blockedvideoss.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hifigif.cc/
Effective URL:
https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc8krtwE8aT&oaid=23032...
Submission: On March 22 via api (March 22nd 2023, 1:07:37 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is blockedvideoss.xyz. The Cisco Umbrella rank of the primary domain is 85616.
TLS certificate: Issued by GTS CA 1P5 on March 16th 2023. Valid for: 3 months.

This is the only time blockedvideoss.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.143.9.226 45.143.9.226	399045 (DEDIOUTLE...) (DEDIOUTLET-NETWORKS)
4	62.122.171.6 62.122.171.6	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	4

2 45.143.9.226 (Lithuania) 2 redirects

ASN399045 (DEDIOUTLET-NETWORKS, US)

hifigif.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 62.122.171.6 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.171.6.serverel.net

godpvqnszo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

blockedvideoss.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	godpvqnszo.com godpvqnszo.com — Cisco Umbrella Rank: 38014	19 KB
3	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 16931	18 KB
2	hifigif.cc 2 redirects hifigif.cc	566 B
1	blockedvideoss.xyz blockedvideoss.xyz — Cisco Umbrella Rank: 85616	3 KB
8	4

	Domain	Requested by
4	godpvqnszo.com	godpvqnszo.com
3	littlecdn.com	blockedvideoss.xyz littlecdn.com
2	hifigif.cc	2 redirects
1	blockedvideoss.xyz	godpvqnszo.com
8	4

This site contains links to these domains. Also see Links.

Domain
xxlargepop.com

Subject Issuer	Validity	Valid
Buypass Class 2 CA 5	`2023-02-05` - `2023-08-03`	6 months	crt.sh
*.blockedvideoss.xyz GTS CA 1P5	`2023-03-16` - `2023-06-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc8krtwE8aT&oaid=2303220807aa6a537329c4492088d5a36b35&rid={reverse_id%7C1224055}&s=2303220807aa6a537329c4492088d5a36b35&ssk=b29d75f6238b10925c70e4794a0a7f9b&svar=1679490452&vi=1&vo=1&z=1846500&tr=default
Frame ID: F7804655470014D8386D1059025F7B92
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Application

Page URL History Show full URLs

http://hifigif.cc/ HTTP 301
https://hifigif.cc/ HTTP 301
https://godpvqnszo.com/1846500/?var=1 Page URL
https://godpvqnszo.com/?r=dir&zoneid=1846500&var=1&pb=0c83e0f9f9525b8e866a246aff81c4471679497652&ps... Page URL
https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc... Page URL

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

40 kB
Transfer

68 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://xxlargepop.com/afu.php?zoneid=1237590&var=2303220807aa6a537329c4492088d5a36b35
Title: Go to site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hifigif.cc/ HTTP 301
https://hifigif.cc/ HTTP 301
https://godpvqnszo.com/1846500/?var=1 Page URL
https://godpvqnszo.com/?r=dir&zoneid=1846500&var=1&pb=0c83e0f9f9525b8e866a246aff81c4471679497652&psp=z_fuQkpySftDdSu3G5roOw6JVnkCfqS85ytmJQ2saDYTrlXGW4TOsPytwGwaJANawz9PW_iHXwNHlrNUtnQjWu7Fx9PsSo9bihueVS4EwrhaBx_lJiHbn7AYwgMvPP65nghMxQX73cxkRvlajRMrLQyao0IOfeF81gpl_2kF5-iuIasvSsFBFxYLmp1p0kfTJh7uRa6RsuILSlkAZmOcBzVF_fw1VIBmQLn9h7T8b51n-udnlv8Oh3BERGFfdElrfdY2j2jQ6WmaND7HvFqjldL-MpJYHozXLZ7Z4zMBMvCtYDfledZC1Ca9Xylig0qGwqx1RbrdWf-QDHy184TQXnl75vhMjtEcBivyabFkwILQySSzcbP1nlRzeWMXgQelfrdYgwK7iUBOVZOQ0pUM1hri9fbrvKl9dCOOyt1MfeKaDutPGiRLvQiTeY-Xy1UyqqyJKqmyGWMkvRTXWLpviOHY2oP61DXB7V1dX2II8bnBpae_It6LnPOwfnhL2aVAOzgOQ3jjqdfMlbwdD7B1NBRjnpmE23ULkdIrMjIvFoQZY5he22I-3krDiob_AVZmWB_9WCj13Gsiv_crsA1CZiRAq9cVlruN9gummMuILN6pmMTyr3psfkLvdgq9XR-gjsVbEcmuEE-5jZIYA8cR9v33cGCzGPQ4nbSyp9BjDOcgwRsvui-hf46PoM58bg0HMAHUnjrVWmb4eT0gjyNiGBO-yhyuO1mkeJs6kNZ-WuqZVVHtdCPCYw1S4M343MJIOcTb1rlPh2AMCzAJQEP4A5QIVYOg_ZItrGff6sVW8r9gTlB-n9J2H1-wKXlJtmj7tr2qxPP4XBRAFsTTqsMv-7xQhhH1WAuuVejQZSVkLrcffaWTzryODtjaYEmOVmlnMk3s_wFH12n2Hh021bj8xEfu1jc4ymsIChjsoyc0rL-bGK0rkqvG9DsOyfI2ii03hkP9Y_z4kus6N9TrHNwEwoPGCaAFROvHuA5_1klYjxO3OsnddJjMYRaF7MA6F6eZanZ02XjAqmPnY4lKhizGa4sXW4YqCgPZ7jHqoCHacexDgKHGSemmZnR9VHC6r8xlZTnyxrfuSx4=&nojs=0&ix=0&abvar=0&febuild=1.0.81&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&0&pload=1562&rlp=%5B0%2C8.799999952316284%2C27.700000047683716%2C15.700000047683716%2C2.1000001430511475%2C68.79999995231628%2C31.200000047683716%2C17.299999952316284%5D Page URL
https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc8krtwE8aT&oaid=2303220807aa6a537329c4492088d5a36b35&rid={reverse_id%7C1224055}&s=2303220807aa6a537329c4492088d5a36b35&ssk=b29d75f6238b10925c70e4794a0a7f9b&svar=1679490452&vi=1&vo=1&z=1846500&tr=default Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hifigif.cc/ HTTP 301
https://hifigif.cc/ HTTP 301
https://godpvqnszo.com/1846500/?var=1

