6776.gofenews.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 45.133.44.20, located in Philadelphia, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 6776.gofenews.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 15th 2024. Valid for: 3 months.

This is the only time 6776.gofenews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.133.44.20 45.133.44.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	45.133.44.21 45.133.44.21	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	212.117.190.201 212.117.190.201	7979 (SERVERS-COM) (SERVERS-COM)
6	3

3 45.133.44.20 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

54f10.gofenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6776.gofenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.21 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

2818.selornews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
321.selornews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.117.190.201 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)

2xs4eumlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gofenews.com 54f10.gofenews.com 6776.gofenews.com	18 KB
2	selornews.com 2818.selornews.com 321.selornews.com	14 KB
1	2xs4eumlc.com 2xs4eumlc.com	431 B
6	3

	Domain	Requested by
2	6776.gofenews.com	2818.selornews.com
1	2xs4eumlc.com	2818.selornews.com
1	321.selornews.com	54f10.gofenews.com
1	2818.selornews.com	54f10.gofenews.com
1	54f10.gofenews.com
6	5

This site contains no links.

Subject Issuer	Validity	Valid
*.gofenews.com ZeroSSL RSA Domain Secure Site CA	`2024-06-15` - `2024-09-13`	3 months	crt.sh
*.selornews.com ZeroSSL RSA Domain Secure Site CA	`2024-06-15` - `2024-09-13`	3 months	crt.sh
Buypass Class 2 CA 5	`2024-06-21` - `2024-12-17`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://6776.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com
Frame ID: 9C41982B1435B805B98D4B626B6A05C3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://54f10.gofenews.com/dannig/tube-player/index.html Page URL
https://6776.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tb... Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

32 kB
Transfer

29 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://54f10.gofenews.com/dannig/tube-player/index.html Page URL
https://6776.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	index.html Show response 54f10.gofenews.com/dannig/tube-player/	15 KB 16 KB	297ms 26ms	Document text/html	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.26.0 / Resource Hash `c9722915663a5626b778f60255e108338e0af09f0e6edc4307b3326e3fd14324` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 15560 content-type text/html; charset=utf-8 date Tue, 06 Aug 2024 10:38:49 GMT etag bb086daba9d1e4ca87a17306cb066be3 expires Thu, 08 Aug 2024 10:38:49 GMT last-modified Wed, 22 Dec 2021 16:48:34 GMT server nginx/1.26.0 vary Accept-Encoding x-cdn-host-id ds5859 x-openstack-request-id tx08ca37110bb243589205f-0066a2acdc x-proxy-cache HIT x-timestamp 1640191713.77961 x-trans-id tx08ca37110bb243589205f-0066a2acdc
GET H2	200	script.js Show response 2818.selornews.com/	8 KB 9 KB	159ms 32ms	Script application/javascript	45.133.44.21 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://2818.selornews.com/script.js?slug=tube-player Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.26.0 / Resource Hash `384a69bf79962bc6a05496750e610be69633ddbb81d1c4015f11bffd1a37b332` Request headers Referer https://54f10.gofenews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-proxy-cache HIT date Tue, 06 Aug 2024 10:38:49 GMT x-openstack-request-id tx617e47aef11f4e35812ad-0066a2a3ff x-cdn-host-id ds5859 content-length 8132 x-trans-id tx617e47aef11f4e35812ad-0066a2a3ff last-modified Wed, 27 Mar 2024 09:12:11 GMT server nginx/1.26.0 etag 368b6c073cb19a8c0e1fbfc118b9d694 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * x-timestamp 1711530730.51091 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Thu, 08 Aug 2024 10:38:49 GMT
GET H2	200	skip-button.webp 321.selornews.com/dannig/tube-player/img/	5 KB 6 KB	399ms 33ms	Image image/webp	45.133.44.21 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://321.selornews.com/dannig/tube-player/img/skip-button.webp Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.26.0 / Resource Hash `4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-proxy-cache HIT date Tue, 06 Aug 2024 10:38:50 GMT x-openstack-request-id tx9e6cc58310b8446f85822-0066a2b87e x-cdn-host-id ds5859 content-length 5006 x-trans-id tx9e6cc58310b8446f85822-0066a2b87e last-modified Mon, 21 Dec 2020 08:44:23 GMT server nginx/1.26.0 etag da2dc41d023f4fcc89675351f9117c3d vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1608540262.03735 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Thu, 08 Aug 2024 10:38:50 GMT
GET H2	200	lib.js Show response 2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/	0 431 B	371ms 34ms	Script text/plain	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/lib.js?ymid=null&var=null&tag=0 Requested by Host: 2818.selornews.com URL: https://2818.selornews.com/script.js?slug=tube-player Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 06 Aug 2024 10:38:50 GMT x-route-id script server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 0 content-type text/plain; charset=utf-8
GET H2	404	Primary Request index.html Show response 6776.gofenews.com/tube-player/	70 B 563 B	1173ms 995ms	Document text/html	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://6776.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Requested by Host: 2818.selornews.com URL: https://2818.selornews.com/script.js?slug=tube-player Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.26.0 / Resource Hash `cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-length 70 content-type text/html; charset=UTF-8 date Tue, 06 Aug 2024 10:38:52 GMT server nginx/1.26.0 x-cdn-host-id ds5859 x-openstack-request-id tx4e1893c8e46147a69f708-0066b1fd3b x-proxy-cache EXPIRED x-trans-id tx4e1893c8e46147a69f708-0066b1fd3b
GET H2	200	favicon.ico 6776.gofenews.com/	948 B 2 KB	28ms 28ms	Other image/vnd.microsoft.icon	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://6776.gofenews.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.26.0 / Resource Hash `2d0a4f5a77c788b084919b1b8cad5713d9dfc3388ef29969c4cb66c28092e683` Request headers Referer https://6776.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-proxy-cache HIT date Tue, 06 Aug 2024 10:38:52 GMT x-openstack-request-id txec2d01d5c36c4cafbe3c1-0066a29e46 x-cdn-host-id ds5859 content-length 948 x-trans-id txec2d01d5c36c4cafbe3c1-0066a29e46 last-modified Wed, 03 Apr 2024 11:38:28 GMT server nginx/1.26.0 etag 1fbdf735a0dd3e8321c5e0828a45a4d5 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/vnd.microsoft.icon access-control-allow-origin * x-timestamp 1712144307.61366 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Thu, 08 Aug 2024 10:38:52 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://6776.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2818.selornews.com
2xs4eumlc.com
321.selornews.com
54f10.gofenews.com
6776.gofenews.com
212.117.190.201
45.133.44.20
45.133.44.21
2d0a4f5a77c788b084919b1b8cad5713d9dfc3388ef29969c4cb66c28092e683
384a69bf79962bc6a05496750e610be69633ddbb81d1c4015f11bffd1a37b332
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
c9722915663a5626b778f60255e108338e0af09f0e6edc4307b3326e3fd14324
cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

6776.gofenews.com Open in urlscan Pro 45.133.44.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

3 IPs

2 Countries

32 kBTransfer

29 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

6776.gofenews.com Open in urlscan Pro
45.133.44.20 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

32 kB
Transfer

29 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions