urlscan.io logo urlscan.io
SecurityTrails logo

vast.reyden-x.com Open in urlscan Pro
2606:4700:20::6819:416b  Public Scan

Go To Rescan Add Verdict Report
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Submission: On September 02 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::6819:416b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is vast.reyden-x.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on May 29th 2019. Valid for: 6 months.
This is the only time vast.reyden-x.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.43.123.124 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2a02:6b8::1:119 13238 (YANDEX)
1 3 149.5.244.28 174 (COGENT-174)
2 92.38.138.76 199524 (GCORE)
1 92.38.138.149 199524 (GCORE)
25 9
15    2606:4700:20::6819:416b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
vast.reyden-x.com
reyden-x.com
stream.reyden-x.com
1    23.43.123.124 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-123-124.deploy.static.akamaitechnologies.com
player.twitch.tv
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
3    149.5.244.28 (Helsinki, Finland)

ASN174 (COGENT-174 - Cogent Communications, US)
mc.webvisor.org
2    92.38.138.76 (Moscow, Russian Federation)

ASN199524 (GCORE, AT)
PTR: f9.moevideo.net
moevideo.biz
1    92.38.138.149 (Moscow, Russian Federation)

ASN199524 (GCORE, AT)
PTR: f3.moevideo.net
playreplay.me
Domain Requested by
12 vast.reyden-x.com vast.reyden-x.com
4 mc.yandex.ru 2 redirects vast.reyden-x.com
cdn.jsdelivr.net
3 mc.webvisor.org 1 redirects vast.reyden-x.com
2 moevideo.biz vast.reyden-x.com
2 stream.reyden-x.com vast.reyden-x.com
1 playreplay.me moevideo.biz
1 cdn.jsdelivr.net vast.reyden-x.com
1 player.twitch.tv vast.reyden-x.com
1 reyden-x.com vast.reyden-x.com
25 9

This site contains no links.

Subject Issuer Validity Valid
ssl377563.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-29 -
2019-12-05		 6 months crt.sh
twitch.tv
DigiCert SHA2 Secure Server CA		 2019-06-08 -
2020-09-06		 a year crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-06 -
2019-10-13		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
mc.webvisor.org
Yandex CA		 2019-05-08 -
2020-05-07		 a year crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2019-05-15 -
2020-05-15		 a year crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2019-03-12 -
2020-03-12		 a year crt.sh

This page contains 6 frames:

Primary Page: https://vast.reyden-x.com/frame/yt.php?sid=
Frame ID: AE5B2D3D80CE2326F475F357029CF109
Requests: 10 HTTP requests in this frame

Frame: https://vast.reyden-x.com/frame/viboom.php?sid=
Frame ID: DC418D232BDA4A128A1428201BBD19BD
Requests: 13 HTTP requests in this frame

Frame: data://truncated
Frame ID: 566ADDEE5A00FD4A4FFD5B7F17971B20
Requests: 1 HTTP requests in this frame

Frame: https://vast.reyden-x.com/jwplayer/gcid-0.1.2.html?aid=42B76lEqEeKkoiIACp8kUw&id=q1fx20VZ&emi=1w3zf6roct2g&pli=fzw75ru4mie5&pv=8.9.2&tv=3.13.0
Frame ID: C5BC2113D8F935B1B6EB5F48FBB200FD
Requests: 1 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1542/vpaid/vpaid.min.js
Frame ID: EAED9CB2B5A642AE277155731EAA5504
Requests: 1 HTTP requests in this frame

Frame: https://playreplay.me/embed/vpaid?token=M4YzBTltbrYfA91KpF0pyg87a5oIY6eLBWRPAmj%2FxS0JDGEtzV7FJIQi5ZKC8Vsw&ref=vidshare.ru&title=&duration=0&test=0&impressionAfterPaid=1&es=1&mvver=1542
Frame ID: F2E5360E60C630D57FB5AA01B2A7A404
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

25
Requests

96 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

282 kB
Transfer

1001 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1712%3Awv%3A2%3Ast%3A1567384734%3Au%3A1567384734185132840%3Ahi%3A HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1712%3Awv%3A2%3Ast%3A1567384734%3Au%3A1567384734185132840%3Ahi%3A
Request Chain 10
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=4953.2hjZTWNPnVcdcUoaBdFCQX_dnyb1p19oZIo6qMEEvgT9JbWcW33yTuwKu6YQ-HI8.mgl95Kda8mSz8SvFNAf96CXomMc%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=4953.ZV31gdvPaXHEyQHGu8BEugah6oR4T8DaFLk82_qhES7DCpiYTVhXXOdKWVSVs2l4sxw3e2xo-sYJ5Lglk3hkx3HJN1SEi6pyKs9JVCGUbuI%2C.UnoMAPq8kfR0iaPlAXw7d7Zrm7I%2C

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yt.php
vast.reyden-x.com/frame/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.26
Resource Hash
1642dda8ec56a8e2ab9a08e3de0eda018695c65c18752e71ac7a179f38f95ca1

Request headers

:method
GET
:authority
vast.reyden-x.com
:scheme
https
:path
/frame/yt.php?sid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
referer
https://yt.advmaker.su/

Response headers

status
200
date
Mon, 02 Sep 2019 00:38:54 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2053bd15e61c5a6ffec760b18ae6c5bd1567384733; expires=Tue, 01-Sep-20 00:38:53 GMT; path=/; domain=.reyden-x.com; HttpOnly PHPSESSID=i0mg4lhn87spqa2tsn0l04t461; path=/ country_code=DE; expires=Tue, 03-Sep-2019 00:38:54 GMT; Max-Age=86400; path=/; domain=.reyden-x.com; secure country_name=Germany; expires=Tue, 03-Sep-2019 00:38:54 GMT; Max-Age=86400; path=/; domain=.reyden-x.com; secure
x-powered-by
PHP/7.0.26
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50fb6c7b0b91cba4-VIE
content-encoding
br
pre-roll.min.css
reyden-x.com/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reyden-x.com/css/pre-roll.min.css
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c476d5f0fc1eba2e043b785c0a87c843f50b8a7bef370bf9662ecfe152f72445

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Sep 2018 16:45:22 GMT
server
cloudflare
age
1717
etag
W/"5b9942a2-411e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=1800
cf-ray
50fb6c7d1e7ecba4-VIE
expires
Mon, 02 Sep 2019 01:08:54 GMT
v1.js
player.twitch.tv/js/embed/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.twitch.tv/js/embed/v1.js
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.123.124 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-123-124.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0d049dbfc0bff95af708d5a43b2c549023fd3088f24c13fd2855f0a41e644850

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 23:46:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
status
200
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
content-length
15368
x-amz-cf-id
Np-H8YQF667ftLp7n4o7hvzUgv-WvPso9PfbJb17wXcavp55uQeIVg==
expires
Mon, 02 Sep 2019 00:39:54 GMT
viboom.php
vast.reyden-x.com/frame/ Frame DC41 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/frame/viboom.php?sid=
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.26
Resource Hash
a58e9da8e7874c3445e13f01f41b7cd94fe60124c9651b16e4b1e496b345ac53

Request headers

:method
GET
:authority
vast.reyden-x.com
:scheme
https
:path
/frame/viboom.php?sid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://vast.reyden-x.com/frame/yt.php?sid=
accept-encoding
gzip, deflate, br
cookie
__cfduid=d2053bd15e61c5a6ffec760b18ae6c5bd1567384733; PHPSESSID=i0mg4lhn87spqa2tsn0l04t461; country_code=DE; country_name=Germany
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
referer
https://yt.advmaker.su/
Referer
https://vast.reyden-x.com/frame/yt.php?sid=