8 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response godpvqnszo.com/1846500/ Redirect Chain http://hifigif.cc/ https://hifigif.cc/ https://godpvqnszo.com/1846500/?var=1	2 KB 2 KB	50ms 13ms	Document text/html	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://godpvqnszo.com/1846500/?var=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash `741340482755fd8399a8e4425e3f6f6e528a038b8335c15b8b65b242d985dead` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-encoding gzip content-type text/html; charset=utf-8 date Wed, 22 Mar 2023 13:07:32 GMT server nginx timing-allow-origin * vary Accept-Encoding x-route-id check.sumbit.dl Redirect headers content-length 162 content-type text/html date Wed, 22 Mar 2023 13:07:32 GMT location https://godpvqnszo.com/1846500/?var=1 server nginx strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff x-frame-options sameorigin x-xss-protection 1; mode=block
GET H2	200	submit.min.js Show response godpvqnszo.com/	28 KB 12 KB	16ms 16ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://godpvqnszo.com/submit.min.js?abvar= Requested by Host: godpvqnszo.com URL: https://godpvqnszo.com/1846500/?var=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash `05f7a9df5235475512ec5b17c30d7393c3915959ec8f285c05bd37d9a2127b66` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 13:07:32 GMT content-encoding gzip last-modified Tue, 21 Mar 2023 14:28:32 GMT server nginx accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data x-js-ab current etag W/"6419bf10-7016" vary Accept-Encoding content-type application/javascript timing-allow-origin *
GET H2	200	/ godpvqnszo.com/	7 KB 4 KB	33ms 32ms	Document text/html	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://godpvqnszo.com/?r=dir&zoneid=1846500&var=1&pb=0c83e0f9f9525b8e866a246aff81c4471679497652&psp=z_fuQkpySftDdSu3G5roOw6JVnkCfqS85ytmJQ2saDYTrlXGW4TOsPytwGwaJANawz9PW_iHXwNHlrNUtnQjWu7Fx9PsSo9bihueVS4EwrhaBx_lJiHbn7AYwgMvPP65nghMxQX73cxkRvlajRMrLQyao0IOfeF81gpl_2kF5-iuIasvSsFBFxYLmp1p0kfTJh7uRa6RsuILSlkAZmOcBzVF_fw1VIBmQLn9h7T8b51n-udnlv8Oh3BERGFfdElrfdY2j2jQ6WmaND7HvFqjldL-MpJYHozXLZ7Z4zMBMvCtYDfledZC1Ca9Xylig0qGwqx1RbrdWf-QDHy184TQXnl75vhMjtEcBivyabFkwILQySSzcbP1nlRzeWMXgQelfrdYgwK7iUBOVZOQ0pUM1hri9fbrvKl9dCOOyt1MfeKaDutPGiRLvQiTeY-Xy1UyqqyJKqmyGWMkvRTXWLpviOHY2oP61DXB7V1dX2II8bnBpae_It6LnPOwfnhL2aVAOzgOQ3jjqdfMlbwdD7B1NBRjnpmE23ULkdIrMjIvFoQZY5he22I-3krDiob_AVZmWB_9WCj13Gsiv_crsA1CZiRAq9cVlruN9gummMuILN6pmMTyr3psfkLvdgq9XR-gjsVbEcmuEE-5jZIYA8cR9v33cGCzGPQ4nbSyp9BjDOcgwRsvui-hf46PoM58bg0HMAHUnjrVWmb4eT0gjyNiGBO-yhyuO1mkeJs6kNZ-WuqZVVHtdCPCYw1S4M343MJIOcTb1rlPh2AMCzAJQEP4A5QIVYOg_ZItrGff6sVW8r9gTlB-n9J2H1-wKXlJtmj7tr2qxPP4XBRAFsTTqsMv-7xQhhH1WAuuVejQZSVkLrcffaWTzryODtjaYEmOVmlnMk3s_wFH12n2Hh021bj8xEfu1jc4ymsIChjsoyc0rL-bGK0rkqvG9DsOyfI2ii03hkP9Y_z4kus6N9TrHNwEwoPGCaAFROvHuA5_1klYjxO3OsnddJjMYRaF7MA6F6eZanZ02XjAqmPnY4lKhizGa4sXW4YqCgPZ7jHqoCHacexDgKHGSemmZnR9VHC6r8xlZTnyxrfuSx4=&nojs=0&ix=0&abvar=0&febuild=1.0.81&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&0&pload=1562&rlp=%5B0%2C8.799999952316284%2C27.700000047683716%2C15.700000047683716%2C2.1000001430511475%2C68.79999995231628%2C31.200000047683716%2C17.299999952316284%5D Requested by Host: godpvqnszo.com URL: https://godpvqnszo.com/submit.min.js?abvar= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-encoding gzip content-type text/html; charset=utf-8 date Wed, 22 Mar 2023 13:07:32 GMT server nginx timing-allow-origin * vary Accept-Encoding x-route-id redirect.dl
GET H2	200	Primary Request / Show response blockedvideoss.xyz/	5 KB 3 KB	100ms 68ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc8krtwE8aT&oaid=2303220807aa6a537329c4492088d5a36b35&rid={reverse_id%7C1224055}&s=2303220807aa6a537329c4492088d5a36b35&ssk=b29d75f6238b10925c70e4794a0a7f9b&svar=1679490452&vi=1&vo=1&z=1846500&tr=default Requested by Host: godpvqnszo.com URL: https://godpvqnszo.com/?r=dir&zoneid=1846500&var=1&pb=0c83e0f9f9525b8e866a246aff81c4471679497652&psp=z_fuQkpySftDdSu3G5roOw6JVnkCfqS85ytmJQ2saDYTrlXGW4TOsPytwGwaJANawz9PW_iHXwNHlrNUtnQjWu7Fx9PsSo9bihueVS4EwrhaBx_lJiHbn7AYwgMvPP65nghMxQX73cxkRvlajRMrLQyao0IOfeF81gpl_2kF5-iuIasvSsFBFxYLmp1p0kfTJh7uRa6RsuILSlkAZmOcBzVF_fw1VIBmQLn9h7T8b51n-udnlv8Oh3BERGFfdElrfdY2j2jQ6WmaND7HvFqjldL-MpJYHozXLZ7Z4zMBMvCtYDfledZC1Ca9Xylig0qGwqx1RbrdWf-QDHy184TQXnl75vhMjtEcBivyabFkwILQySSzcbP1nlRzeWMXgQelfrdYgwK7iUBOVZOQ0pUM1hri9fbrvKl9dCOOyt1MfeKaDutPGiRLvQiTeY-Xy1UyqqyJKqmyGWMkvRTXWLpviOHY2oP61DXB7V1dX2II8bnBpae_It6LnPOwfnhL2aVAOzgOQ3jjqdfMlbwdD7B1NBRjnpmE23ULkdIrMjIvFoQZY5he22I-3krDiob_AVZmWB_9WCj13Gsiv_crsA1CZiRAq9cVlruN9gummMuILN6pmMTyr3psfkLvdgq9XR-gjsVbEcmuEE-5jZIYA8cR9v33cGCzGPQ4nbSyp9BjDOcgwRsvui-hf46PoM58bg0HMAHUnjrVWmb4eT0gjyNiGBO-yhyuO1mkeJs6kNZ-WuqZVVHtdCPCYw1S4M343MJIOcTb1rlPh2AMCzAJQEP4A5QIVYOg_ZItrGff6sVW8r9gTlB-n9J2H1-wKXlJtmj7tr2qxPP4XBRAFsTTqsMv-7xQhhH1WAuuVejQZSVkLrcffaWTzryODtjaYEmOVmlnMk3s_wFH12n2Hh021bj8xEfu1jc4ymsIChjsoyc0rL-bGK0rkqvG9DsOyfI2ii03hkP9Y_z4kus6N9TrHNwEwoPGCaAFROvHuA5_1klYjxO3OsnddJjMYRaF7MA6F6eZanZ02XjAqmPnY4lKhizGa4sXW4YqCgPZ7jHqoCHacexDgKHGSemmZnR9VHC6r8xlZTnyxrfuSx4=&nojs=0&ix=0&abvar=0&febuild=1.0.81&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&0&pload=1562&rlp=%5B0%2C8.799999952316284%2C27.700000047683716%2C15.700000047683716%2C2.1000001430511475%2C68.79999995231628%2C31.200000047683716%2C17.299999952316284%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.16 Resource Hash `0d6dccb788dcc9d6cf1564c0e3c7383a2186d10abad63f29c8de2ecbea5e9ec7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7abea882bc6b39c7-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 22 Mar 2023 13:07:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEngXcXOM7cfyaEDG6Xifmp7Wm3skCuSVOVq59eG%2FOb0frLU%2B9aT4WBGsPetShgyI6NzgwuIUg7h2KWJynJkOAh4Y6w5YnVQM3LvTXpVrK%2FtIB1jxWiLZ3yhp%2FLLiepSAFWtOnxdyDsXv1iO9WarbWQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.16
POST H2	200	dupa.gif godpvqnszo.com/	43 B 620 B	14ms 13ms	Ping image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://godpvqnszo.com/dupa.gif?z=1846500&var=1&pb=0c83e0f9f9525b8e866a246aff81c4471679497652&psp=FHmMq_HeNUIbSXVvnnjiKN2Wz54H5tWnhgwnuAeP1oVLgeYfmJEEseXhAADMSql0z8teh2OlSmY4jYnmxXJl9Qq2M_sr7jBaKH9TzJCSWilh1gJVGJ841x3CcWH4JXxiAZ7HNz7JBlchAmVP9cLyPNZxMxo9Ju-q9kCLmuwli7ZqqMfx3XCajC02rBvGi-JVeF3QJeqsWmPVqzGTdBGP0ij-XsfrYwDsZO0V8IY39JNPPyEN2ciJUVgL1LVyJF0qWm_TH6uOT4hhDoNG5M5CAi65QysECaPFSmUaT4lbmtkShy69SFghMbjipdkupjD0AojyfxH2MgeBjG3VC2DGZOqDRo-90yg1rqtc548OnKHup_iIb0ZY4ClgnkEt9Uvr6sBotJQKNX64Ps721DD1yxW4WJaoTgnQ-HGQnGFjkN82bDrdlNeHqEmraqADsSh80n2GLhFSbtH67bnrythmD3ZW5ctBstK8lPTa1LiGDrHifJmb06JKA88JqPuHGq4f9BEy8xnbT6lit2Xc74Titoe2qYJH-tej4Vq1HZZIV2scMQPyAfnNbUQ-TUtISBT9CoFFucpWiblITAaqXySkeffv-cksW78A-pZRqEoa_nxnXZQ0PP1zjeLnNuncRlEHt7hw7b4Y_bSsN7Sb4GTMvPMEZdnRah54mpuuuIgsJ6T66sqSewKDa8WxtEgfMYMTTS_h0KQRxGAji748pxqNdIBlSERUolmAuJmDpdyd2F2xFuJ5nDLp38s6xf2NLWEcV-gPG36wXt_rANkYD1b2VKhirmKyq5lsVx0mawoSuluuGId2_LELCorwGITjRxCgb7DJw0m_J8plL5Wwt8o12VIUReaf4Sytt6ZCPqxqZwhzkwi_3-8O6QQwPu9vN7JKMB5A9H8pQKtRFBt-JU1DPe77y1CXvlKOtRvdtRxAX61nOarUohmYi730wHaI3tqRFHnzxIf67NZvvN_CGPPwyul9mnB7zS2AFmKJ5azofTJwAxUpI116fKhDt3Md6guh5_blsaM9RTSuYQulOaB1T4iivXRtRjjg74GqSE-3Nla1A0YF30LWv5Lmn7UhgNmY6MhVxigwKh8=&abvar=0&pload=67&rlp=%5B0%2C0%2C0%2C0%2C-34.799999952316284%2C-0.6000001430511475%2C-2.299999952316284%2C0%5D Requested by Host: godpvqnszo.com URL: https://godpvqnszo.com/?r=dir&zoneid=1846500&var=1&pb=0c83e0f9f9525b8e866a246aff81c4471679497652&psp=z_fuQkpySftDdSu3G5roOw6JVnkCfqS85ytmJQ2saDYTrlXGW4TOsPytwGwaJANawz9PW_iHXwNHlrNUtnQjWu7Fx9PsSo9bihueVS4EwrhaBx_lJiHbn7AYwgMvPP65nghMxQX73cxkRvlajRMrLQyao0IOfeF81gpl_2kF5-iuIasvSsFBFxYLmp1p0kfTJh7uRa6RsuILSlkAZmOcBzVF_fw1VIBmQLn9h7T8b51n-udnlv8Oh3BERGFfdElrfdY2j2jQ6WmaND7HvFqjldL-MpJYHozXLZ7Z4zMBMvCtYDfledZC1Ca9Xylig0qGwqx1RbrdWf-QDHy184TQXnl75vhMjtEcBivyabFkwILQySSzcbP1nlRzeWMXgQelfrdYgwK7iUBOVZOQ0pUM1hri9fbrvKl9dCOOyt1MfeKaDutPGiRLvQiTeY-Xy1UyqqyJKqmyGWMkvRTXWLpviOHY2oP61DXB7V1dX2II8bnBpae_It6LnPOwfnhL2aVAOzgOQ3jjqdfMlbwdD7B1NBRjnpmE23ULkdIrMjIvFoQZY5he22I-3krDiob_AVZmWB_9WCj13Gsiv_crsA1CZiRAq9cVlruN9gummMuILN6pmMTyr3psfkLvdgq9XR-gjsVbEcmuEE-5jZIYA8cR9v33cGCzGPQ4nbSyp9BjDOcgwRsvui-hf46PoM58bg0HMAHUnjrVWmb4eT0gjyNiGBO-yhyuO1mkeJs6kNZ-WuqZVVHtdCPCYw1S4M343MJIOcTb1rlPh2AMCzAJQEP4A5QIVYOg_ZItrGff6sVW8r9gTlB-n9J2H1-wKXlJtmj7tr2qxPP4XBRAFsTTqsMv-7xQhhH1WAuuVejQZSVkLrcffaWTzryODtjaYEmOVmlnMk3s_wFH12n2Hh021bj8xEfu1jc4ymsIChjsoyc0rL-bGK0rkqvG9DsOyfI2ii03hkP9Y_z4kus6N9TrHNwEwoPGCaAFROvHuA5_1klYjxO3OsnddJjMYRaF7MA6F6eZanZ02XjAqmPnY4lKhizGa4sXW4YqCgPZ7jHqoCHacexDgKHGSemmZnR9VHC6r8xlZTnyxrfuSx4=&nojs=0&ix=0&abvar=0&febuild=1.0.81&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&0&pload=1562&rlp=%5B0%2C8.799999952316284%2C27.700000047683716%2C15.700000047683716%2C2.1000001430511475%2C68.79999995231628%2C31.200000047683716%2C17.299999952316284%5D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 13:07:32 GMT x-route-id stats.redirect-pixel server nginx accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	style.css littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/css/	9 KB 6 KB	47ms 18ms	Stylesheet text/css	2606:4700:10::ac43:a62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/css/style.css?v=1472120479969 Requested by Host: blockedvideoss.xyz URL: https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc8krtwE8aT&oaid=2303220807aa6a537329c4492088d5a36b35&rid={reverse_id%7C1224055}&s=2303220807aa6a537329c4492088d5a36b35&ssk=b29d75f6238b10925c70e4794a0a7f9b&svar=1679490452&vi=1&vo=1&z=1846500&tr=default Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `79510ceb875f182d5520c378a9678fe158e8a4d698b83123ae6601592b33bba0` Request headers accept-language de-DE,de;q=0.9 Referer https://blockedvideoss.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 13:07:33 GMT content-encoding br cf-cache-status HIT last-modified Wed, 22 Mar 2023 10:07:02 GMT server cloudflare age 7018 etag W/"641ad346-250a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type text/css access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 cf-ray 7abea8835a3c37cb-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	script.js Show response littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/js/	1 KB 518 B	50ms 22ms	Script application/javascript	2606:4700:10::ac43:a62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/js/script.js?v=1472120479970 Requested by Host: blockedvideoss.xyz URL: https://blockedvideoss.xyz/?b=2224588&ba=1&campid=544004&did={deviceid}&dm=0&ep=1&g=de&i18db=1&l=lVs4tc8krtwE8aT&oaid=2303220807aa6a537329c4492088d5a36b35&rid={reverse_id%7C1224055}&s=2303220807aa6a537329c4492088d5a36b35&ssk=b29d75f6238b10925c70e4794a0a7f9b&svar=1679490452&vi=1&vo=1&z=1846500&tr=default Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `09da9a6e58210deed074de585eae3289bd6a64991e70fde87f24d8b387920f7f` Request headers accept-language de-DE,de;q=0.9 Referer https://blockedvideoss.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 13:07:33 GMT content-encoding br cf-cache-status HIT last-modified Wed, 22 Mar 2023 10:07:02 GMT server cloudflare age 1468 etag W/"641ad346-553" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 cf-ray 7abea8835a4237cb-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	bg.png littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/images/	12 KB 12 KB	17ms 17ms	Image image/png	2606:4700:10::ac43:a62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/images/bg.png Requested by Host: littlecdn.com URL: https://littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/css/style.css?v=1472120479969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0197a846a83e3b5fa20b4c4cd4f5cb4a5dd2fa6aa6308b983d33df2eb878b95b` Request headers accept-language de-DE,de;q=0.9 Referer https://littlecdn.com/clickadu/templates/onebutton/rcaptcha-noR/css/style.css?v=1472120479969 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 13:07:33 GMT cf-cache-status HIT age 6787 content-length 11975 last-modified Wed, 22 Mar 2023 10:07:02 GMT server cloudflare etag "641ad346-2ec7" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 accept-ranges bytes cf-ray 7abea8838a8437cb-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `10f68b947be20624d320e7e93394e25142195936c683730d03f310bdbe6fe216` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
godpvqnszo.com/	1970-01-20 19:17:06	Name: UID Value: 2303220807c37d5b2e5f2946a39d136d825e
godpvqnszo.com/	1970-01-20 10:32:56	Name: OXCCLK Value: AAhNBAAAAAAAAAAB
godpvqnszo.com/	1970-01-20 10:32:56	Name: OXPCLK Value: AABvoAAAAAAAAAAB
godpvqnszo.com/	1970-01-20 10:32:56	Name: ppucnt Value: 1
blockedvideoss.xyz/	1970-01-20 10:31:34	Name: reverse Value: B1_V0R44ONDp9vy0jJM0nUkNBWgYjKihsFogL8-ZZVw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blockedvideoss.xyz
godpvqnszo.com
hifigif.cc
littlecdn.com
2606:4700:10::ac43:a62
2a06:98c1:3120::3
45.143.9.226
62.122.171.6
0197a846a83e3b5fa20b4c4cd4f5cb4a5dd2fa6aa6308b983d33df2eb878b95b
05f7a9df5235475512ec5b17c30d7393c3915959ec8f285c05bd37d9a2127b66
09da9a6e58210deed074de585eae3289bd6a64991e70fde87f24d8b387920f7f
0d6dccb788dcc9d6cf1564c0e3c7383a2186d10abad63f29c8de2ecbea5e9ec7
10f68b947be20624d320e7e93394e25142195936c683730d03f310bdbe6fe216
741340482755fd8399a8e4425e3f6f6e528a038b8335c15b8b65b242d985dead
79510ceb875f182d5520c378a9678fe158e8a4d698b83123ae6601592b33bba0

blockedvideoss.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

40 kBTransfer

68 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

blockedvideoss.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

40 kB
Transfer

68 kB
Size

5
Cookies

8 HTTP transactions
1 data transactions