Report - lxdater.com/Subscri/ZA/2/index.html

Report Overview

Submitted URL
lxdater.com/Subscri/ZA/2/index.html
IP
143.204.55.66
ASN
#16509 AMAZON-02
Submitted
2023-04-08 22:57:02
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
lxdater.com	unknown	2022-07-14	2023-04-05	2.1 kB	506 kB	143.204.55.85
ocsp.pki.goog	175	2018-07-01	2023-04-08	666 B	1.4 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22	2023-04-07	409 B	44 kB	142.250.74.72
ocsp.globalsign.com	2075	2012-07-20	2023-04-08	349 B	1.4 kB	104.18.20.226
mc.yandex.ru	2672	2012-05-21	2023-04-07	6.1 kB	81 kB	87.250.250.119

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-08	medium	lxdater.com/Subscri/ZA/2/index.html
2023-04-08	medium	lxdater.com/Subscri/ZA/2/index.html

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	lxdater.com/Subscri/ZA/2/index.html	588 B	2023-04-08	2023-04-19
Pretty URL lxdater.com/Subscri/ZA/2/index.html IP 143.204.55.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-08 09:13:19 Last Seen2023-04-19 01:18:06 Times Seen14 Hash 5935cf089e9e59b04904017068ae9c99 4b9f81bbb4033a769276c11c3799f0298c3039e5 cc59c4ceae85421f3b5e483fe70ce464675e2ecd9dcb8c6967a1744e5be59851 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH	112 kB	2023-04-09	2023-04-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 00:57:02 Last Seen2023-04-09 00:57:02 Times Seen2 Hash 5358cbc70a48e3ef90e71c8843c8c38b 23902ed9562e6c5953591376c9b10a2f18b07562 399efce6bbd58237822a718818327372094da5499df4e5e733eb60e68bcdb25f Loading...

	unknown	367 B	2023-04-08	2023-04-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-08 09:13:19 Last Seen2023-04-09 00:57:02 Times Seen2 Hash 74d55b5842ea4f2138332d16fcbeebc8 64d4cb67bbee3795de33831df7cf0b1c8fb10b80 7f2f999c857037eeb2d91e590b3ce1cd5e3217488316333ca7d77eab258e37c1 Loading...

	mc.yandex.ru/metrika/tag.js	216 kB	2023-04-05	2023-12-04
Pretty URL mc.yandex.ru/metrika/tag.js IP 87.250.250.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:48:42 Last Seen2023-12-04 06:20:27 Times Seen655 Hash 36026abc690c291764b880c344c6af46 200661bcbf6d5101603fff9e4a29a5073f30a07f 49572227b010b507cd402ca721d884ab73e59125cc22a1d8de099d089e90dfd1 Loading...

	lxdater.com/Subscri/ZA/2/index.html	487 B	2023-04-09	2023-04-19
Pretty URL lxdater.com/Subscri/ZA/2/index.html IP 143.204.55.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 00:57:02 Last Seen2023-04-19 01:18:06 Times Seen7 Hash 7a1ed7a9f0297000c9972c94e11301ac 44a8f1548619d52e0864d9e12dd338a7b99600b0 953ff45589feb40ccabeb91450fb2bb0552114277a16b7faffbac9316d32e8bc Loading...

	lxdater.com/Subscri/ZA/2/index.html	0 B	2023-03-07	2024-05-10
Pretty URL lxdater.com/Subscri/ZA/2/index.html IP 143.204.55.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 13:50:46 Times Seen37506360 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (18)

URL IP Response Size

lxdater.com/Subscri/ZA/2/index.html

143.204.55.85

200 OK

1.5 kB

URL User Request GET HTTP/1.1
lxdater.com/Subscri/ZA/2/index.html
IP
143.204.55.85:80
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.5 kB (1456 bytes)
Hash
56875d2241a25eb2426ff7c8c2676fc3
a38cc298a8ef406c9a77d9fbecf1bbfee7771d7e
f804e420a6112006e34efc531287b614bdeafc737a2bcda87b71e18823adf37d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Subscri/ZA/2/index.html HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:15 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 08 Apr 2023 22:56:46 GMT
ETag: W/"af46c8cdc6bed349f3fe2f1fa1d7aa85"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yL7vW4CtNyDCbd5beDXQFb2zZ6Igpq4N0utYb0vVC3eAeOnXr1TzMA==
Age: 79321

lxdater.com/Subscri/ZA/2/style.css

143.204.55.15

200 OK

5.4 kB

URL GET HTTP/1.1
lxdater.com/Subscri/ZA/2/style.css
IP
143.204.55.15:80
ASN
#16509 AMAZON-02

Requested by
http://lxdater.com/Subscri/ZA/2/index.html

File type
ASCII text
Size
5.4 kB (5437 bytes)
Hash
709488ba94246f79d47b21dc5e5f270f
bd47c03a7092ee1e3e64df5039b01a880ee63b70
db14d074a89d629a2e22644cf1bec6a8ddd5fc64715875bb97054d4ca47b26f5

HTTP Headers

GET /Subscri/ZA/2/style.css HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:48 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:16 GMT
ETag: W/"d088e9463b4f939ccffaf95c59ada861"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qInMO8tYrnamTVMsNjA1dR5hp3kUKnFKf0ffsGt-Yc-oQ2rEfgeoDw==

lxdater.com/Subscri/ZA/2/bootstrap.min.css

143.204.55.85

200 OK

22 kB

URL GET HTTP/1.1
lxdater.com/Subscri/ZA/2/bootstrap.min.css
IP
143.204.55.85:80
ASN
#16509 AMAZON-02

Requested by
http://lxdater.com/Subscri/ZA/2/index.html

File type
ASCII text
Size
22 kB (22518 bytes)
Hash
6b168984a3b056eef7a81eb27b78c4d4
16c6a3e512ca860682b685ca4ea53f045eb2c342
53f63bc45b5c0cadb813581692079464f941a182b9a5ccc52257228936932fce

HTTP Headers

GET /Subscri/ZA/2/bootstrap.min.css HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:48 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:11 GMT
ETag: W/"6f68e2e91261b35fd0e69bcf7f67e519"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Wv4WYc2xb5B6VVJRfg9cfOUyeXPPpCHd4wTkadOuEfgqT-XJWGyrQ==

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33aec5a6a26165f6104026c0dd599fc5
9ec1804ec89416bdf58e8735674e02b07cc231f2
b1d1d3c4e711f2dfbe75afc8bcfd8368fb69ee8720f684188744189fc25b8bdc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 22:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH

142.250.74.72

200 OK

44 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT

File type
ASCII text, with very long lines (2206)
Size
44 kB (43784 bytes)
Hash
139ed3af63f2706b2fa739ba1350243b
d70d200ca849160483f3aeaab44871f0def30d60
efef88e78c1ba63c56d754b193ab33eb8784ff4f842b3d6c0be23e8918f8071c

HTTP Headers

GET /gtm.js?id=GTM-PLMNLHH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Apr 2023 22:56:47 GMT
expires: Sat, 08 Apr 2023 22:56:47 GMT
cache-control: private, max-age=900
last-modified: Sat, 08 Apr 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33aec5a6a26165f6104026c0dd599fc5
9ec1804ec89416bdf58e8735674e02b07cc231f2
b1d1d3c4e711f2dfbe75afc8bcfd8368fb69ee8720f684188744189fc25b8bdc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 22:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

939 B

URL
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
6bba8aaf05a954fa0bc9a88ab6cd21d2
327ae95366dc5b23eda6a18f844bba1682fbdd16
22abf9898ad72af25d07761b99952ee18b6457948fff61da468253456a6fa904

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 08 Apr 2023 22:56:48 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 12 Apr 2023 18:49:18 GMT
ETag: "327ae95366dc5b23eda6a18f844bba1682fbdd16"
Last-Modified: Sat, 08 Apr 2023 18:49:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3164
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b4e1b0cff380b02-OSL

mc.yandex.ru/metrika/tag.js

87.250.250.119

200 OK

74 kB

URL GET HTTP/2
mc.yandex.ru/metrika/tag.js
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Size
74 kB (74082 bytes)
Hash
70752db397047663b021b9e112f70381
6a4faef5f6821920320857194930713425e56629
2371e4fdbbf52bc75de097bbe8e65b8d34576749d6f68daf08d62e304742213f

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 74082
date: Sat, 08 Apr 2023 22:56:48 GMT
access-control-allow-origin: *
etag: "642f8739-12162"
expires: Sat, 08 Apr 2023 23:56:48 GMT
last-modified: Fri, 07 Apr 2023 06:00:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.250.119

200 OK

43 B

URL GET HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:48 GMT
access-control-allow-origin: *
etag: "642f8739-2b"
expires: Sat, 08 Apr 2023 23:56:48 GMT
accept-ranges: bytes
last-modified: Fri, 07 Apr 2023 06:00:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

87.250.250.119

200 OK

419 B

URL GET HTTP/2
mc.yandex.ru/watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size
419 B (419 bytes)
Hash
5491c565ad8b82ddc9d20633e42d4ff9
f57b2e43e11eca1a077ce4e2fae061aedcc6ba18
4efbed47e98a8c78ed7cd8b72087fa9ba545a9c06d88082781e87605f62240a5

HTTP Headers

GET /watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lxdater.com
Referer: http://lxdater.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 419
date: Sat, 08 Apr 2023 22:56:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:48 GMT
last-modified: Sat, 08-Apr-2023 22:56:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lxdater.com/Subscri/ZA/2/images/favicon.png

