urlscan.io logo urlscan.io
SecurityTrails logo

downfscr.xyz Open in urlscan Pro
2606:4700:3034::6815:4d3f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://downfscr.xyz/
Effective URL: https://downfscr.xyz/
Submission: On February 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3034::6815:4d3f, located in United States and belongs to CLOUDFLARENET, US. The main domain is downfscr.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 28th 2023. Valid for: a year.
This is the only time downfscr.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 173.233.137.44 7979 (SERVERS-COM)
1 142.91.159.141 7979 (SERVERS-COM)
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 6 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:11:... 13335 (CLOUDFLAR...)
1 130.211.31.231 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
23 12
6    2606:4700:3034::6815:4d3f (United States)

ASN13335 (CLOUDFLARENET, US)
downfscr.xyz
1    173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)
profitablegatetocontent.com
1    142.91.159.141 (Netherlands)

ASN7979 (SERVERS-COM, US)
bleokerrie.com
5    2606:4700:3037::6815:75 (United States)

ASN13335 (CLOUDFLARENET, US)
dmcdn.xyz
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2606:4700:3037::ac43:bd78 (United States)

ASN13335 (CLOUDFLARENET, US)
superonclick.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    2606:4700:11::6817:8919 (United States)

ASN13335 (CLOUDFLARENET, US)
thumb.fvs.io
1    130.211.31.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.31.211.130.bc.googleusercontent.com
discovernative.com
1    2606:4700:3030::ac43:b0aa (United States)

ASN13335 (CLOUDFLARENET, US)
vcdn.io
Apex Domain
Subdomains		 Transfer
6 downfscr.xyz
downfscr.xyz
42 KB
5 dmcdn.xyz
dmcdn.xyz
71 KB
3 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7221
2 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2228
73 KB
2 superonclick.com
superonclick.com — Cisco Umbrella Rank: 129327
6 KB
1 vcdn.io
vcdn.io — Cisco Umbrella Rank: 643763
950 B
1 discovernative.com
discovernative.com — Cisco Umbrella Rank: 148001
103 B
1 fvs.io
thumb.fvs.io — Cisco Umbrella Rank: 67284
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 100800
1 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
5 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
49 KB
1 bleokerrie.com
bleokerrie.com
1 KB
1 profitablegatetocontent.com
profitablegatetocontent.com — Cisco Umbrella Rank: 85952
23 13
Domain Requested by
6 downfscr.xyz 1 redirects downfscr.xyz
5 dmcdn.xyz 1 redirects downfscr.xyz
dmcdn.xyz
3 mc.yandex.com 1 redirects downfscr.xyz
dmcdn.xyz
3 mc.yandex.ru 1 redirects dmcdn.xyz
2 superonclick.com downfscr.xyz
1 vcdn.io downfscr.xyz
1 discovernative.com downfscr.xyz
1 thumb.fvs.io dmcdn.xyz
1 ufpcdn.com superonclick.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 pagead2.googlesyndication.com downfscr.xyz
1 bleokerrie.com downfscr.xyz
1 profitablegatetocontent.com downfscr.xyz
23 13

This site contains links to these domains. Also see Links.

Domain
discovernative.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-28 -
2024-01-28		 a year crt.sh
profitablegatetocontent.com
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh
bleokerrie.com
R3		 2022-12-24 -
2023-03-24		 3 months crt.sh
*.dmcdn.xyz
GTS CA 1P5		 2023-02-02 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
discovernative.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-30 -
2024-01-30		 a year crt.sh

This page contains 4 frames:

Primary Page: https://downfscr.xyz/
Frame ID: 79BFC5186A43BEE9AF1406B73F0C4F5E
Requests: 11 HTTP requests in this frame

Frame: https://vcdn.io/sandboxed?v=2.1
Frame ID: AD50F056B7908CBF94B91C72C3E44DAA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 7F8017536C53FB318945EE0E8294C5B9
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: EE97487739856F15EF573FE10389E48F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wohhin… embed source streamtape | Embed Videos Online Free

