news-xecofa.cc Open in urlscan Pro
149.7.16.223  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response news-xecofa.cc/20/	1 KB 1 KB	205ms 138ms	Document text/html	149.7.16.223 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= Protocol HTTP/1.1 Server 149.7.16.223 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 223-16-7-149.clients.gthost.com Software nginx / Resource Hash fd43e42602515cadcd330189a1eb7bea0254931fe084a8a2f5b63490b5afc4a6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Fri, 21 Jan 2022 13:08:18 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Cache-Control no-cache, must-revalidate Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	style.css news-xecofa.cc/20/	3 KB 3 KB	78ms 77ms	Stylesheet text/css	149.7.16.223 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL http://news-xecofa.cc/20/style.css Requested by Host: news-xecofa.cc URL: http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= Protocol HTTP/1.1 Server 149.7.16.223 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 223-16-7-149.clients.gthost.com Software nginx / Resource Hash c6d00bfe3390daaf3b6586a614514028b87e35319568e41fea77bea216654224 Request headers Accept-Language de-DE,de;q=0.9 Referer http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 13:08:18 GMT Last-Modified Thu, 01 Jul 2021 11:09:58 GMT Server nginx ETag "60dda286-b81" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2945
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.6.8/	21 KB 7 KB	170ms 18ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.6.8/firebase-app.js Requested by Host: news-xecofa.cc URL: http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://news-xecofa.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 01:33:29 GMT content-encoding gzip x-content-type-options nosniff age 41689 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6966 x-xss-protection 0 last-modified Thu, 01 Jul 2021 23:11:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 21 Jan 2023 01:33:29 GMT
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/8.6.8/	40 KB 11 KB	175ms 24ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js Requested by Host: news-xecofa.cc URL: http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://news-xecofa.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 01:33:29 GMT content-encoding gzip x-content-type-options nosniff age 41689 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10869 x-xss-protection 0 last-modified Thu, 01 Jul 2021 23:11:55 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 21 Jan 2023 01:33:29 GMT
GET H/1.1	200 OK	revopush.js Show response news-xecofa.cc/	6 KB 7 KB	114ms 35ms	Script application/javascript	149.7.16.223 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL http://news-xecofa.cc/revopush.js Requested by Host: news-xecofa.cc URL: http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= Protocol HTTP/1.1 Server 149.7.16.223 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 223-16-7-149.clients.gthost.com Software nginx / Resource Hash 336e4d334b0f2c39b10ed0dbfb403079f4e3ee6c9f9c3b76952e32c81e06123f Request headers Accept-Language de-DE,de;q=0.9 Referer http://news-xecofa.cc/20/?site=8033967&sub1=sub1&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 13:08:18 GMT Last-Modified Thu, 01 Jul 2021 11:09:58 GMT Server nginx ETag "60dda286-1930" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6448
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	117ms 49ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic Requested by Host: news-xecofa.cc URL: http://news-xecofa.cc/20/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6b6832d0efde9ad15c7fa45f074b433108e35ba64c2bde31f4c374dcfc905c30 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://news-xecofa.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 21 Jan 2022 13:08:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 21 Jan 2022 13:08:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Jan 2022 13:08:18 GMT
GET H/1.1	200 OK	girls.jpg news-xecofa.cc/20/	148 KB 148 KB	30ms 26ms	Image image/jpeg	149.7.16.223 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL http://news-xecofa.cc/20/girls.jpg Requested by Host: news-xecofa.cc URL: http://news-xecofa.cc/20/style.css Protocol HTTP/1.1 Server 149.7.16.223 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 223-16-7-149.clients.gthost.com Software nginx / Resource Hash 9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30 Request headers Accept-Language de-DE,de;q=0.9 Referer http://news-xecofa.cc/20/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 13:08:19 GMT Last-Modified Thu, 01 Jul 2021 11:09:58 GMT Server nginx ETag "60dda286-24ee6" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 151270
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	63ms 14ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://news-xecofa.cc Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:56:19 GMT x-content-type-options nosniff age 155520 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 19 Jan 2023 17:56:19 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	73ms 24ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://news-xecofa.cc Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 13:39:48 GMT x-content-type-options nosniff age 602911 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 14 Jan 2023 13:39:48 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| firebase object| firebaseConfig boolean| blockBackBtn function| isFirst function| onDefault function| nextDomainURL function| httpGet function| saveToken function| getNextURL function| redirectToTB function| fullscreenReq

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			news-xecofa.cc/20	1970-01-20 18:26:42	Name: uuid Value: c4bb4ae2-4aae-4447-b6c5-886c5a9598a2
			news-xecofa.cc/	1970-01-20 08:50:42	Name: fcm_account_id Value: 56
			news-xecofa.cc/	1970-01-20 00:19:34	Name: clickdata Value: ODAzMzk2N3w6fDIwfDp8fDp8fDp8fDp8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
news-xecofa.cc
www.gstatic.com
149.7.16.223
2a00:1450:4001:827::2003
2a00:1450:4001:830::200a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4
336e4d334b0f2c39b10ed0dbfb403079f4e3ee6c9f9c3b76952e32c81e06123f
6b6832d0efde9ad15c7fa45f074b433108e35ba64c2bde31f4c374dcfc905c30
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30
c6d00bfe3390daaf3b6586a614514028b87e35319568e41fea77bea216654224
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
fd43e42602515cadcd330189a1eb7bea0254931fe084a8a2f5b63490b5afc4a6
fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54