urlscan.io logo urlscan.io
SecurityTrails logo

fastvideos.xyz Open in urlscan Pro
104.21.39.47  Public Scan

Go To Rescan Add Verdict Report
URL: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Submission: On October 08 via manual from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 104.21.39.47, located in and belongs to CLOUDFLARENET, US. The main domain is fastvideos.xyz.
TLS certificate: Issued by R3 on September 2nd 2021. Valid for: 3 months.
This is the only time fastvideos.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.39.47 13335 (CLOUDFLAR...)
1 1 104.21.19.213 13335 (CLOUDFLAR...)
1 104.21.90.139 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
4 3
Domain Requested by
2 fastvideos.xyz fastvideos.xyz
1 arbourrenewal.com fastvideos.xyz
1 asianload.cc fastvideos.xyz
1 embed.dramacool.so 1 redirects
4 4

This site contains no links.

Subject Issuer Validity Valid
*.fastvideos.xyz
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
arbourrenewal.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Frame ID: 397309632E210EC90385468FE9949F81
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

legal full

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

71 kB
Transfer

201 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianload.cc/js/jw8.9/jwplayer.js?v=8.1

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request video.php
fastvideos.xyz/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.39.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86706d8c225860d37d9ba0d1e140cf61eb38f405d80331e1a161d04823ad1630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fastvideos.xyz
:scheme
https
:path
/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 08 Oct 2021 07:29:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=68ab22e072c57ffc8a7ec7c7777aad90; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRzxyHVLKtha2RtnXRd956kP3qFzR77WlMJSTL6eRKgNhn8eSsLKCDtlsY6oVZ2FTiWkfcsB52gJi2OP%2Byd8psiaznOef6iXJShUsbRc9feVbqRa1oPdcn2FB7dARtEc4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69ada8cf1e532790-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
fastvideos.xyz/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastvideos.xyz/js/jquery.min.js
Requested by
Host: fastvideos.xyz
URL: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.39.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://fastvideos.xyz
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
PHPSESSID=68ab22e072c57ffc8a7ec7c7777aad90
:path
/js/jquery.min.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fastvideos.xyz
referer
https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Origin
https://fastvideos.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 07:29:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
579963
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pEa7dyZDl0Yx2FRdpgJrJc3ve5zTShf5eOKJXT8OmNPJdCyBREEsTeVJPHM4UsiR5SM47mveKU59MnNXgqBbGin9Vtee%2BKPvYaUXVS50fG7JxFv6JAPtgjufCJRJKnjmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69ada8d12f352790-PRG
expires
Sun, 31 Oct 2021 14:23:37 GMT
jwplayer.js
asianload.cc/js/jw8.9/
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianload.cc/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianload.cc/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: fastvideos.xyz
URL: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.90.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fastvideos.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 07:29:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2070145
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Wed, 02 Dec 2020 04:33:22 GMT
server
cloudflare
etag
W/"5fc71912-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BjekkypoWgD1ZOJUain99sttrP0li0PJvMPNlvJtBrBLIDLMCzQ6FQVfucJI%2FJLfaJT0ITxpntrEwBlby%2FUV6I9ELFC4GsIe1HKzN2aD1EdAIHzk6axSynnTbzqIVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
69ada8d1b914f9ce-PRG
expires
Thu, 14 Oct 2021 08:27:15 GMT

Redirect headers

date
Fri, 08 Oct 2021 07:29:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGJX%2FpgnW4RLcrGZtkrLUCoEhSI9ryn7UVnts9y0yG5VcBGHZW0xaseyykWVpUZYFAVXQ%2BAy6O5Kjh%2FgVAdSzyZk0OuUid%2Fb8WAzXNu%2BZbpTjXyZTC66wCIOYgMLqKtVefK3tCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianload.cc/js/jw8.9/jwplayer.js?v=8.1
cf-ray
69ada8d149504309-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
invoke.js
arbourrenewal.com/fb504a00cca1a2855e957831e74ebe1b/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://arbourrenewal.com/fb504a00cca1a2855e957831e74ebe1b/invoke.js
Requested by
Host: fastvideos.xyz
URL: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://fastvideos.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Fri, 08 Oct 2021 07:29:40 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| jwDefaults object| webpackJsonpjwplayer function| jwplayer object| atOptions function| extractHostname number| tsr function| ad_timer function| skip_this_ad

1 Cookies

Domain/Path Name / Value
fastvideos.xyz/ Name: PHPSESSID
Value: 68ab22e072c57ffc8a7ec7c7777aad90

3 Console Messages

Source Level URL
Text
javascript warning URL: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09(Line 45)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://arbourrenewal.com/fb504a00cca1a2855e957831e74ebe1b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://fastvideos.xyz/video.php?id=d0RFVmk0RnE1RThKcGo2MFNqQUxwdz09(Line 45)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://arbourrenewal.com/fb504a00cca1a2855e957831e74ebe1b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://arbourrenewal.com/fb504a00cca1a2855e957831e74ebe1b/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block