54f10.gofenews.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 213.174.135.1, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 54f10.gofenews.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 2nd 2021. Valid for: a year.

This is the only time 54f10.gofenews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2

2 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

54f10.gofenews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2818.selornews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

321.selornews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	selornews.com 2818.selornews.com 321.selornews.com	9 KB
1	gofenews.com 54f10.gofenews.com	16 KB
3	2

	Domain	Requested by
1	321.selornews.com	54f10.gofenews.com
1	2818.selornews.com	54f10.gofenews.com
1	54f10.gofenews.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
*.gofenews.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-02` - `2022-07-02`	a year	crt.sh
*.selornews.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-18` - `2022-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://54f10.gofenews.com/dannig/tube-player/index.html?var=1873662&ymid=211028184688e2085c25df4e4c9c16037dad&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=ro&proxy=false
Frame ID: 42C5E89B240D6FC21CA4E5D49409B304
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

25 kB
Transfer

23 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response 54f10.gofenews.com/dannig/tube-player/	15 KB 16 KB	43ms 6ms	Document text/html	213.174.135.1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://54f10.gofenews.com/dannig/tube-player/index.html?var=1873662&ymid=211028184688e2085c25df4e4c9c16037dad&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=ro&proxy=false Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `50849c5b3115a53ee8aaa77e56c77cd86855b416633bc0bafb2add9d89eeb220` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 31 Oct 2021 06:42:45 GMT content-type text/html; charset=utf-8 content-length 15569 server nginx/1.18.0 last-modified Mon, 05 Jul 2021 17:21:19 GMT etag 37b05649c5762376fba511386e04c36d x-timestamp 1625505678.66205 x-trans-id tx71a3543a198a43789f337-00617824ed x-openstack-request-id tx71a3543a198a43789f337-00617824ed cache-control max-age=172800 access-control-allow-origin * access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp expires Tue, 02 Nov 2021 06:42:45 GMT vary Accept-Encoding x-proxy-cache HIT accept-ranges bytes
GET H2	200	script.js Show response 2818.selornews.com/dannig/tube-player/js/	3 KB 3 KB	28ms 7ms	Script text/javascript	213.174.135.1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://2818.selornews.com/dannig/tube-player/js/script.js?a=3 Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html?var=1873662&ymid=211028184688e2085c25df4e4c9c16037dad&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=ro&proxy=false Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `b4d57812bd551761b6ee8f83e1a4de7c7d27ac77d11cedfb8a9a7b8de3202875` Request headers Accept-Language de-DE,de;q=0.9 Referer https://54f10.gofenews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 31 Oct 2021 06:42:45 GMT x-openstack-request-id tx79954e2f90774bcba8d26-00617824f4 x-trans-id tx79954e2f90774bcba8d26-00617824f4 x-timestamp 1631013671.97781 accept-ranges bytes expires Tue, 02 Nov 2021 06:42:45 GMT last-modified Tue, 07 Sep 2021 11:21:12 GMT server nginx/1.18.0 etag 7bf718f21daa181562b0abf2b40587f6 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type text/javascript access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 2647 access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT
GET H2	200	skip-button.webp 321.selornews.com/dannig/tube-player/img/	5 KB 6 KB	26ms 6ms	Image image/webp	213.174.135.2 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://321.selornews.com/dannig/tube-player/img/skip-button.webp Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html?var=1873662&ymid=211028184688e2085c25df4e4c9c16037dad&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=ro&proxy=false Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 31 Oct 2021 06:42:45 GMT x-openstack-request-id txdf6f47093b0f482692473-00617824f4 x-trans-id txdf6f47093b0f482692473-00617824f4 x-timestamp 1608540262.03735 accept-ranges bytes expires Tue, 02 Nov 2021 06:42:45 GMT last-modified Mon, 21 Dec 2020 08:44:23 GMT server nginx/1.18.0 etag da2dc41d023f4fcc89675351f9117c3d vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 5006 access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2818.selornews.com
321.selornews.com
54f10.gofenews.com
213.174.135.1
213.174.135.2
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
50849c5b3115a53ee8aaa77e56c77cd86855b416633bc0bafb2add9d89eeb220
b4d57812bd551761b6ee8f83e1a4de7c7d27ac77d11cedfb8a9a7b8de3202875

54f10.gofenews.com Open in urlscan Pro 213.174.135.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

25 kBTransfer

23 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

54f10.gofenews.com Open in urlscan Pro
213.174.135.1 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

25 kB
Transfer

23 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions