URL: http://ls2echo.com/
Submission: On May 02 via manual from RU — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 3.22.37.37, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is ls2echo.com. The Cisco Umbrella rank of the primary domain is 569534.
This is the only time ls2echo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 3.22.37.37 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:223... 16509 (AMAZON-02)
3 34.194.77.245 14618 (AMAZON-AES)
4 52.206.108.3 14618 (AMAZON-AES)
1 107.20.209.148 14618 (AMAZON-AES)
4 54.156.79.158 14618 (AMAZON-AES)
28 7
Apex Domain
Subdomains
Transfer
11 metaxplay.com
api.metaxplay.com — Cisco Umbrella Rank: 449246
data.metaxplay.com — Cisco Umbrella Rank: 437308
cms.metaxplay.com — Cisco Umbrella Rank: 398950
5 KB
9 ls2echo.com
ls2echo.com — Cisco Umbrella Rank: 569534
181 KB
6 cloudfront.net
d1xgo4xiuw8lvv.cloudfront.net
204 KB
1 seraphic-corp.com
policy.seraphic-corp.com — Cisco Umbrella Rank: 393631
379 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 520
121 KB
28 5
Domain Requested by
9 ls2echo.com ls2echo.com
d1xgo4xiuw8lvv.cloudfront.net
6 d1xgo4xiuw8lvv.cloudfront.net ls2echo.com
4 cms.metaxplay.com d1xgo4xiuw8lvv.cloudfront.net
4 data.metaxplay.com d1xgo4xiuw8lvv.cloudfront.net
3 api.metaxplay.com d1xgo4xiuw8lvv.cloudfront.net
1 policy.seraphic-corp.com d1xgo4xiuw8lvv.cloudfront.net
1 imasdk.googleapis.com ls2echo.com
28 7

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.metaxplay.com
Amazon RSA 2048 M01
2023-03-20 -
2024-04-18
a year crt.sh
policy.seraphic-corp.com
Amazon RSA 2048 M02
2022-11-09 -
2023-12-09
a year crt.sh

This page contains 1 frames:

Primary Page: http://ls2echo.com/
Frame ID: C58BB55E7A8E963414CC7A721A07FBF1
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

64 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

511 kB
Transfer

1426 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ls2echo.com/
3 KB
1 KB
Document
General
Full URL
http://ls2echo.com/
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.2.22
Resource Hash
36fda5ae2c531ea7381dc64825a5f5b5238f3fea48a17a56f9b6ec6720476341

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 May 2023 22:20:24 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.22
common.css
ls2echo.com/app/style/
3 KB
1 KB
Stylesheet
General
Full URL
http://ls2echo.com/app/style/common.css?v=1.0.46
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0ccd0036c25df02eaf5d2621bfbd9c2c3144f9f9c99d1194f7d7084a80700ad6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
W/"644b7ae6-b04"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
app.css
ls2echo.com/app/
69 KB
13 KB
Stylesheet
General
Full URL
http://ls2echo.com/app/app.css?v=1.0.46
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
9c0838a87c4cbf60b901667562cc76af429a457c9be1cb32b987cea2a054670b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
W/"644b7ae6-1126b"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
ima3.js
imasdk.googleapis.com/js/sdkloader/
360 KB
121 KB
Script
General
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e346af76b362ff2265b23e118a2e57685ab897a142270e85903afcb463c4b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Vary
Accept-Encoding
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
122872
X-XSS-Protection
0
Expires
Tue, 02 May 2023 22:20:24 GMT
crypto-js.js
d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/
215 KB
32 KB
Script
General
Full URL
https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/crypto-js.js
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9200:10:84b6:32c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e590348b745e27d44c887f9de834f857bf29307d89f7a52e500cc9bee7c48af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 04:08:27 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 03:59:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
65518
etag
W/"cc555d697343f566beabc493b2711739"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Lu8kdc8jL_pUFnWhSmczPpTIOkFnUDmrHmSPzTwQ6N4IRpc9G-CIBA==
jquery.js
d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/
82 KB
29 KB
Script
General
Full URL
https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9200:10:84b6:32c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bb14685f20ef4995672f51029f6be814f866a035d7869f7da6756a5fe8ac649

