lxdater.com/Subscri/ZA/2/index.html
143.204.55.85200 OK 1.5 kB URL User Request GET HTTP/1.1 lxdater.com/Subscri/ZA/2/index.html
IP 143.204.55.85:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 56875d2241a25eb2426ff7c8c2676fc3
a38cc298a8ef406c9a77d9fbecf1bbfee7771d7e
f804e420a6112006e34efc531287b614bdeafc737a2bcda87b71e18823adf37d
Analyzer Verdict Alert fortinet Phishing
GET /Subscri/ZA/2/index.html HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:15 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 08 Apr 2023 22:56:46 GMT
ETag: W/"af46c8cdc6bed349f3fe2f1fa1d7aa85"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yL7vW4CtNyDCbd5beDXQFb2zZ6Igpq4N0utYb0vVC3eAeOnXr1TzMA==
Age: 79321
lxdater.com/Subscri/ZA/2/style.css
143.204.55.15200 OK 5.4 kB URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/style.css
IP 143.204.55.15:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Hash 709488ba94246f79d47b21dc5e5f270f
bd47c03a7092ee1e3e64df5039b01a880ee63b70
db14d074a89d629a2e22644cf1bec6a8ddd5fc64715875bb97054d4ca47b26f5
GET /Subscri/ZA/2/style.css HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:48 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:16 GMT
ETag: W/"d088e9463b4f939ccffaf95c59ada861"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qInMO8tYrnamTVMsNjA1dR5hp3kUKnFKf0ffsGt-Yc-oQ2rEfgeoDw==
lxdater.com/Subscri/ZA/2/bootstrap.min.css
143.204.55.85200 OK 22 kB URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/bootstrap.min.css
IP 143.204.55.85:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Hash 6b168984a3b056eef7a81eb27b78c4d4
16c6a3e512ca860682b685ca4ea53f045eb2c342
53f63bc45b5c0cadb813581692079464f941a182b9a5ccc52257228936932fce
GET /Subscri/ZA/2/bootstrap.min.css HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:48 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:11 GMT
ETag: W/"6f68e2e91261b35fd0e69bcf7f67e519"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Wv4WYc2xb5B6VVJRfg9cfOUyeXPPpCHd4wTkadOuEfgqT-XJWGyrQ==
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 33aec5a6a26165f6104026c0dd599fc5
9ec1804ec89416bdf58e8735674e02b07cc231f2
b1d1d3c4e711f2dfbe75afc8bcfd8368fb69ee8720f684188744189fc25b8bdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 22:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH
142.250.74.72200 OK 44 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH
IP 142.250.74.72:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT
File type ASCII text, with very long lines (2206)
Hash 139ed3af63f2706b2fa739ba1350243b
d70d200ca849160483f3aeaab44871f0def30d60
efef88e78c1ba63c56d754b193ab33eb8784ff4f842b3d6c0be23e8918f8071c
GET /gtm.js?id=GTM-PLMNLHH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Apr 2023 22:56:47 GMT
expires: Sat, 08 Apr 2023 22:56:47 GMT
cache-control: private, max-age=900
last-modified: Sat, 08 Apr 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 33aec5a6a26165f6104026c0dd599fc5
9ec1804ec89416bdf58e8735674e02b07cc231f2
b1d1d3c4e711f2dfbe75afc8bcfd8368fb69ee8720f684188744189fc25b8bdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 22:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226 939 B URL ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 6bba8aaf05a954fa0bc9a88ab6cd21d2
327ae95366dc5b23eda6a18f844bba1682fbdd16
22abf9898ad72af25d07761b99952ee18b6457948fff61da468253456a6fa904
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Apr 2023 22:56:48 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 12 Apr 2023 18:49:18 GMT
ETag: "327ae95366dc5b23eda6a18f844bba1682fbdd16"
Last-Modified: Sat, 08 Apr 2023 18:49:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3164
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b4e1b0cff380b02-OSL
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL GET HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash 70752db397047663b021b9e112f70381
6a4faef5f6821920320857194930713425e56629
2371e4fdbbf52bc75de097bbe8e65b8d34576749d6f68daf08d62e304742213f
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 74082
date: Sat, 08 Apr 2023 22:56:48 GMT
access-control-allow-origin: *
etag: "642f8739-12162"
expires: Sat, 08 Apr 2023 23:56:48 GMT
last-modified: Fri, 07 Apr 2023 06:00:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL GET HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:48 GMT
access-control-allow-origin: *
etag: "642f8739-2b"
expires: Sat, 08 Apr 2023 23:56:48 GMT
accept-ranges: bytes
last-modified: Fri, 07 Apr 2023 06:00:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
87.250.250.119200 OK 419 B URL GET HTTP/2 mc.yandex.ru/watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP 87.250.250.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 5491c565ad8b82ddc9d20633e42d4ff9
f57b2e43e11eca1a077ce4e2fae061aedcc6ba18
4efbed47e98a8c78ed7cd8b72087fa9ba545a9c06d88082781e87605f62240a5
GET /watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lxdater.com
Referer: http://lxdater.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sat, 08 Apr 2023 22:56:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:48 GMT
last-modified: Sat, 08-Apr-2023 22:56:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lxdater.com/Subscri/ZA/2/images/favicon.png
143.204.55.85403 Forbidden 243 B URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/images/favicon.png
IP 143.204.55.85:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
File type XML 1.0 document text\012- XML document, ASCII text
Hash c758fe289ff7405989930f4254585108
28af0feb12465ed805791ecb415a4ef2cafb0efe
e9d31d2e887666261629c5292e64d82c8b4fcddd6d1ac9e9ad90d9df546ef349
GET /Subscri/ZA/2/images/favicon.png HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:48 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vCTRInSmJ2sErE9emH6iFE9j6zLIYSmXuAwQM-0R8xqMb_NDt2G9Kg==
lxdater.com/Subscri/ZA/2/images/1.gif
143.204.55.15200 OK 472 kB URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/images/1.gif
