Report - xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802

Report Overview

Visited public
2023-12-04 23:04:10
Tags
Submit Tags
URL
xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Finishing URL
xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802#
IP / ASN
75.2.60.5
#16509 AMAZON-02
Title
Age Verification

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
xdate4.com	unknown	2023-10-29	2015-05-16 02:29:11	2023-12-04 08:50:52	3.5 kB	36 kB	75.2.60.5
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-04 06:26:24	1.1 kB	33 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-04 06:42:16	503 B	18 kB	142.250.74.106
desekansr.com	unknown	2022-05-12	2022-05-12 10:00:20	2023-12-04 00:52:32	1.0 kB	28 kB	139.45.197.250
backunder.com	unknown	2022-12-13	2022-12-14 01:20:46	2023-12-04 10:00:21	406 B	1.7 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	desekansr.com	Sinkholed
2023-12-04	medium	desekansr.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	desekansr.com/pfe/current/micro.tag.min.js?z=6550917&sw=/sw-check-permissions-8300e.js	ScriptElement	27 kB	2023-11-02	2024-08-20
Pretty URL desekansr.com/pfe/current/micro.tag.min.js?z=6550917&sw=/sw-check-permissions-8300e.js IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 09:44 Last Seen2024-08-20 21:23 Times Seen8998 Hash 5ccd2d5882a06f293d07510ac91c92e6 b44dc0eaa03981adb70d3313e728f9359c1d21c1 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba Loading...

	xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802	ScriptElement	0 B	0001-01-01	2025-07-13
Pretty URL xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802 IP 75.2.60.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-13 06:30 Times Seen5412451 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	backunder.com/script.js	ScriptElement	911 B	2023-03-13	2025-04-07
Pretty URL backunder.com/script.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39 Last Seen2025-04-07 11:00 Times Seen1633 Hash 87431f5c53069a8fd36f6efee29a514f 08296a974e36b3c9c9eb2a853658fbb8659c8836 e05b5f6d873b1857e696af8883191ef454f3919e62df36805ad502ba6a0dbfb7 Loading...

HTTP Transactions (12)

URL IP Response Size

GET xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802

75.2.60.5

200 OK

718 B

URL User Request GET HTTP/2
xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectwww.xdate4.com
Fingerprint5C:DF:14:8A:9F:BB:29:A5:36:ED:0A:3B:50:A6:1A:6D:21:BA:D0:7B
ValiditySun, 29 Oct 2023 17:31:58 GMT - Sat, 27 Jan 2024 17:31:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
718 B (718 bytes)
Hash
9192c58ff60dfd3dccffb460ae947c3c
76c97a90fddb4683dfd62ec5808eb63910af4a6e
d50235f9ccb26d1811ae14f7cf8dcc48ce6217533ba6f34a6aafae702a03b646

HTTP Headers

GET /continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802 HTTP/1.1
Host: xdate4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 85106
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 23:03:53 GMT
etag: "53abd5fa0e5010591163f19a99c6234e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVH5R80G55N9TEEMD97HXEG
content-length: 718
X-Firefox-Spdy: h2

GET xdate4.com/continue/css/badoinkvr9.min.css

75.2.60.5

200 OK

26 kB

URL GET HTTP/2
xdate4.com/continue/css/badoinkvr9.min.css
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerLet's Encrypt
Subjectwww.xdate4.com
Fingerprint5C:DF:14:8A:9F:BB:29:A5:36:ED:0A:3B:50:A6:1A:6D:21:BA:D0:7B
ValiditySun, 29 Oct 2023 17:31:58 GMT - Sat, 27 Jan 2024 17:31:57 GMT

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
26 kB (25870 bytes)
Hash
56f0a90e9ddd25c4ae9bd3501deb2af2
b2266c8f998c35dd1c90c8fa6395170b196b3fca
ee5192f606e881f5dff6f130494895dc197de141255582a3999e06158ed21daf

HTTP Headers

GET /continue/css/badoinkvr9.min.css HTTP/1.1
Host: xdate4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 16272
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 04 Dec 2023 23:03:53 GMT
etag: "e2e3bbc225a0908375d4b0416b3d4e8b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVH5RGWDGGK2828HKW9JVV2
content-length: 25870
X-Firefox-Spdy: h2