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 02:29:27 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 03:58:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
71458
etag
W/"5a78469e930137026167fc0fba0fe3e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Rg0MD3QP19HtLjgdw07Wm2T8Jhkzi_zFrJF785cBFVnnLJgiwAgIzg==
fuse.min.js
d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/
23 KB
7 KB
Script
General
Full URL
https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/fuse.min.js
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9200:10:84b6:32c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
376aba77efa1c95e9d886fb00af55c096607a5cc8eb58ea8b024faf3a44a9914

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 04:05:35 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jul 2022 09:36:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
65690
etag
W/"5f8e6fb5de2ff90ffb8678b5236ec4ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YCEIcn7W4SCI743VCUYy54J9sImf_Z_AP-8nD2VLrADQNXX7TKzciw==
require.js
d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/
17 KB
7 KB
Script
General
Full URL
https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/require.js
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9200:10:84b6:32c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1209b5c5e04115153b7cfcb814955dbd9de98b2d018f0b7e462247f292138b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 07:05:28 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 04:05:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
54897
etag
W/"a3dfba22fdeb709c83c1a751464420e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Dlgf7TF9HwaO9POyt_VtB1qq_2BFsdvTU2WkvAsEDStAmKxuocTKMw==
app.js
d1xgo4xiuw8lvv.cloudfront.net/webProject/ls2echo/app/
480 KB
122 KB
Script
General
Full URL
https://d1xgo4xiuw8lvv.cloudfront.net/webProject/ls2echo/app/app.js?v=1.0.46
Requested by
Host: ls2echo.com
URL: http://ls2echo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9200:10:84b6:32c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
086809fcfb0596200c1b2196273942c3c7f0c1dabf8118b6e0c2b97c832eb48b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 07:51:19 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 07:51:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
52147
x-amz-server-side-encryption
AES256
etag
W/"6c189c45d74321c43c0ea0b77e24cb89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
caGNipYBMG5z0903xtzmtKT_W_qSQf-JhTKogoE-HIJAw1WlOo3kFw==
v2PvAndClick
api.metaxplay.com/api/
34 B
646 B
XHR
General
Full URL
https://api.metaxplay.com/api/v2PvAndClick
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.77.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-77-245.compute-1.amazonaws.com
Software
nginx/1.20.1 / PHP/7.4.26
Resource Hash
500090a308433b74a1578858b4f8e6b9471d37f49fb71d3fc6ac96740397dfd6

Request headers

Accept
*/*
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 May 2023 22:20:26 GMT
server
nginx/1.20.1
x-powered-by
PHP/7.4.26
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type,X_Requested_With
expires
-1
ob
data.metaxplay.com/
35 B
357 B
XHR
General
Full URL
https://data.metaxplay.com/ob
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.108.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-108-3.compute-1.amazonaws.com
Software
/
Resource Hash
b5324861401833958473670fc9d606a799bf0aeab08df18cf142252e0c81f6ab

Request headers

Accept
*/*
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 02 May 2023 22:20:25 GMT
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
X-Custom-Header,*, sraf-bd-token
content-length
35
ob
data.metaxplay.com/
35 B
356 B
XHR
General
Full URL
https://data.metaxplay.com/ob
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.108.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-108-3.compute-1.amazonaws.com
Software
/
Resource Hash
b5324861401833958473670fc9d606a799bf0aeab08df18cf142252e0c81f6ab