Response headers

status
200
date
Mon, 02 Sep 2019 00:38:54 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50fb6c7d4ec1cba4-VIE
content-encoding
br
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		357 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf6475ea31266d6784fad7304c95cfa5b991d1308bede8daf248a3f9523e78e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42483
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21033-AMS, cache-hhn4059-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"59598-uXo9QPOwJ0tmrG/c7hGBgwvW0y8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
50fb6c7d4d7fcbd0-VIE
truncated
/ Frame 566A 		71 B
71 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bc1ef547987e58554a68153684472cabf7e4323d9e7812f853fbf978b2d9723

Request headers

Upgrade-Insecure-Requests
1
referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html
ajax-loader.gif
stream.reyden-x.com/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stream.reyden-x.com/uploads/ajax-loader.gif
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c3c75cfdf10b4a322f4875d231c0d504b76873401738ea5a79d8ebcd006041

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Feb 2019 20:33:35 GMT
server
cloudflare
age
1717
etag
"5c74511f-784"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
50fb6c7d6eeecba4-VIE
content-length
1924
expires
Mon, 02 Sep 2019 01:08:54 GMT
volume.png
vast.reyden-x.com/frame/ 		881 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vast.reyden-x.com/frame/volume.png
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cb152e59743ee805685d3d9d87de40dbaa45784cafb0827c1c47727083207f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Mar 2019 18:00:45 GMT
server
cloudflare
age
1456
etag
"5c8be84d-371"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
50fb6c7d5ec6cba4-VIE
content-length
881
expires
Mon, 02 Sep 2019 01:08:54 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1712%3Awv%3A2%3Ast%3A1567384734...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1712%3Awv%3A2%3Ast%3A15673847...
35 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1712%3Awv%3A2%3Ast%3A1567384734%3Au%3A1567384734185132840%3Ahi%3A
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d9443ef74dadcd4d4c3d09b0e96b6f27bff47789258e3984fc774e2c81f07f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Sep 2019 00:38:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02-Sep-2019 00:38:54 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vast.reyden-x.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
Mon, 02-Sep-2019 00:38:54 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Sep 2019 00:38:54 GMT
Last-Modified
Mon, 02-Sep-2019 00:38:54 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://vast.reyden-x.com
Strict-Transport-Security
max-age=31536000
Location
/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1712%3Awv%3A2%3Ast%3A1567384734%3Au%3A1567384734185132840%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 02-Sep-2019 00:38:54 GMT
advert.gif
mc.webvisor.org/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/metrika/advert.gif
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.5.244.28 Helsinki, Finland, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Sep 2019 00:38:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 02 Sep 2019 01:38:54 GMT
jwplayer.js
vast.reyden-x.com/jwplayer/ Frame DC41 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/viboom.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b14d68f1c16d388e26246c603c0db43bbbf9b8c80cde9ab4facb68c71489a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
br
cf-cache-status
HIT
age
407
cf-polished
origSize=108279
status
200
last-modified
Sat, 03 Aug 2019 19:45:28 GMT
cf-bgj
minify
server
cloudflare
etag
W/"5d45e458-1a6f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
50fb6c7ed928cba4-VIE
expires
Mon, 02 Sep 2019 01:08:54 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=4953.2hjZTWNPnVcdcUoaBdFCQX_dnyb1p19oZIo6qMEEvgT9JbWcW33yTuwKu6YQ-HI8.mgl95Kda8mSz8SvFNAf96CXomMc%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=4953.ZV31gdvPaXHEyQHGu8BEugah6oR4T8DaFLk82_qhES7DCpiYTVhXXOdKWVSVs2l4sxw3e2xo-sYJ5Lglk3hkx3HJN1SEi6pyKs9JVCGUbuI%2C.UnoMAPq8kfR0iaPlAXw7d7Zrm7...
43 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=4953.ZV31gdvPaXHEyQHGu8BEugah6oR4T8DaFLk82_qhES7DCpiYTVhXXOdKWVSVs2l4sxw3e2xo-sYJ5Lglk3hkx3HJN1SEi6pyKs9JVCGUbuI%2C.UnoMAPq8kfR0iaPlAXw7d7Zrm7I%2C
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/yt.php?sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.5.244.28 Helsinki, Finland, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-XSS-Protection
1; mode=block
Date
Mon, 02 Sep 2019 00:38:54 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif

Redirect headers

Location
https://mc.webvisor.org/sync_cookie_image_decide?token=4953.ZV31gdvPaXHEyQHGu8BEugah6oR4T8DaFLk82_qhES7DCpiYTVhXXOdKWVSVs2l4sxw3e2xo-sYJ5Lglk3hkx3HJN1SEi6pyKs9JVCGUbuI%2C.UnoMAPq8kfR0iaPlAXw7d7Zrm7I%2C
X-XSS-Protection
1; mode=block
Date
Mon, 02 Sep 2019 00:38:54 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000
vast.js
vast.reyden-x.com/jwplayer/ Frame DC41 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/vast.js
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3af99cbceb4d450276bfb6c338df6d392b234bd49c707fd5fee47dd260c747a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
br
cf-cache-status
HIT
age
406
cf-polished
origSize=98471
status
200
last-modified
Sat, 03 Aug 2019 20:24:24 GMT
cf-bgj
minify
server
cloudflare
etag
W/"5d45ed78-180a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
50fb6c7f1975cba4-VIE
expires
Mon, 02 Sep 2019 01:08:54 GMT
jwpsrv.js
vast.reyden-x.com/jwplayer/ Frame DC41 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/jwpsrv.js
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d15f183a8ff3eac10e4bf06e010116e8258f326b0c092fb09e666ac2c2c01e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
br
cf-cache-status
HIT
age
406
status
200
last-modified
Sat, 03 Aug 2019 19:56:30 GMT
cf-bgj
minify
server
cloudflare
etag
W/"5d45e6ee-cd98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
50fb6c7f1976cba4-VIE
expires
Mon, 02 Sep 2019 01:08:54 GMT
jwplayer.core.controls.html5.js
vast.reyden-x.com/jwplayer/ Frame DC41 		301 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/jwplayer.core.controls.html5.js
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3ae200d70363b3dee3c9453f54f069b349e56072f8847d91f3bdc6ba3e57ab

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
br
cf-cache-status
HIT
age
406
cf-polished
origSize=307800
status
200
last-modified
Sat, 03 Aug 2019 19:46:51 GMT
cf-bgj
minify
server
cloudflare
etag
W/"5d45e4ab-4b258"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
50fb6c7f197bcba4-VIE
expires
Mon, 02 Sep 2019 01:08:54 GMT
ru.json
vast.reyden-x.com/jwplayer/translations/ Frame DC41 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/translations/ru.json
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
last-modified
Sat, 03 Aug 2019 19:23:29 GMT
server
cloudflare
etag
"5d45df31-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
50fb6c7f197dcba4-VIE
content-length
0
ajax-loader.gif
stream.reyden-x.com/uploads/ Frame DC41 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stream.reyden-x.com/uploads/ajax-loader.gif
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/viboom.php?sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c3c75cfdf10b4a322f4875d231c0d504b76873401738ea5a79d8ebcd006041

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Feb 2019 20:33:35 GMT
server
cloudflare
age
1717
etag
"5c74511f-784"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
50fb6c7f197fcba4-VIE
content-length
1924
expires
Mon, 02 Sep 2019 01:08:54 GMT
truncated
/ Frame DC41 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92

Request headers

Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
j.json
vast.reyden-x.com/jwplayer/ Frame DC41 		49 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/j.json
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7307ea5a16b363955c068f351a0f0cd009b375ea515e35e8b409f28aa47e89cf