GET xdate4.com/continue/img/18.png

75.2.60.5

200 OK

4.5 kB

URL GET HTTP/2
xdate4.com/continue/img/18.png
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerLet's Encrypt
Subjectwww.xdate4.com
Fingerprint5C:DF:14:8A:9F:BB:29:A5:36:ED:0A:3B:50:A6:1A:6D:21:BA:D0:7B
ValiditySun, 29 Oct 2023 17:31:58 GMT - Sat, 27 Jan 2024 17:31:57 GMT

File type
PNG image data, 214 x 214, 8-bit/color RGBA, non-interlaced\012- data
Size
4.5 kB (4505 bytes)
Hash
0cd2d16e38d0996d7c58513cc1b289bc
1ffa26c4fae781512663f0fa882afac03642109b
e8cf3747473436d6d1b29d5e1c517e6a05ae7ed90f4e348f720cbc450aa88310

HTTP Headers

GET /continue/img/18.png HTTP/1.1
Host: xdate4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 18338
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 23:03:53 GMT
etag: "c6a13616a4e0d81e3896cb8609e1c568-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGVH5RGYN10ERTHCZ396YN91
content-length: 4505
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xdate4.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 410779
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:100,100italic,300,400,400italic,300italic,500,500italic,700,700italic

142.250.74.106

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,100italic,300,400,400italic,300italic,500,500italic,700,700italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
17 kB (16955 bytes)
Hash
dc4457213cfb7133b824786dd1d5f420
2e6da66461844fe945b604cd73cec184ddd52333
795882c83b8612079b57462fcde45bafa3d412c3dc887e2540804d1d4ba5b92b

HTTP Headers

GET /css?family=Roboto:100,100italic,300,400,400italic,300italic,500,500italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 23:03:53 GMT
date: Mon, 04 Dec 2023 23:03:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET xdate4.com/favicon.ico

75.2.60.5

404 Not Found

1.2 kB

URL GET HTTP/2
xdate4.com/favicon.ico
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerLet's Encrypt
Subjectwww.xdate4.com
Fingerprint5C:DF:14:8A:9F:BB:29:A5:36:ED:0A:3B:50:A6:1A:6D:21:BA:D0:7B
ValiditySun, 29 Oct 2023 17:31:58 GMT - Sat, 27 Jan 2024 17:31:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xdate4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
age: 37827
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 23:03:54 GMT
etag: 1698604109-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVH5RX8X6PCSAW038KCBHZ6
content-length: 1247
X-Firefox-Spdy: h2

GET xdate4.com/sw-check-permissions-8300e.js

75.2.60.5

200 OK

568 B

URL GET HTTP/2
xdate4.com/sw-check-permissions-8300e.js
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerLet's Encrypt
Subjectwww.xdate4.com
Fingerprint5C:DF:14:8A:9F:BB:29:A5:36:ED:0A:3B:50:A6:1A:6D:21:BA:D0:7B
ValiditySun, 29 Oct 2023 17:31:58 GMT - Sat, 27 Jan 2024 17:31:57 GMT

File type
Java source, ASCII text
Size
568 B (568 bytes)
Hash
b029497bd1b2b8a3859e49cbf06bb548
948b6266c489bb73440854a22ed75d944b53346c
cd43f91051603a3ab45655b142285c44830f7a24896974664e150431a94721bc

HTTP Headers

GET /sw-check-permissions-8300e.js HTTP/1.1
Host: xdate4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 35521
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: application/javascript; charset=UTF-8
date: Mon, 04 Dec 2023 23:03:54 GMT
etag: "a04fd6f5d61d1327262ed0ca8e28f09a-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGVH5RZ1XSBQDBR1GTSMM381
content-length: 568
X-Firefox-Spdy: h2

POST desekansr.com/zone?&pub=0&zone_id=6550917&is_mobile=false&domain=xdate4.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