Request headers

Accept
*/*
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 02 May 2023 22:20:25 GMT
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
X-Custom-Header,*, sraf-bd-token
content-length
35
newAdPolicy
policy.seraphic-corp.com/
92 B
379 B
XHR
General
Full URL
https://policy.seraphic-corp.com/newAdPolicy
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.209.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-209-148.compute-1.amazonaws.com
Software
nginx/1.20.1 / PHP/7.4.26
Resource Hash
d17f33bd5397fadb2ad9670570b87ae2998e1e28675acf2ecfe086a19651fa60

Request headers

Accept
*/*
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 02 May 2023 22:20:26 GMT
server
nginx/1.20.1
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Range,Content-Type, Authorization, Duid
language.js
ls2echo.com/app/nls/en/
5 KB
2 KB
Script
General
Full URL
http://ls2echo.com/app/nls/en/language.js?bust=1.0.46
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/require.js
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
e8ba4a2dc9949f7b81bce602fdaf66c934c52a3e4d10103b9e3827e44104e222

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
W/"644b7ae6-1293"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
92
cms.metaxplay.com/home/
0
0
Preflight
General
Full URL
https://cms.metaxplay.com/home/92?group_num=4&pn=default&pt=default&av=2.0.0.0&memory=500&clarity=1080p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.79.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-79-158.compute-1.amazonaws.com
Software
nginx/1.14.1 / PHP/7.4.28
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
dt,duid,lang,os,pn,product,pt,version,zone
Access-Control-Request-Method
GET
Origin
http://ls2echo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
dt,duid,lang,os,pn,product,pt,version,zone
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
0
cache-control
no-cache, private
date
Tue, 02 May 2023 22:20:25 GMT
server
nginx/1.14.1
vary
Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.28
x-xss-protection
1; mode=block
search
cms.metaxplay.com/keyword/
0
0
Preflight
General
Full URL
https://cms.metaxplay.com/keyword/search
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.79.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-79-158.compute-1.amazonaws.com
Software
nginx/1.14.1 / PHP/7.4.28
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
dt,duid,lang,os,pn,product,pt,version,zone
Access-Control-Request-Method
POST
Origin
http://ls2echo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
dt,duid,lang,os,pn,product,pt,version,zone
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
cache-control
no-cache, private
date
Tue, 02 May 2023 22:20:25 GMT
server
nginx/1.14.1
vary
Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.28
x-xss-protection
1; mode=block
92
cms.metaxplay.com/home/
11 B
987 B
XHR
General
Full URL
https://cms.metaxplay.com/home/92?group_num=4&pn=default&pt=default&av=2.0.0.0&memory=500&clarity=1080p
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.79.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-79-158.compute-1.amazonaws.com
Software
nginx/1.14.1 / PHP/7.4.28
Resource Hash
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

pt
default
dt
2023-05-02T22:20:25.523Z
accept-language
de-DE,de;q=0.9
product
OB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
lang
en
Referer
http://ls2echo.com/
pn
default
duid
zone
Etc/Unknown
os
Windows
version
2.0.0.0

Response headers

date
Tue, 02 May 2023 22:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
x-powered-by
PHP/7.4.28
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
search
cms.metaxplay.com/keyword/
300 B
1 KB
XHR
General
Full URL
https://cms.metaxplay.com/keyword/search
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.79.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-79-158.compute-1.amazonaws.com
Software
nginx/1.14.1 / PHP/7.4.28
Resource Hash
8d11370169475dce85d58ede09458eb09da9190c21ba1779596b099ada4ce995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

pt
default
dt
2023-05-02T22:20:25.526Z
accept-language
de-DE,de;q=0.9
product
OB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
lang
en
Referer
http://ls2echo.com/
pn
default
duid
zone
Etc/Unknown
os
Windows
version
2.0.0.0

