V0.E6~gtm.js.S0.V0.E6.TS5rep.TI1.TE0.TS5zone.TI3.TE1~gtm.dom.S0.V0.E1~gtm.scrollDepth.S0.V0.E11~gtm.load.S0.V0.E0~gtm.init_consent.S1.V0.E7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://agentportal.livecleanrwanda.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 27 Nov 2023 22:45:02 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
357 B 118ms
37ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-185678008-1&cid=382578054.1701125102&jid=805394279&gjid=955523133&_gid=520824700.1701125102&_u=YADAAUAAAAAAACAAI~&z=406535969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://agentportal.livecleanrwanda.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Nov 2023 22:45:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://agentportal.livecleanrwanda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 16Shop (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
agentportal.livecleanrwanda.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9ut84eipm6786uavtqh64msimo
.livecleanrwanda.com/	1970-01-21 02:08:05	Name: _ga_0TB0JD9PDN Value: GS1.1.1701125102.1.0.1701125102.0.0.0
.livecleanrwanda.com/	1970-01-21 02:08:05	Name: _ga Value: GA1.2.382578054.1701125102
.livecleanrwanda.com/	1970-01-20 16:33:31	Name: _gid Value: GA1.2.520824700.1701125102
.livecleanrwanda.com/	1970-01-20 16:32:05	Name: _gat_gtag_UA_185678008_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agentportal.livecleanrwanda.com
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
144.91.101.209
2001:4860:4802:32::178
2001:4860:4802:34::36
2a00:1450:4001:82a::2008
2a00:1450:400c:c07::9c
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
14020e649186932b88a7f815ad52ff939db3e2ba4228cad195831d1825acb54a
210933fb1bb4e846d37ef00c92cae636ac35633132cf2157c7ac879f27f82068
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
24c984ebd52001b0d847586f54224d35a9ae7a3639db319918547927d4307dcf
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39
2c3836208d9d0a3f9dab8ef05dda493c6e98c175155e7e7abba3575207ad0244
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
4cff184248850f8767575963eb504ee95bbfabff946cdbfb4271474442b80ecd
4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be
5359dda9d8df5a541d57bffd04489704f9a3d9884f1840353edfc12aae979609
61a0a7a16d5306b983732ccc3902b1c9a23b81a6a1164ce200aab1b3f673100b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7edf44fd7660960f04eac887a7cf39a5de012a1782f92df04ae42e98525cb3a2
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
9e4450a60b4d6d5b4a8304ade07576767dc3f64f7653b0f95bce43bf11d854b2
a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
d254fd1316f2664ce8f2db9063c25d137f77c413e0a499c87e3e999e2eaaf370
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f32da6bf81134c664b32582076b8260b3b614d508d5c651d0907b581df2a9323
f49138dff2e408e75c496680b3d0994baefcb220c821013f18429ebd15080682
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

agentportal.livecleanrwanda.com Open in urlscan Pro 144.91.101.209 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

1224 kBTransfer

1489 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

agentportal.livecleanrwanda.com Open in urlscan Pro
144.91.101.209 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1224 kB
Transfer

1489 kB
Size

5
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!