Page URL History Show full URLs

  1. http://downfscr.xyz/ HTTP 301
    https://downfscr.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

87 %
HTTPS

75 %
IPv6

13
Domains

13
Subdomains

12
IPs

4
Countries

248 kB
Transfer

761 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downfscr.xyz/ HTTP 301
    https://downfscr.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://mc.yandex.ru/watch/88698312 HTTP 302
  • https://mc.yandex.ru/watch/88698312/1
Request Chain 17
  • https://dmcdn.xyz/asset/userdata/378456/poster/e/z1/ez1wyu-3nr2ky-y.png?v=1676296711 HTTP 302
  • https://thumb.fvs.io/asset/userdata/378456/poster/e/z1/ez1wyu-3nr2ky-y.png?v=1676296711
Request Chain 19
  • https://mc.yandex.com/watch/49788082?wmode=7&page-url=https%3A%2F%2Fdmcdn.xyz%2Fv%2Fez1wyu-3nr2ky-y&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22378456%22%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A711844893431%3Ahid%3A100074434%3Az%3A0%3Ai%3A20230213154325%3Aet%3A1676303006%3Ac%3A1%3Arn%3A738890455%3Arqn%3A1%3Au%3A1676303006401214067%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A12%2C86%2C253%2C1%2C0%2C0%2C%2C139%2C0%2C%2C%2C%2C492%3Aco%3A0%3Acpf%3A1%3Ans%3A1676303004720%3Arqnl%3A1%3Ast%3A1676303006%3At%3AVideo%20Woh%203%20Din%20(2022)%20Hindi%20HQ%20HDRip%20x264%20AAC%20450MB%20ESub.mkv&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fdmcdn.xyz%2Fv%2Fez1wyu-3nr2ky-y&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22378456%22%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A711844893431%3Ahid%3A100074434%3Az%3A0%3Ai%3A20230213154325%3Aet%3A1676303006%3Ac%3A1%3Arn%3A738890455%3Arqn%3A1%3Au%3A1676303006401214067%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A12%2C86%2C253%2C1%2C0%2C0%2C%2C139%2C0%2C%2C%2C%2C492%3Aco%3A0%3Acpf%3A1%3Ans%3A1676303004720%3Arqnl%3A1%3Ast%3A1676303006%3At%3AVideo%20Woh%203%20Din%20%282022%29%20Hindi%20HQ%20HDRip%20x264%20AAC%20450MB%20ESub.mkv&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
downfscr.xyz/
Redirect Chain
  • http://downfscr.xyz/
  • https://downfscr.xyz/
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774f9a0ced408cad31c4115bd5b6c8c457b838d080409f4af007100a383d6ff7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
798eadf2cbaf381c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 Feb 2023 15:43:24 GMT
link
<https://downfscr.xyz/index.php?rest_route=/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJHmPSCZB7EFl%2Fj4hS7Cr4YHR7ktdM85aEOK50w1icVCuagAtF3IcZsUHMW07v6oxI%2FoKLodo%2BEJqXyGbmkuEjsXRtVZUu%2BulcyMSyyjm3LJFJeg0mtrvnMGla7sLsEli6EX7CXTXZrvalA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
miss
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
798eadf1fcdf3639-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 13 Feb 2023 15:43:24 GMT
Expires
Mon, 13 Feb 2023 16:43:24 GMT
Location
https://downfscr.xyz/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFBon7IBW3HOESI7oF%2FlLaClAwKi4n5FkqBb89UL6xcrZL4MQUJm6z2nIle1mluKFDS482ut0QOVmeegXhEkQPTRewmLiSz%2BIr2ghOlen6juI%2FVCctcPLyKSJeOPCpDCPKSbZD7LmUVw0V4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
downfscr.xyz/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downfscr.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Jan 2023 05:52:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
475363
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmIaxiNwIMr8koNYtP%2BnVsGWZLdnbfEN%2BTC82LEqbFNqx1dj2SswQbRtAhTVsu7p4ACbBeIPzNuTx6Fy%2BpBklFlddGBWc%2BKzKGn%2FlOKib2RapTwDS4pucs8nYJIKziTAr2DREA9D7%2B%2BUgMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
798eadf38c9e381c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 15 Feb 2023 03:40:41 GMT
classic-themes.min.css
downfscr.xyz/wp-includes/css/ 		217 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downfscr.xyz/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Jan 2023 05:52:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
475363
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCNaBdFpSF3XbguEECFDgKe5aIRpOWnLnu8cAUhpEe%2FlO%2B%2BUtLSejxl9O9Z%2B5gemJNyRDJjJYmlkpPKPvYcyb74us8fR8lZPjRDlGO0w%2Bvf%2BC05msYCq1Mqgpkmb6zdqtiu8wAfmi5kE6xY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
798eadf38ca1381c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 15 Feb 2023 03:40:41 GMT
style.css
downfscr.xyz/wp-content/themes/ivideo/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downfscr.xyz/wp-content/themes/ivideo/style.css?ver=6.1.1
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ee788393557979384e776bccdcdfbb23a33791516151e87e74d25ce6563837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Jan 2023 05:58:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
475363
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjfQ%2BhhioimLaNNtsw3y4o5Y%2BjWppLKb6HdKc7o6JFbby6TJdkF5YFSGfhNxX7JLZGAjAHtYhOWHHnHKENkh5P8JZX3DSL0JE5irAQTTbUMtqwDc1Fmrv0a7F2HFYVwkMy6zqlWx5zl1n2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
798eadf38ca2381c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 15 Feb 2023 03:40:41 GMT
68881dd8b72caf0194422455d0b10d44.js
profitablegatetocontent.com/68/88/1d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://profitablegatetocontent.com/68/88/1d/68881dd8b72caf0194422455d0b10d44.js
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 15:43:25 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
51454
bleokerrie.com/rjAjyTYF48fZsN/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bleokerrie.com/rjAjyTYF48fZsN/51454
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.91.159.141 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 15:43:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://downfscr.xyz
Access-Control-Allow-Methods
GET, POST, OPTIONS
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
ez1wyu-3nr2ky-y
dmcdn.xyz/v/ Frame AD50 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4852ce6cd2e72f97d2f60ad0e22fb31f0cff2153b59dcc765db08b9937a30d4e

Request headers

Referer
https://downfscr.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
798eadf43d8135df-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 Feb 2023 15:43:25 GMT
last-modified
Mon, 13 Feb 2023 14:42:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bsrp4FNtiknhsxRyNShuSecuci9oLKDNn4rPZ59XQhM6sVMOQSDwKcQ7NF54qtyVtEAH8Hepx2Mn89VHEzZLb4yXqoHJp7YubEjpQ7EdDQaqJVIS4eULKimPfx6eHPGCwe%2BNrPmgG8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3296b3e71ae93ad6b760399adcdf1b15dd206ba324eed865f687943d06d7d8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49604
x-xss-protection
0
server
cafe
etag
214204468036704809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 15:43:24 GMT
white_sand.png
downfscr.xyz/wp-content/themes/ivideo/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downfscr.xyz/wp-content/themes/ivideo/images/white_sand.png
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/wp-content/themes/ivideo/style.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/wp-content/themes/ivideo/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475362
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21591
last-modified
Mon, 20 Jul 2015 14:56:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd8PhH0U0PStog8VE7nsq4RhIC0h4XnG2Qil6PI8weDJ1qBJWOGW9N%2FfiGNhiA%2FljyprDBjcSeRkLcmTjoY57bOQzzhqSIqL%2BPLh%2FnDnZbYKw7rfowZeXiKEIkNEzmKyMyeUpzvrnCkyJvo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
798eadf3eae33a76-FRA
expires
Wed, 15 Feb 2023 03:40:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 7F80 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://downfscr.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 09:33:57 GMT
etag
10353107486223812946
expires
Mon, 27 Feb 2023 09:33:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
native_render.js
superonclick.com/script/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1834
x-guploader-uploadid
ADPycduP78nXLxakaecWjmeO1dcjCtQpt5mpZnDR1BFZLkmRAt5Vscanpl6y9u8z73NnPWWABeRkK7hI2Q7W84w5neDACQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
server
cloudflare
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
vary
Accept-Encoding
x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-generation
1550052950916101
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8G4H5KcCefcKA2XsdJqoI1Zg727QtsXOkIzTwptdDhMh9qW4nDoqfL6387WGtOw4iT2S6p3uCUhnxYZGdhHEufdf8umnccgkuCDCeLXFEwEu4nO4xeWBxlxlraE5Hwd2k3x1szQipXB4on%2FUuu3k"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
4285
cf-ray
798eadf65c7d2c3f-FRA
expires
Mon, 13 Feb 2023 15:29:10 GMT
native_server.js
superonclick.com/script/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1902
x-guploader-uploadid
ADPycdtdupf0qnnJ3hp1FnbbZ3RxC79v2uhI0gmpRzs-qxPWTV1Yg9NikVWv_7u_Vp15yqo9V3V6PhNA0E6N1ONhDCK_tm5kxcH9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
server
cloudflare
etag
W/"51d87e9ebd831fccab6a016079a60793"
vary
Accept-Encoding
x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-generation
1550052952705094
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4frGXaQoYYZ5imFSaCV1FRvXJbim9ihwTYsYLffE1qRkFRLuCcwV%2BNgQAeicFdfCYn8bf8ifC2QulJOu3djaKJbrPvWqOooP8Y4q7n5Ikv%2BwiFhuCGAQ0G0TU1Cs11%2FuwEz6tzBTIA%2BKMwRJHqqz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
9260
cf-ray
798eadf65c812c3f-FRA
expires
Mon, 13 Feb 2023 15:49:27 GMT
base.js
dmcdn.xyz/asset/default/player/ Frame AD50 		193 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmcdn.xyz/asset/default/player/base.js?v=1595607720
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ec4fa82e1f1be280988d19e4a075157077b867ec49c1017f1c57916587fdce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346
cf-polished
origSize=200366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 24 Jul 2020 16:22:00 GMT
server
cloudflare
etag
W/"5f1b0aa8-30eae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYXoYnn5Ns%2FLSh7mM%2FBxwBR%2FRT00EmJrQHeRiRw%2BQIQFSepX3SrtDziPA2n60LkPF2xRMrn6lu3S90lb9yvDLkuor%2FStFldjehrCRrfzOfOPdrzl92vVl9eyHhPZHeepJPESvrOAG9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
798eadf5ef9d35df-FRA
ez1wyu-3nr2ky-y
dmcdn.xyz/api/source/ Frame AD50 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmcdn.xyz/api/source/ez1wyu-3nr2ky-y
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/asset/default/player/base.js?v=1595607720
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a864fce1a3668c825af6bcf2f115bc02e60e35fd8c14e6c9ff2e41200b2bfe4

Request headers

Accept
*/*
Referer
https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDIvJFE3tRMOvkjJwa1wZ%2FiqjA3j8tzqQvEzIWoZsj8D2sclBn1wmuiC9hMmsXQV%2FT8UdZq9RdMn5kwVkUqE1oJFxh8zYZsmbm3IAE3gMMO08ey9Fiy6BXw2Jl6sfX2AtSlQ016CToY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
798eadf6aa2b9be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag.js
mc.yandex.ru/metrika/ Frame AD50 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmcdn.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 12:45:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63e36f34-11ffd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73725
expires
Mon, 13 Feb 2023 16:43:25 GMT
identify.html
ufpcdn.com/script/ Frame EE97 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer
https://downfscr.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
798eadf7f8369067-FRA
content-encoding
br
content-type
text/html
date
Mon, 13 Feb 2023 15:43:25 GMT
last-modified
Tue, 15 May 2018 06:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGRNWeRz9H9XVWmrqIgCRG2ZbuheeqH52k%2F3t87166H1C2YGdtnRRv3jpI72xoJv9HTh%2F0QTEwysvTwmUAxFElEdx%2BrY0PBKXyRR52zLU6YY4auxrgzzJ1t1fmkdR%2Fi2oj0377PLbMpC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
slim-3.2.min.js
dmcdn.xyz/asset/jquery/ Frame AD50 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmcdn.xyz/asset/jquery/slim-3.2.min.js?c=DE&t=501
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/asset/default/player/base.js?v=1595607720
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80413991fc8292c5505000e0b5681ef10844536724faef377f3deebd85de6e16