Response headers

date
Tue, 02 May 2023 22:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.1
x-powered-by
PHP/7.4.28
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
home-bookmark-icon.webp
ls2echo.com/app/image/common/
2 KB
2 KB
Image
General
Full URL
http://ls2echo.com/app/image/common/home-bookmark-icon.webp
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
2a98ab7bd15209ce3de5f3a50d733001fcf8525bb8727a3191b064962a356f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:25 GMT
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
"644b7ae6-65a"
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
home-account-icon.webp
ls2echo.com/app/image/common/
3 KB
3 KB
Image
General
Full URL
http://ls2echo.com/app/image/common/home-account-icon.webp
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
dea429fea908aebb05373c7badec89f29bf272b3d0ec5662fac1730d51d2a27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:25 GMT
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
"644b7ae6-bc0"
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3008
signin-tab-active-icon.webp
ls2echo.com/app/image/common/
2 KB
2 KB
Image
General
Full URL
http://ls2echo.com/app/image/common/signin-tab-active-icon.webp
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bf5bb3893af42544c1bbbc75ac64509cf4cd588f9839c56bc8ced0ad4258ec2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:25 GMT
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
"644b7ae6-6de"
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1758
home-help-icon.webp
ls2echo.com/app/image/common/
2 KB
2 KB
Image
General
Full URL
http://ls2echo.com/app/image/common/home-help-icon.webp
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
5262be3ac6ab2ee20304f0cb4b823f2b5df59395363f50aa9e147e022e653f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:25 GMT
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
"644b7ae6-808"
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2056
homePageView
api.metaxplay.com/api/
0
0
Preflight
General
Full URL
https://api.metaxplay.com/api/homePageView
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.77.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-77-245.compute-1.amazonaws.com
Software
nginx/1.20.1 / PHP/7.4.26
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ls2echo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type,X_Requested_With
access-control-allow-origin
*
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 22:20:25 GMT
server
nginx/1.20.1
x-powered-by
PHP/7.4.26
homePageView
api.metaxplay.com/api/
57 B
664 B
XHR
General
Full URL
https://api.metaxplay.com/api/homePageView
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.77.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-77-245.compute-1.amazonaws.com
Software
nginx/1.20.1 / PHP/7.2.34
Resource Hash
1781a9f88b1eeeee30afbfb6421502fdbb282952294644d0ba83b6173671182a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 02 May 2023 22:20:26 GMT
server
nginx/1.20.1
x-powered-by
PHP/7.2.34
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type,X_Requested_With
expires
-1
ob
data.metaxplay.com/
35 B
356 B
XHR
General
Full URL
https://data.metaxplay.com/ob
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.108.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-108-3.compute-1.amazonaws.com
Software
/
Resource Hash
b5324861401833958473670fc9d606a799bf0aeab08df18cf142252e0c81f6ab

Request headers

Accept
*/*
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 02 May 2023 22:20:25 GMT
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
X-Custom-Header,*, sraf-bd-token
content-length
35
ob
data.metaxplay.com/
35 B
356 B
XHR
General
Full URL
https://data.metaxplay.com/ob
Requested by
Host: d1xgo4xiuw8lvv.cloudfront.net
URL: https://d1xgo4xiuw8lvv.cloudfront.net/webProject/webCommonPlugin/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.108.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-108-3.compute-1.amazonaws.com
Software
/
Resource Hash
b5324861401833958473670fc9d606a799bf0aeab08df18cf142252e0c81f6ab

Request headers

Accept
*/*
Referer
http://ls2echo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 02 May 2023 22:20:25 GMT
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
X-Custom-Header,*, sraf-bd-token
content-length
35
home-empty-icon.webp
ls2echo.com/app/image/common/
154 KB
155 KB
Image
General
Full URL
http://ls2echo.com/app/image/common/home-empty-icon.webp
Protocol
HTTP/1.1
Server
3.22.37.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-37-37.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
4350291dc9bfd290e23497a8b644ab95661595acf585b46c16519833e020fed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 22:20:26 GMT
Last-Modified
Fri, 28 Apr 2023 07:51:02 GMT
Server
nginx/1.16.1
ETag
"644b7ae6-269c6"
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
158150
google.png
d1xgo4xiuw8lvv.cloudfront.net/202206/
6 KB
6 KB
Image
General
Full URL
https://d1xgo4xiuw8lvv.cloudfront.net/202206/google.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9200:10:84b6:32c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d0ee6d09a5cbce0dae93d902434433aaa4d23465d481499a3a5e6e0ae3bb140