139.45.197.250

200 OK

0 B

URL POST HTTP/2
desekansr.com/zone?&pub=0&zone_id=6550917&is_mobile=false&domain=xdate4.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerLet's Encrypt
Subjectdesekansr.com
FingerprintED:3C:24:D7:7A:D8:09:92:ED:6E:B2:3E:5E:07:F8:AB:51:E2:DC:FC
ValidityThu, 23 Nov 2023 05:05:58 GMT - Wed, 21 Feb 2024 05:05:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=6550917&is_mobile=false&domain=xdate4.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xdate4.com
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:03:54 GMT
content-length: 0
x-trace-id: 9f207ae4a0d6f6196a2ac7f090202481
access-control-allow-origin: https://xdate4.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802

75.2.60.5

200 OK

718 B

URL User Request GET HTTP/2
xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectwww.xdate4.com
Fingerprint5C:DF:14:8A:9F:BB:29:A5:36:ED:0A:3B:50:A6:1A:6D:21:BA:D0:7B
ValiditySun, 29 Oct 2023 17:31:58 GMT - Sat, 27 Jan 2024 17:31:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
718 B (718 bytes)
Hash
9192c58ff60dfd3dccffb460ae947c3c
76c97a90fddb4683dfd62ec5808eb63910af4a6e
d50235f9ccb26d1811ae14f7cf8dcc48ce6217533ba6f34a6aafae702a03b646

HTTP Headers

GET /continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802 HTTP/1.1
Host: xdate4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 85120
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 23:04:07 GMT
etag: "53abd5fa0e5010591163f19a99c6234e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVH66E2J33AHE99HJZK27EN
content-length: 718
X-Firefox-Spdy: h2

GET backunder.com/script.js

188.114.97.1

200 OK

911 B

URL GET HTTP/2
backunder.com/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerGoogle Trust Services LLC
Subjectbackunder.com
Fingerprint41:C9:05:75:8B:A9:DC:71:5A:99:5A:C0:E4:F4:4D:C2:88:32:37:4B
ValiditySun, 03 Dec 2023 18:20:16 GMT - Sat, 02 Mar 2024 18:20:15 GMT

File type
ASCII text, with very long lines (920), with no line terminators
Size
911 B (911 bytes)
Hash
f60d3d95ba5d3857d3acb6730f06767d
454bf6bf84fc040a03287bf1096d2669804627c8
5c501b55106f7ffe03902742af81cad54e109fec08e9dd005b13ecaa6cbb748e

HTTP Headers

GET /script.js HTTP/1.1
Host: backunder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:03:53 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1228
etag: W/"4cc-5f2f3364b2fe4-gzip"
last-modified: Mon, 23 Jan 2023 19:14:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5315
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rlylkIGB3cUJ%2FR%2B3kngkmc%2BzCaIkOG5%2BcVsJNbn%2FW%2FzMAiY5QEI83KXfl%2B1wZ9IVZY5sHb%2Fvf8LqjWCDktRk1RjzN%2FDgpGg5SZA0k0pv8c66ekTVAQ2x06998WQQwNL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8307af706f2eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET desekansr.com/pfe/current/micro.tag.min.js?z=6550917&sw=/sw-check-permissions-8300e.js

139.45.197.250

200 OK

27 kB

URL GET HTTP/2
desekansr.com/pfe/current/micro.tag.min.js?z=6550917&sw=/sw-check-permissions-8300e.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerLet's Encrypt
Subjectdesekansr.com
FingerprintED:3C:24:D7:7A:D8:09:92:ED:6E:B2:3E:5E:07:F8:AB:51:E2:DC:FC
ValidityThu, 23 Nov 2023 05:05:58 GMT - Wed, 21 Feb 2024 05:05:57 GMT

File type
ASCII text, with very long lines (27007), with no line terminators
Size
27 kB (27007 bytes)
Hash
5ccd2d5882a06f293d07510ac91c92e6
b44dc0eaa03981adb70d3313e728f9359c1d21c1
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=6550917&sw=/sw-check-permissions-8300e.js HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xdate4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:03:53 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-697f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xdate4.com/continue/?bemobdata=c=91d87976-5b47-4548-aa81-6a4afa0cd832..l=4bca649d-95ea-4d49-a272-4c05632524d1..a=0..b=0..r=date.xdate4.com..ts=1701731011802
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xdate4.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 438597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2