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK%2BXOcYpVBLakrSpXQTf90%2BdWb1I%2F%2BlGtb3hVmPcQ0DMxEgvCKl3WLGaV8B5Pd7PU%2BM5xi3%2BZzfojJ43vDgy9AjkQiRw35de7esMxc5k1Mk2YUppdVIEBZLP0D6cVj4fqlNiojVQzEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
798eadf81c639be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
mc.yandex.ru/watch/88698312/ Frame AD50
Redirect Chain
  • https://mc.yandex.ru/watch/88698312
  • https://mc.yandex.ru/watch/88698312/1
43 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/88698312/1
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmcdn.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 15:43:25 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 13-Feb-2023 15:43:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Feb-2023 15:43:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 15:43:25 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 13-Feb-2023 15:43:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/88698312/1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 13-Feb-2023 15:43:25 GMT
ez1wyu-3nr2ky-y.png
thumb.fvs.io/asset/userdata/378456/poster/e/z1/ Frame AD50
Redirect Chain
  • https://dmcdn.xyz/asset/userdata/378456/poster/e/z1/ez1wyu-3nr2ky-y.png?v=1676296711
  • https://thumb.fvs.io/asset/userdata/378456/poster/e/z1/ez1wyu-3nr2ky-y.png?v=1676296711
41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.fvs.io/asset/userdata/378456/poster/e/z1/ez1wyu-3nr2ky-y.png?v=1676296711
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
Protocol
H2
Server
2606:4700:11::6817:8919 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmcdn.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 13:58:31 GMT
server
cloudflare
age
3146
etag
"63ea4207-77c35"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
798eadf9d92a06b6-LHR
content-length
490549