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ls2echo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 01:56:18 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jun 2022 11:04:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
73449
etag
"5d3ba12ec79d373720ea09e1d6dd14fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6222
x-amz-cf-id
oE7HH8iiHKYudR4d-FwBYmmR9Hepqv_6aUa47VgoHdieqF1PKV8YFA==

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _params object| _paramArr object| key_v string| appVersion string| projectName string| projectTag string| duid string| limitSelect string| DeviceVersion string| decryptParams string| googleCredential string| appType string| bookmarkType object| CryptoJS function| $ function| jQuery object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| e function| t function| Fuse function| requirejs function| require function| define string| loadSrc object| oHead object| oScript function| checkRTL function| setImmediate function| clearImmediate function| xml2js function| xml2json function| js2xml function| json2xml object| SpatialNavigation function| lazyload function| Msg function| setDataPointEvent function| appHotStart number| searchKeyInterval

1 Cookies

Domain/Path Name / Value
ls2echo.com/ Name: ia
Value: ODAuMjU1LjcuMTAw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.metaxplay.com
cms.metaxplay.com
d1xgo4xiuw8lvv.cloudfront.net
data.metaxplay.com
imasdk.googleapis.com
ls2echo.com
policy.seraphic-corp.com
107.20.209.148
2600:9000:223e:9200:10:84b6:32c0:21
2a00:1450:4001:82b::200a
3.22.37.37
34.194.77.245
52.206.108.3
54.156.79.158
086809fcfb0596200c1b2196273942c3c7f0c1dabf8118b6e0c2b97c832eb48b
0ccd0036c25df02eaf5d2621bfbd9c2c3144f9f9c99d1194f7d7084a80700ad6
1781a9f88b1eeeee30afbfb6421502fdbb282952294644d0ba83b6173671182a
2a98ab7bd15209ce3de5f3a50d733001fcf8525bb8727a3191b064962a356f56
36fda5ae2c531ea7381dc64825a5f5b5238f3fea48a17a56f9b6ec6720476341
376aba77efa1c95e9d886fb00af55c096607a5cc8eb58ea8b024faf3a44a9914
4350291dc9bfd290e23497a8b644ab95661595acf585b46c16519833e020fed0
500090a308433b74a1578858b4f8e6b9471d37f49fb71d3fc6ac96740397dfd6
5262be3ac6ab2ee20304f0cb4b823f2b5df59395363f50aa9e147e022e653f98
5d0ee6d09a5cbce0dae93d902434433aaa4d23465d481499a3a5e6e0ae3bb140
7bb14685f20ef4995672f51029f6be814f866a035d7869f7da6756a5fe8ac649
8d11370169475dce85d58ede09458eb09da9190c21ba1779596b099ada4ce995
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
9c0838a87c4cbf60b901667562cc76af429a457c9be1cb32b987cea2a054670b
9e346af76b362ff2265b23e118a2e57685ab897a142270e85903afcb463c4b34
b5324861401833958473670fc9d606a799bf0aeab08df18cf142252e0c81f6ab
bf5bb3893af42544c1bbbc75ac64509cf4cd588f9839c56bc8ced0ad4258ec2e
c1209b5c5e04115153b7cfcb814955dbd9de98b2d018f0b7e462247f292138b9
d17f33bd5397fadb2ad9670570b87ae2998e1e28675acf2ecfe086a19651fa60
dea429fea908aebb05373c7badec89f29bf272b3d0ec5662fac1730d51d2a27d
e590348b745e27d44c887f9de834f857bf29307d89f7a52e500cc9bee7c48af9
e8ba4a2dc9949f7b81bce602fdaf66c934c52a3e4d10103b9e3827e44104e222