143.204.55.85

403 Forbidden

243 B

URL GET HTTP/1.1
lxdater.com/Subscri/ZA/2/images/favicon.png
IP
143.204.55.85:80
ASN
#16509 AMAZON-02

Requested by
http://lxdater.com/Subscri/ZA/2/index.html

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
c758fe289ff7405989930f4254585108
28af0feb12465ed805791ecb415a4ef2cafb0efe
e9d31d2e887666261629c5292e64d82c8b4fcddd6d1ac9e9ad90d9df546ef349

HTTP Headers

GET /Subscri/ZA/2/images/favicon.png HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:48 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vCTRInSmJ2sErE9emH6iFE9j6zLIYSmXuAwQM-0R8xqMb_NDt2G9Kg==

lxdater.com/Subscri/ZA/2/images/1.gif

143.204.55.15

200 OK

472 kB

URL GET HTTP/1.1
lxdater.com/Subscri/ZA/2/images/1.gif
IP
143.204.55.15:80
ASN
#16509 AMAZON-02

Requested by
http://lxdater.com/Subscri/ZA/2/index.html

File type
GIF image data, version 89a, 270 x 400\012- data
Size
472 kB (471812 bytes)
Hash
97ce50d0474f03410ad89b7182b97a32
eb8f3e398fb720b359958edd694e2144071d527c
6e1b0f36a0f4c8d0f68ddb5392813a0eb9a4dabcdfc90e8f5fd6b95daa6ad268

HTTP Headers

GET /Subscri/ZA/2/images/1.gif HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 471812
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:49 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:14 GMT
ETag: "97ce50d0474f03410ad89b7182b97a32"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZNMfOI4lyPHJbT6TvOGSBpi72MRknWT1qM5-tSoCKlUu8CefIETgaA==

mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=941868160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225650%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)

87.250.250.119

200 OK

43 B

URL POST HTTP/2
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=941868160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225650%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=941868160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225650%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5667
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:50 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:50 GMT
last-modified: Sat, 08-Apr-2023 22:56:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=61369368&wv-type=3&browser-info=we%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225651%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)

87.250.250.119

200 OK

43 B

URL POST HTTP/2
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=61369368&wv-type=3&browser-info=we%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225651%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=61369368&wv-type=3&browser-info=we%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225651%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:51 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:51 GMT
last-modified: Sat, 08-Apr-2023 22:56:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lxdater.com/Subscri/ZA/2/index.html

143.204.55.85

200 OK

1.5 kB

URL User Request GET HTTP/1.1
lxdater.com/Subscri/ZA/2/index.html
IP
143.204.55.85:80
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.5 kB (1456 bytes)
Hash
56875d2241a25eb2426ff7c8c2676fc3
a38cc298a8ef406c9a77d9fbecf1bbfee7771d7e
f804e420a6112006e34efc531287b614bdeafc737a2bcda87b71e18823adf37d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Subscri/ZA/2/index.html HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:15 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 08 Apr 2023 22:56:46 GMT
ETag: W/"af46c8cdc6bed349f3fe2f1fa1d7aa85"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sC6a9h2DzLv_am3gZhKfzmpoCMO4QxXrHiwZK3jJIm8VqHdCj_um7w==
Age: 79333

mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=275437103&wv-type=3&browser-info=we%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)

87.250.250.119

43 B

URL
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=275437103&wv-type=3&browser-info=we%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=275437103&wv-type=3&browser-info=we%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:59 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:59 GMT
last-modified: Sat, 08-Apr-2023 22:56:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=50488503&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)

87.250.250.119

43 B

URL
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=50488503&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=50488503&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:59 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:59 GMT
last-modified: Sat, 08-Apr-2023 22:56:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)

87.250.250.119

302 Found

419 B

URL GET HTTP/2
mc.yandex.ru/watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP
87.250.250.119:443
ASN
#13238 YANDEX LLC

Requested by
http://lxdater.com/Subscri/ZA/2/index.html
Certificate
IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT

File type

Size
419 B (419 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: /watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Sat, 08 Apr 2023 22:56:48 GMT
access-control-allow-origin: http://lxdater.com
set-cookie: yabs-sid=1299344131680994608; Path=/; SameSite=None; Secure
i=pflgI8HeYmwqukGWLv81XRvh75hEQcxouzKXytSLTe9hL5abAJj0wwSfEM7/vVOYivx1PTpCWgBsHvj8hbhZF6p4OvU=; Expires=Tue, 05-Apr-2033 22:56:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3788769631680994608; Expires=Tue, 05-Apr-2033 22:56:47 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yuidss=3788769631680994608; Expires=Sun, 07-Apr-2024 22:56:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1712530608.yc.1680994608#1712530608.yrts.1680994608#1712530608.yrtsi.1680994608; Expires=Sun, 07-Apr-2024 22:56:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:48 GMT
last-modified: Sat, 08-Apr-2023 22:56:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size