Redirect headers

date
Mon, 13 Feb 2023 15:43:25 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ffTl2YGLE89qiXIPhOFjIjjMkbwG%2FVswULtNYC5N9N%2F3Bc5O%2Bwyvwut%2FFRUDc88FSd9%2FYLYqSlKDhCbQ8%2B8d5lIUiq%2Ft6xnhhiV0HNAkPFnI7Oc5eGcQnFLKLyn6c0eEZLG4FY9DOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://thumb.fvs.io/asset/userdata/378456/poster/e/z1/ez1wyu-3nr2ky-y.png?v=1676296711
cf-ray
798eadf82c719be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
native.php
discovernative.com/script/ 		0
103 B 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=4910187&cbrandom=0.8361405292640225&cbWidth=1600&cbHeight=1200&cbtitle=Wohhin%E2%80%A6%20embed%20source%20streamtape%20%7C%20Embed%20Videos%20Online%20Free&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&callback=jsonp475366
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.31.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downfscr.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Feb 2023 15:43:25 GMT
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1
mc.yandex.com/watch/49788082/ Frame AD50
Redirect Chain
  • https://mc.yandex.com/watch/49788082?wmode=7&page-url=https%3A%2F%2Fdmcdn.xyz%2Fv%2Fez1wyu-3nr2ky-y&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22378456%22%7D&b...
  • https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fdmcdn.xyz%2Fv%2Fez1wyu-3nr2ky-y&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22378456%22%7D...
447 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fdmcdn.xyz%2Fv%2Fez1wyu-3nr2ky-y&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22378456%22%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A711844893431%3Ahid%3A100074434%3Az%3A0%3Ai%3A20230213154325%3Aet%3A1676303006%3Ac%3A1%3Arn%3A738890455%3Arqn%3A1%3Au%3A1676303006401214067%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A12%2C86%2C253%2C1%2C0%2C0%2C%2C139%2C0%2C%2C%2C%2C492%3Aco%3A0%3Acpf%3A1%3Ans%3A1676303004720%3Arqnl%3A1%3Ast%3A1676303006%3At%3AVideo%20Woh%203%20Din%20%282022%29%20Hindi%20HQ%20HDRip%20x264%20AAC%20450MB%20ESub.mkv&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
84b516af2f59309a2ee3fd1d294d9308f501aa43f47464810885a75fd22530d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmcdn.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 15:43:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 13-Feb-2023 15:43:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dmcdn.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Mon, 13-Feb-2023 15:43:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 15:43:25 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 13-Feb-2023 15:43:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fdmcdn.xyz%2Fv%2Fez1wyu-3nr2ky-y&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22378456%22%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A711844893431%3Ahid%3A100074434%3Az%3A0%3Ai%3A20230213154325%3Aet%3A1676303006%3Ac%3A1%3Arn%3A738890455%3Arqn%3A1%3Au%3A1676303006401214067%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A12%2C86%2C253%2C1%2C0%2C0%2C%2C139%2C0%2C%2C%2C%2C492%3Aco%3A0%3Acpf%3A1%3Ans%3A1676303004720%3Arqnl%3A1%3Ast%3A1676303006%3At%3AVideo%20Woh%203%20Din%20%282022%29%20Hindi%20HQ%20HDRip%20x264%20AAC%20450MB%20ESub.mkv&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://dmcdn.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 13-Feb-2023 15:43:25 GMT
advert.gif
mc.yandex.com/metrika/ Frame AD50 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: dmcdn.xyz
URL: https://dmcdn.xyz/v/ez1wyu-3nr2ky-y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dmcdn.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:43:25 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 12:45:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63e36f34-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 13 Feb 2023 16:43:25 GMT
sandboxed
vcdn.io/ Frame AD50 		926 B
950 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vcdn.io/sandboxed?v=2.1
Requested by
Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b0aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca89796b400c633af201e0776aa6f082566f0ad597d317172ecc004bb144ab5f

Request headers

Referer
https://dmcdn.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1068717
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-cache-status
HIT
cf-ray
798eadfa2e913837-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 Feb 2023 15:43:25 GMT
last-modified
Wed, 01 Feb 2023 06:51:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME%2BKJC5WZJoyG5TLwEyP3yum9kId0BHiHFtfdpaJqFOgY99qN2Dsnusx1AyxqwkEpwUOYIIxjmEjgDk0xxKTgYaiGVe2t3sjldmJD%2Fk0cqDV%2BQ1SOEmQPIvYXrCaI0Ec8DRySD5E"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| oncontentvisibilityautostatechange object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request string| zone object| adcashUfp function| jsonp475366

