lxdater.com/Subscri/ZA/2/index.html
143.204.55.15200 OK 1.5 kB URL User Request GET HTTP/1.1 lxdater.com/Subscri/ZA/2/index.html
IP 143.204.55.15:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4efd780456b6388dda76ea595fc51936
8d46c8f177b9088304e31a1da337f0066a9e3618
3b3b1ff3b8e738a28bccfc3dbcc441f28c0bf354c0f4e27e5ccae2f2b7fccd0f
Analyzer Verdict Alert fortinet Phishing
GET /Subscri/ZA/2/index.html HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:15 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 17 Apr 2023 02:25:46 GMT
ETag: W/"af46c8cdc6bed349f3fe2f1fa1d7aa85"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NvfKETuFuc5oifEozbzNePZbuqloW3tC6uyKGpeLnQ7PBy7lDZSfZA==
Age: 28276
lxdater.com/Subscri/ZA/2/style.css
143.204.55.6200 OK 5.4 kB URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/style.css
IP 143.204.55.6:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Hash ef52d0c70781698c8be28f9b06c1600c
0b91ce3c6551e59440d8e87b9e6d5bf09c083c15
1671f75af6447b1369f862106307a40b2dfa1adb1661cba7c56450935899498c
GET /Subscri/ZA/2/style.css HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:16 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 16 Apr 2023 21:32:49 GMT
ETag: W/"d088e9463b4f939ccffaf95c59ada861"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L1VNpod6f9fpJ9PX4-2f0ZnLhAdr3OYk8NTDdls2fQ9WgHS1MVemKA==
Age: 45853
lxdater.com/Subscri/ZA/2/bootstrap.min.css
143.204.55.15200 OK 22 kB URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/bootstrap.min.css
IP 143.204.55.15:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Hash 8be92ca78feac2220c45db9c6afddec7
6d1ed94dfdc7e85aded162cc1690f9894da1ac53
055d6a6e17f77ebbd87021928566cc5ea61620088b4dd062ecc7538436a5783c
GET /Subscri/ZA/2/bootstrap.min.css HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 17 Apr 2023 03:23:34 GMT
Last-Modified: Sat, 18 Feb 2023 09:48:11 GMT
ETag: W/"6f68e2e91261b35fd0e69bcf7f67e519"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qffd03QjCmSC_3E381zFEozakFeuatFBF8DwX7Y5jjDQw3RUsyNrbw==
Age: 24807
lxdater.com/Subscri/ZA/2/images/1.gif
143.204.55.6200 OK 472 kB URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/images/1.gif
IP 143.204.55.6:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
File type GIF image data, version 89a, 270 x 400\012- data
Size 472 kB (471812 bytes)
Hash 97ce50d0474f03410ad89b7182b97a32
eb8f3e398fb720b359958edd694e2144071d527c
6e1b0f36a0f4c8d0f68ddb5392813a0eb9a4dabcdfc90e8f5fd6b95daa6ad268
GET /Subscri/ZA/2/images/1.gif HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 471812
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:14 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 16 Apr 2023 21:04:57 GMT
ETag: "97ce50d0474f03410ad89b7182b97a32"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cwd7KsZLX9KnJxlbbZfGz_eUcLq2W2-CfJsQtXVseynat8Zm7hjumw==
Age: 47525
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 138b90a2136f08d71104af7049d84e79
22a3f49da6c41ae1cbaf5289b0e4213097319337
d95ac78bb3625c1cb856c8687e5b5d3d831dd60bb474f6e3a9dfab7331729464
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 10:17:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lxdater.com/Subscri/ZA/2/images/favicon.png
143.204.55.6403 Forbidden 243 B URL GET HTTP/1.1 lxdater.com/Subscri/ZA/2/images/favicon.png
IP 143.204.55.6:80
Requested by http://lxdater.com/Subscri/ZA/2/index.html
File type XML 1.0 document text\012- XML document, ASCII text
Hash 8920f363b52d76d95d292b19ab07fcd0
54e099e8a52aa78d78853778dd0f8a6f43fa5558
c15af9fcf9117668abb40c943e4f6bd6505a84720accd957e4c13bca69ddfbef
GET /Subscri/ZA/2/images/favicon.png HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lxdater.com/Subscri/ZA/2/index.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 17 Apr 2023 10:17:01 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f7P2N9iy_lt9uv0VhHIzy8U0RJejYCrvLmEpPd_tczZcWq5ofYAN1g==
www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH
142.250.74.40200 OK 44 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PLMNLHH
IP 142.250.74.40:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT
File type ASCII text, with very long lines (2206)