Request headers

Sec-Fetch-Mode
cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:54 GMT
content-encoding
gzip
last-modified
Sat, 03 Aug 2019 20:24:44 GMT
server
cloudflare
etag
W/"5d45ed8c-31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json
access-control-allow-origin
*
cf-ray
50fb6c7f49bdcba4-VIE
46799040
mc.yandex.ru/watch/ 		152 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/46799040?wmode=7&page-url=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1567384733866%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190902023854%3Aet%3A1567384735%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A705301237%3Ahid%3A253137569%3Ads%3A13%2C33%2C282%2C0%2C1%2C0%2C0%2C84%2C0%2C%2C%2C%2C416%3Afp%3A423%3Agdpr%3A14%3Av%3A1712%3Awv%3A2%3Ast%3A1567384735%3Au%3A1567384734185132840%3App%3A823294630%3Ahi%3A%3At%3APre-roll
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ded7b4b6779b79ea1a5794d4ad322e80abc96e46222fe1a2b905ac00ea02b3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 02 Sep 2019 00:38:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02-Sep-2019 00:38:54 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vast.reyden-x.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 02-Sep-2019 00:38:54 GMT
ping.gif
vast.reyden-x.com/jwplayer/ Frame DC41 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vast.reyden-x.com/jwplayer/ping.gif?h=150465003&e=e&n=3602002724940454&abc=0&aid=42B76lEqEeKkoiIACp8kUw&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1w3zf6roct2g&i=1&id=q1fx20VZ&lsa=fail&mt=1&pbd=1&pbr=1&pgi=7tnboalrfxms&ph=0&pii=0&pl=1200&plc=1&pli=fzw75ru4mie5&pp=html5&prc=1&ps=3&pss=1&pt=Pre-roll&pu=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&pv=8.9.2&pyc=0&s=0&sdk=0&stc=1&stpe=0&tv=3.13.0&vb=0&vi=0&vl=90&wd=1600&ab=1&cae=0&cb=0&cme=0&dd=1&flc=0&fv=&ga=0&lng=ru&mk=mp4&mu=https%3A%2F%2Fcontent.bitsontherun.com%2Fvideos%2Fq1fx20VZ-52qL9xLP.mp4&pbc=0&pd=2&pdr=&plng=ru&plt=350&pni=0&pnl=37&po=0&sp=0&st=290&sa=1567384734855
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:55 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Aug 2019 20:51:01 GMT
server
cloudflare
status
200
etag
"5d45f3b5-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
50fb6c80ec2acba4-VIE
content-length
0
expires
Mon, 02 Sep 2019 01:08:55 GMT
gcid-0.1.2.html
vast.reyden-x.com/jwplayer/ Frame C5BC 		0
85 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vast.reyden-x.com/jwplayer/gcid-0.1.2.html?aid=42B76lEqEeKkoiIACp8kUw&id=q1fx20VZ&emi=1w3zf6roct2g&pli=fzw75ru4mie5&pv=8.9.2&tv=3.13.0
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwpsrv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
vast.reyden-x.com
:scheme
https
:path
/jwplayer/gcid-0.1.2.html?aid=42B76lEqEeKkoiIACp8kUw&id=q1fx20VZ&emi=1w3zf6roct2g&pli=fzw75ru4mie5&pv=8.9.2&tv=3.13.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://vast.reyden-x.com/frame/viboom.php?sid=
accept-encoding
gzip, deflate, br
cookie
__cfduid=d2053bd15e61c5a6ffec760b18ae6c5bd1567384733; PHPSESSID=i0mg4lhn87spqa2tsn0l04t461; country_code=DE; country_name=Germany; _ym_uid=1567384734185132840; _ym_d=1567384734; _ym_isad=2; _ym_wasSynced=%7B%22time%22%3A1567384734550%2C%22params%22%3A%7B%22eu%22%3A0%7D%2C%22bkParams%22%3A%7B%7D%7D; _ym_visorc_46799040=b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
referer
https://yt.advmaker.su/
Referer
https://vast.reyden-x.com/frame/viboom.php?sid=

Response headers

status
200
date
Mon, 02 Sep 2019 00:38:55 GMT
content-type
text/html
last-modified
Sat, 03 Aug 2019 20:50:51 GMT
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50fb6c80ec3ccba4-VIE
content-encoding
br
0fd33652-274d-46d4-b384-911f43c4926c
https://vast.reyden-x.com/ Frame DC41 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://vast.reyden-x.com/0fd33652-274d-46d4-b384-911f43c4926c
Protocol
BLOB
Security
, ,
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
ping.gif
vast.reyden-x.com/jwplayer/ Frame DC41 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vast.reyden-x.com/jwplayer/ping.gif?h=2015877497&e=pa&n=3931306377017265&abc=0&aid=42B76lEqEeKkoiIACp8kUw&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1w3zf6roct2g&gfb=0&gifr=1&gios=0&i=1&id=q1fx20VZ&lsa=fail&mt=1&pbd=1&pbr=1&pgi=7tnboalrfxms&ph=0&pii=0&pl=1200&plc=1&pli=fzw75ru4mie5&pp=html5&prc=1&ps=3&pss=1&pt=Pre-roll&pu=https%3A%2F%2Fvast.reyden-x.com%2Fframe%2Fyt.php%3Fsid%3D&pv=8.9.2&pyc=0&s=0&sdk=0&stc=1&stpe=0&tv=3.13.0&vb=1&vi=1&vl=90&wd=1600&ab=1&cme=0&flc=0&lng=ru&mu=https%3A%2F%2Fcontent.bitsontherun.com%2Fvideos%2Fq1fx20VZ-52qL9xLP.mp4&pd=2&pdr=&plng=ru&pni=0&pnl=37&pr=7&tb=0&vd=0&sa=1567384734871
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:416b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 00:38:55 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Aug 2019 20:51:01 GMT
server
cloudflare
status
200
etag
"5d45f3b5-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
50fb6c80fc59cba4-VIE
content-length
0
expires
Mon, 02 Sep 2019 01:08:55 GMT
vast
moevideo.biz/ Frame DC41 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=vidshare.ru&es=1&vt=js&&impressionAfterPaid=1
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
f9.moevideo.net
Software
nginx / PHP/5.5.9-1ubuntu4.27
Resource Hash
dc8fc5c9f711f839c935482c849786c85dd2fcecf4a820b3a0f48bb6b9575759

Request headers

Sec-Fetch-Mode
cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Sep 2019 00:38:55 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1194
X-Powered-By
PHP/5.5.9-1ubuntu4.27
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.095
Pragma
no-cache
Last-Modified
Mon, 02 Sep 2019 00:38:55 GMT
Server
nginx
X-My-Name
s1
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://vast.reyden-x.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.002
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
vpaid.min.js
moevideo.biz/embed/player/1542/vpaid/ Frame EAED 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1542/vpaid/vpaid.min.js
Requested by
Host: vast.reyden-x.com
URL: https://vast.reyden-x.com/frame/viboom.php?sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
47903d1816f5ccb5e90e00638e3d4e1d42c1a5d2c37352c630fcc785ad2b2127

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://yt.advmaker.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Sep 2019 00:38:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Aug 2019 12:28:54 GMT
Server
nginx
X-My-Name
s3
ETag
W/"5d5fdc06-1b77"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
X-My-Reqtime
0.000
Cookie set vpaid
playreplay.me/embed/ Frame F2E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/embed/vpaid?token=M4YzBTltbrYfA91KpF0pyg87a5oIY6eLBWRPAmj%2FxS0JDGEtzV7FJIQi5ZKC8Vsw&ref=vidshare.ru&title=&duration=0&test=0&impressionAfterPaid=1&es=1&mvver=1542
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1542/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.149 Moscow, Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
f3.moevideo.net
Software
nginx / PHP/5.5.9-1ubuntu4.27
Resource Hash

Request headers

Host
playreplay.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://vast.reyden-x.com/frame/viboom.php?sid=
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
referer
https://yt.advmaker.su/
Referer
https://vast.reyden-x.com/frame/viboom.php?sid=

Response headers

Server
nginx
Date
Mon, 02 Sep 2019 00:38:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.9-1ubuntu4.27
Set-Cookie
mvuid=f7b6e6e7-e599-4025-ba82-5146008bf3fd;expires=Tue, 01-Sep-2020 03:38:55 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=a882d8ec-282f-45ca-8388-6d8d024801fe;path=/;SameSite=None
X-My-Adv-Time
0.00168013572693
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Mon, 02 Sep 2019 00:38:55 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.011
X-Mv-Embed-Version
1194
X-My-Name
s2
X-My-Reqtime
0.104
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Twitch function| listener object| Ya object| yaCounter49498615

8 Cookies

Domain/Path Name / Value
.reyden-x.com/ Name: _ym_wasSynced
Value: %7B%22time%22%3A1567384734550%2C%22params%22%3A%7B%22eu%22%3A0%7D%2C%22bkParams%22%3A%7B%7D%7D
.reyden-x.com/ Name: _ym_isad
Value: 2
.reyden-x.com/ Name: _ym_d
Value: 1567384734
.reyden-x.com/ Name: _ym_uid
Value: 1567384734185132840
.reyden-x.com/ Name: country_name
Value: Germany
.reyden-x.com/ Name: country_code
Value: DE
vast.reyden-x.com/ Name: PHPSESSID
Value: i0mg4lhn87spqa2tsn0l04t461
.reyden-x.com/ Name: __cfduid
Value: d2053bd15e61c5a6ffec760b18ae6c5bd1567384733

1 Console Messages

Source Level URL
Text
console-api warning URL: https://vast.reyden-x.com/jwplayer/jwplayer.js?a=3(Line 9)
Message:
JW Player Warning 308611. For more information see https://developer.jwplayer.com/jw-player/docs/developer-guide/api/errors-reference#308611

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
mc.webvisor.org
mc.yandex.ru
moevideo.biz
player.twitch.tv
playreplay.me
reyden-x.com
stream.reyden-x.com
vast.reyden-x.com
149.5.244.28
23.43.123.124
2606:4700:20::6819:416b
2606:4700::6810:5914
2a02:6b8::1:119
92.38.138.149
92.38.138.76
01c3c75cfdf10b4a322f4875d231c0d504b76873401738ea5a79d8ebcd006041
0d049dbfc0bff95af708d5a43b2c549023fd3088f24c13fd2855f0a41e644850
1642dda8ec56a8e2ab9a08e3de0eda018695c65c18752e71ac7a179f38f95ca1
2bc1ef547987e58554a68153684472cabf7e4323d9e7812f853fbf978b2d9723
32d15f183a8ff3eac10e4bf06e010116e8258f326b0c092fb09e666ac2c2c01e
47903d1816f5ccb5e90e00638e3d4e1d42c1a5d2c37352c630fcc785ad2b2127
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5cf6475ea31266d6784fad7304c95cfa5b991d1308bede8daf248a3f9523e78e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6e3ae200d70363b3dee3c9453f54f069b349e56072f8847d91f3bdc6ba3e57ab
7307ea5a16b363955c068f351a0f0cd009b375ea515e35e8b409f28aa47e89cf
86b14d68f1c16d388e26246c603c0db43bbbf9b8c80cde9ab4facb68c71489a5
a58e9da8e7874c3445e13f01f41b7cd94fe60124c9651b16e4b1e496b345ac53
a5cb152e59743ee805685d3d9d87de40dbaa45784cafb0827c1c47727083207f
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92
c476d5f0fc1eba2e043b785c0a87c843f50b8a7bef370bf9662ecfe152f72445
d9443ef74dadcd4d4c3d09b0e96b6f27bff47789258e3984fc774e2c81f07f37
dc8fc5c9f711f839c935482c849786c85dd2fcecf4a820b3a0f48bb6b9575759
ded7b4b6779b79ea1a5794d4ad322e80abc96e46222fe1a2b905ac00ea02b3ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3af99cbceb4d450276bfb6c338df6d392b234bd49c707fd5fee47dd260c747a