IP 143.204.55.15:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
File type GIF image data, version 89a, 270 x 400\012- data
Size 472 kB (471812 bytes)
Hash 97ce50d0474f03410ad89b7182b97a32
eb8f3e398fb720b359958edd694e2144071d527c
6e1b0f36a0f4c8d0f68ddb5392813a0eb9a4dabcdfc90e8f5fd6b95daa6ad268
GET /Subscri/ZA/2/images/1.gif HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 471812
Connection: keep-alive
Date: Sat, 08 Apr 2023 22:56:49 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:14 GMT
ETag: "97ce50d0474f03410ad89b7182b97a32"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZNMfOI4lyPHJbT6TvOGSBpi72MRknWT1qM5-tSoCKlUu8CefIETgaA==
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=941868160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225650%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL POST HTTP/2 mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=941868160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225650%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)
IP 87.250.250.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=941868160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225650%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5667
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:50 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:50 GMT
last-modified: Sat, 08-Apr-2023 22:56:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=61369368&wv-type=3&browser-info=we%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225651%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL POST HTTP/2 mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=61369368&wv-type=3&browser-info=we%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225651%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2)
IP 87.250.250.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/61794157?wmode=0&wv-part=1&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=61369368&wv-type=3&browser-info=we%3A1%3Aet%3A1680994611%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225651%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994611&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:51 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:51 GMT
last-modified: Sat, 08-Apr-2023 22:56:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lxdater.com/Subscri/ZA/2/index.html
143.204.55.85200 OK 1.5 kB URL User Request GET HTTP/1.1 lxdater.com/Subscri/ZA/2/index.html
IP 143.204.55.85:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 56875d2241a25eb2426ff7c8c2676fc3
a38cc298a8ef406c9a77d9fbecf1bbfee7771d7e
f804e420a6112006e34efc531287b614bdeafc737a2bcda87b71e18823adf37d
Analyzer Verdict Alert fortinet Phishing
GET /Subscri/ZA/2/index.html HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:15 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 08 Apr 2023 22:56:46 GMT
ETag: W/"af46c8cdc6bed349f3fe2f1fa1d7aa85"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sC6a9h2DzLv_am3gZhKfzmpoCMO4QxXrHiwZK3jJIm8VqHdCj_um7w==
Age: 79333
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=275437103&wv-type=3&browser-info=we%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)
87.250.250.119 43 B URL mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=275437103&wv-type=3&browser-info=we%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)
IP 87.250.250.119:0
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=275437103&wv-type=3&browser-info=we%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:59 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:59 GMT
last-modified: Sat, 08-Apr-2023 22:56:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=50488503&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)
87.250.250.119 43 B URL mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=50488503&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2)
IP 87.250.250.119:0
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/61794157?wmode=0&wv-part=2&wv-hit=444792065&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=50488503&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680994619%3Aw%3A1280x1024%3Av%3A1001%3Az%3A0%3Ai%3A20230408225659%3Au%3A1680994608738660797%3Avf%3A7ovr8edh4eus2jki12fc9r%3Ast%3A1680994619&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 08 Apr 2023 22:56:59 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:59 GMT
last-modified: Sat, 08-Apr-2023 22:56:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)
87.250.250.119302 Found 419 B URL GET HTTP/2 mc.yandex.ru/watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 87.250.250.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus2jki12fc9r%3Afp%3A1222%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A787236214213%3Ahid%3A444792065%3Az%3A0%3Ai%3A20230408225648%3Aet%3A1680994608%3Ac%3A1%3Arn%3A143632260%3Arqn%3A1%3Au%3A1680994608738660797%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C0%2C44%2C0%2C1%2C0%2C%2C914%2C7%2C%2C%2C%2C1208%3Aco%3A0%3Acpf%3A1%3Ans%3A1680994606228%3Arqnl%3A1%3Ast%3A1680994608%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Sat, 08 Apr 2023 22:56:48 GMT
access-control-allow-origin: http://lxdater.com
set-cookie: yabs-sid=1299344131680994608; Path=/; SameSite=None; Secure
i=pflgI8HeYmwqukGWLv81XRvh75hEQcxouzKXytSLTe9hL5abAJj0wwSfEM7/vVOYivx1PTpCWgBsHvj8hbhZF6p4OvU=; Expires=Tue, 05-Apr-2033 22:56:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3788769631680994608; Expires=Tue, 05-Apr-2033 22:56:47 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yuidss=3788769631680994608; Expires=Sun, 07-Apr-2024 22:56:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1712530608.yc.1680994608#1712530608.yrts.1680994608#1712530608.yrtsi.1680994608; Expires=Sun, 07-Apr-2024 22:56:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 08-Apr-2023 22:56:48 GMT
last-modified: Sat, 08-Apr-2023 22:56:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2