Hash bb4ae521ab413d322a0dadc1d41a70d9
3ec91b12925d5d322e0afd2a217d8da78dff5585
16552e94f5b9b501dabdf731019c31e93ad94334d912f06a23e5872140ff93b5
GET /gtm.js?id=GTM-PLMNLHH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 17 Apr 2023 10:17:01 GMT
expires: Mon, 17 Apr 2023 10:17:01 GMT
cache-control: private, max-age=900
last-modified: Mon, 17 Apr 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 138b90a2136f08d71104af7049d84e79
22a3f49da6c41ae1cbaf5289b0e4213097319337
d95ac78bb3625c1cb856c8687e5b5d3d831dd60bb474f6e3a9dfab7331729464
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 10:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226 939 B URL ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash f6e3e698d352c59b661137778988ae01
b1713d737a2fd3a3ba33ed8f7d1f2d27b9d74cb9
886063c045064980c0bd74b0584ea18dee8a0be4dcc4d8d2456585eb16f49298
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 17 Apr 2023 10:17:02 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 21 Apr 2023 07:37:27 GMT
ETag: "b1713d737a2fd3a3ba33ed8f7d1f2d27b9d74cb9"
Last-Modified: Mon, 17 Apr 2023 07:37:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 257
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b93ea7fbf830afe-OSL
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL GET HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 40ae6984f926ba6efa666bad2d749be3
1803211166eedd9c6c87f414f00650d31f06e303
65220376f2c5316b26c6f5f647236ec7c9246709f30b2da8ce50bd51fd66b6e4
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 74393
date: Mon, 17 Apr 2023 10:17:02 GMT
access-control-allow-origin: *
etag: "6438d8df-12299"
expires: Mon, 17 Apr 2023 11:17:02 GMT
last-modified: Fri, 14 Apr 2023 07:38:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL GET HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 17 Apr 2023 10:17:03 GMT
access-control-allow-origin: *
etag: "6438d8df-2b"
expires: Mon, 17 Apr 2023 11:17:03 GMT
accept-ranges: bytes
last-modified: Fri, 14 Apr 2023 07:38:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 419 B URL GET HTTP/2 mc.yandex.ru/watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 336769d9aa3918b9af62258e5b1b43c1
2ee7ed56b0c7084edb06e7522d47dc322a1de1ad
e920d7e8d7d77cb22cc571b5b06ed81a63924331a9e3e3c684387284fadff49a
GET /watch/61794157?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
location: /watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 17 Apr 2023 10:17:03 GMT
access-control-allow-origin: http://lxdater.com
set-cookie: yabs-sid=2658547811681726623; Path=/; SameSite=None; Secure
i=72mDdFpfPz6ZFoCmIlNhsRuQDEveyFHAt0P7mmIgTyT0nKjQJIrGBFe6KdzZekO3V2trKZDJwMYD5JJ9qCFgesUBqME=; Expires=Thu, 14-Apr-2033 10:16:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1937963681681726623; Expires=Thu, 14-Apr-2033 10:16:59 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yuidss=1937963681681726623; Expires=Tue, 16-Apr-2024 10:17:03 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1713262623.yc.1681726623#1713262623.yrts.1681726623#1713262623.yrtsi.1681726623; Expires=Tue, 16-Apr-2024 10:17:03 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 17-Apr-2023 10:17:03 GMT
last-modified: Mon, 17-Apr-2023 10:17:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=176800249&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=1007148345&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1681726738%3Aw%3A1280x1024%3Av%3A1012%3Az%3A0%3Ai%3A20230417101858%3Au%3A1681726735994622194%3Avf%3Aihb4q796484i93absudza7%3Ast%3A1681726738&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL POST HTTP/2 mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=176800249&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=1007148345&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1681726738%3Aw%3A1280x1024%3Av%3A1012%3Az%3A0%3Ai%3A20230417101858%3Au%3A1681726735994622194%3Avf%3Aihb4q796484i93absudza7%3Ast%3A1681726738&t=gdpr(14)ti(2)
IP 87.250.251.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/61794157?wmode=0&wv-part=1&wv-hit=176800249&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=1007148345&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1681726738%3Aw%3A1280x1024%3Av%3A1012%3Az%3A0%3Ai%3A20230417101858%3Au%3A1681726735994622194%3Avf%3Aihb4q796484i93absudza7%3Ast%3A1681726738&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5667
