https://www.livinout.be/s%C3%BCperbahis-sitesi/?srsltid=AfmBOooCku6qq2tC01m8DQavboX56lsWD7zWbVxKUY8xDFRQXOoeiu9R
104.21.73.95 · Cloudflare, Inc.
Toronto, Canada
—
520 · 13.1s
Valid· WE1, Google Trust Services, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
ATO
Vendors
30/31
Status
partial
Registered-domain escalation
Submit livinout.be as the primary IOC, enriched with evidence from hostile subdomains like www.livinout.be.
No KB/IOK detections were recorded for this scan.
Scanner blocked by cloudflare
This scan likely captured a block/challenge page, so the AI analysis may not reflect the real site victims see.
Technology · 7/19/2026
The page shows a Cloudflare 520 error for the domain ATO. Visuals on the page depict Cloudflare branding and a generic error page rather than a credential-collection interface. There is no evidence of a brand impersonation or credential harvesting on the captured static content; the domain appears to be the target domain returning an error rather than a phishing clone. Based on the available data, phishing/impersonation cannot be confirmed from this scan alone.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 7
Hosts: 1
Domains: 1
The scan identifies a legitimate-looking domain returning a Cloudflare 520 error. The visual content in the screenshot includes Cloudflare branding and a generic host error; there is no evidence of credential collection interfaces or impersonation of a known brand within the captured content. The presence of a fresh SSL cert and Cloudflare diagnostics could be normal for an unavailable site, but the page does not demonstrate phishing activity based on the available indicators. Recommend monitoring and re-scan if the page becomes reachable to confirm whether any credential-capture functionality appears in runtime.
Monitor