16 Cookies

Domain/Path Name / Value
bleokerrie.com/ Name: GL_UI4
Value: eJw9j11OwzAQhJM6P1QlESPlABwhCSkqj4hD8Bit7SU1TezKMY24PRYSPM2n2VmNJkmSXVMjvRUC4ouOeCR5VH1%2FGrpheJan%2FqWNKDWp7omVIsXYm3UMJGcOGe4ntuyNGpXTXOEhnv6ci3WbzZBLT1ZXyJeYmCuU0rttZd8IZJYWRvF29i5qvtCn8xBd10Y2NnLaYufWRtR7lO%2FG6vhYH7Dr2roqEhyuM4UP55fR6CJFPnnSjPQVd4oCT85%2Fo9S8XoK7Am7W43%2F%2Bt1dssajQfDNxU%2B7Cmf0P2flLDg%3D%3D
bleokerrie.com/ Name: GL_GI10
Value: eJxNjF0KgkAUhXUsS%2FrjQgtoA4kFUs%2BW9NIehkmvMZRzh3GKbPVNGdHbOd%2FhO57nsfkUmNQw3ibxOk3jTbxKUgjOSMD2OYwLuilrWq5EjTA4oKmFaiE0eJakgGU5jLrMCyoR%2Bvt8%2Bcc%2B1ugoVLnI0Fylgl4hrfO%2FLXq3zozeZkcD2WiY7MjgMhPF5UTKzQotbzRiCZFbNBlhEaY%2F%2BjkJAxjKhmtDjzb0YWZljU9nc6qqBq1D%2Fj1kLzw8SQQ%3D
mc.yandex.ru/ Name: yabs-sid
Value: 543728271676303005
.yandex.ru/ Name: i
Value: UeXxfRJORI/ZYfXG63K8z3RjprW8nN4bbwKFnnoirH09NAOV+NwVwvPuNHCd9/Af9c0tTd55QhLC5L9Ox+u+sSEg1Q4=
.yandex.ru/ Name: yandexuid
Value: 7095509851676303005
.yandex.ru/ Name: yuidss
Value: 7095509851676303005
.yandex.ru/ Name: ymex
Value: 1707839005.yc.1676303005#1707839005.yrts.1676303005#1707839005.yrtsi.1676303005
.dmcdn.xyz/ Name: _ym_uid
Value: 1676303006401214067
.dmcdn.xyz/ Name: _ym_d
Value: 1676303006
downfscr.xyz/ Name: adcashufpv3
Value: 1217693891383356362945365970
.dmcdn.xyz/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 1714039091676303005
.yandex.com/ Name: i
Value: lv8SycLpsB/MGX8jM2cy4qJS0TmumlM2Y+Yrc206EPRz0BpkYwufAIwicjontMpSZC7pyxx4CwASFmO4g3PKA91sA1M=
.yandex.com/ Name: yandexuid
Value: 8781945861676303005
.yandex.com/ Name: yuidss
Value: 8781945861676303005
.yandex.com/ Name: ymex
Value: 1707839005.yc.1676303005#1707839005.yrts.1676303005#1707839005.yrtsi.1676303005

1 Console Messages

Source Level URL
Text
network error URL: https://profitablegatetocontent.com/68/88/1d/68881dd8b72caf0194422455d0b10d44.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bleokerrie.com
discovernative.com
dmcdn.xyz
downfscr.xyz
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
profitablegatetocontent.com
superonclick.com
thumb.fvs.io
ufpcdn.com
vcdn.io
130.211.31.231
142.91.159.141
173.233.137.44
2606:4700:11::6817:8919
2606:4700:3030::6815:2ed2
2606:4700:3030::ac43:b0aa
2606:4700:3034::6815:4d3f
2606:4700:3037::6815:75
2606:4700:3037::ac43:bd78
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a02:6b8::1:119
0a864fce1a3668c825af6bcf2f115bc02e60e35fd8c14e6c9ff2e41200b2bfe4
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f
3296b3e71ae93ad6b760399adcdf1b15dd206ba324eed865f687943d06d7d8ba
4852ce6cd2e72f97d2f60ad0e22fb31f0cff2153b59dcc765db08b9937a30d4e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
774f9a0ced408cad31c4115bd5b6c8c457b838d080409f4af007100a383d6ff7
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
80413991fc8292c5505000e0b5681ef10844536724faef377f3deebd85de6e16
84b516af2f59309a2ee3fd1d294d9308f501aa43f47464810885a75fd22530d3
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c8ee788393557979384e776bccdcdfbb23a33791516151e87e74d25ce6563837
ca89796b400c633af201e0776aa6f082566f0ad597d317172ecc004bb144ab5f
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec4fa82e1f1be280988d19e4a075157077b867ec49c1017f1c57916587fdce
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a