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 17 Apr 2023 10:17:06 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 17-Apr-2023 10:17:06 GMT
last-modified: Mon, 17-Apr-2023 10:17:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=176800249&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=93366231&wv-type=3&browser-info=we%3A1%3Aet%3A1681726739%3Aw%3A1280x1024%3Av%3A1012%3Az%3A0%3Ai%3A20230417101858%3Au%3A1681726735994622194%3Avf%3Aihb4q796484i93absudza7%3Ast%3A1681726739&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL POST HTTP/2 mc.yandex.ru/webvisor/61794157?wmode=0&wv-part=1&wv-hit=176800249&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=93366231&wv-type=3&browser-info=we%3A1%3Aet%3A1681726739%3Aw%3A1280x1024%3Av%3A1012%3Az%3A0%3Ai%3A20230417101858%3Au%3A1681726735994622194%3Avf%3Aihb4q796484i93absudza7%3Ast%3A1681726739&t=gdpr(14)ti(2)
IP 87.250.251.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/61794157?wmode=0&wv-part=1&wv-hit=176800249&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&rn=93366231&wv-type=3&browser-info=we%3A1%3Aet%3A1681726739%3Aw%3A1280x1024%3Av%3A1012%3Az%3A0%3Ai%3A20230417101858%3Au%3A1681726735994622194%3Avf%3Aihb4q796484i93absudza7%3Ast%3A1681726739&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://lxdater.com
Connection: keep-alive
Referer: http://lxdater.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 17 Apr 2023 10:17:07 GMT
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 17-Apr-2023 10:17:07 GMT
last-modified: Mon, 17-Apr-2023 10:17:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lxdater.com/Subscri/ZA/2/index.html
143.204.55.66200 OK 1.5 kB URL User Request GET HTTP/1.1 lxdater.com/Subscri/ZA/2/index.html
IP 143.204.55.66:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4efd780456b6388dda76ea595fc51936
8d46c8f177b9088304e31a1da337f0066a9e3618
3b3b1ff3b8e738a28bccfc3dbcc441f28c0bf354c0f4e27e5ccae2f2b7fccd0f
Analyzer Verdict Alert fortinet Phishing
GET /Subscri/ZA/2/index.html HTTP/1.1
Host: lxdater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 09:48:15 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 17 Apr 2023 02:25:46 GMT
ETag: W/"af46c8cdc6bed349f3fe2f1fa1d7aa85"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q15yYGI9tddAM7s2mtbUq9njQ4FyNJG6MydZ9jrQYD8mslBM7oCkPA==
Age: 28288
mc.yandex.ru/watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 419 B URL GET HTTP/2 mc.yandex.ru/watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:443
Requested by http://lxdater.com/Subscri/ZA/2/index.html
Certificate IssuerGlobalSign nv-sa
Subjectmc.yandex.ru
Fingerprint7A:70:D1:52:BA:7F:21:BF:33:10:84:91:DB:A0:28:85:23:1D:7A:20
ValidityFri, 17 Mar 2023 21:01:01 GMT - Sun, 27 Aug 2023 20:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (473), with no line terminators
Hash a046f0a9c752da0e2103c7980cf83651
e6d132472b68c563ef9cfa9a2efde70873360df6
154968dce278d6690d03320e89cf181dcb04eea56f100e333d05b3eab7b729b8
GET /watch/61794157/1?wmode=7&page-url=http%3A%2F%2Flxdater.com%2FSubscri%2FZA%2F2%2Findex.html%23&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A605731547132%3Ahid%3A176800249%3Az%3A0%3Ai%3A20230417101855%3Aet%3A1681726735%3Ac%3A1%3Arn%3A129265920%3Arqn%3A1%3Au%3A1681726735994622194%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A138%2C1%2C5%2C1%2C%2C0%2C%2C157%2C5%2C1156%2C1156%2C0%2C318%3Aco%3A0%3Acpf%3A1%3Ans%3A1681726732676%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-13a84b69804b2bddf31f36f8f1aa466f-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1681726735%3At%3ABest%20video&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lxdater.com
Referer: http://lxdater.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 419
date: Mon, 17 Apr 2023 10:17:04 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://lxdater.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 17-Apr-2023 10:17:04 GMT
last-modified: Mon, 17-Apr-2023 10:17:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2