urlscan.io logo urlscan.io
SecurityTrails logo

services.rewasd.com Open in urlscan Pro
138.68.93.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://services.rewasd.com/
Submission: On July 28 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 138.68.93.157, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is services.rewasd.com.
TLS certificate: Issued by R3 on July 5th 2021. Valid for: 3 months.
This is the only time services.rewasd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    138.68.93.157 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
services.rewasd.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
8 services.rewasd.com services.rewasd.com
5 mc.yandex.com 2 redirects services.rewasd.com
4 fonts.googleapis.com services.rewasd.com
3 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects services.rewasd.com
2 www.google-analytics.com services.rewasd.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
22 7

This site contains links to these domains. Also see Links.

Domain
www.daemon-tools.cc
twitter.com
www.facebook.com
plus.google.com
www.youtube.com
blog.daemon-tools.cc
Subject Issuer Validity Valid
img.rewasd.com
R3		 2021-07-05 -
2021-10-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://services.rewasd.com/
Frame ID: D93E683773A20445F4A3FDD1DE882DD0
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

22
Requests

64 %
HTTPS

88 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

343 kB
Transfer

572 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9348.PFbyvo7MWSyJSLgSl0ZnGormiEgxyTjAbp2lAEO6X-asclkxbwjenhJpjQtuIDjC.kM5LzTXJXDlXadXZeS__AKTcLiE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9348.nRHF08RkkcUstMImpvDvrebcAuabGuj7xwoLwFh_WvXnU-gcJCuXExXsceC1_ezecVNRGT65O_77sOEIp8RTVg%2C%2C.Xs1essydBJpdQtdlQeWh-0eNp2Q%2C
Request Chain 24
  • https://mc.yandex.com/watch/29120390?wmode=7&page-url=https%3A%2F%2Fservices.rewasd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A793029798140%3Ahid%3A1020297367%3Az%3A120%3Ai%3A20210728120453%3Aet%3A1627466694%3Ac%3A1%3Arn%3A840791203%3Au%3A1627466694477285414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627466693573%3Ads%3A16%2C24%2C8%2C1%2C1%2C0%2C%2C152%2C59%2C%2C%2C%2C211%3Adsn%3A15%2C25%2C8%2C0%2C0%2C0%2C%2C155%2C60%2C%2C%2C%2C210%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627466694%3At%3AVielen%20Dank%20f%C3%BCr%20die%20Wahl%20unserer%20besten%20kostenlosen%20Imagesoftware%20-%20DAEMON%20Tools%20Lite HTTP 302
  • https://mc.yandex.com/watch/29120390/1?wmode=7&page-url=https%3A%2F%2Fservices.rewasd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A793029798140%3Ahid%3A1020297367%3Az%3A120%3Ai%3A20210728120453%3Aet%3A1627466694%3Ac%3A1%3Arn%3A840791203%3Au%3A1627466694477285414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627466693573%3Ads%3A16%2C24%2C8%2C1%2C1%2C0%2C%2C152%2C59%2C%2C%2C%2C211%3Adsn%3A15%2C25%2C8%2C0%2C0%2C0%2C%2C155%2C60%2C%2C%2C%2C210%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627466694%3At%3AVielen%20Dank%20f%C3%BCr%20die%20Wahl%20unserer%20besten%20kostenlosen%20Imagesoftware%20-%20DAEMON%20Tools%20Lite

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
services.rewasd.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://services.rewasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.33
Resource Hash
1b057841a8745a50317c6bc13bedc5b711ee5631c853caad0194b338a6a31054

Request headers

Host
services.rewasd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Wed, 28 Jul 2021 10:04:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.33
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
bundle-common-50928f8199f26a04c237.css
services.rewasd.com/assets/ 		597 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.rewasd.com/assets/bundle-common-50928f8199f26a04c237.css
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
80a683a56ed9b9cf724ccfcf5cea67d0de2c60a6c7d7d2dd26a31e80b1e56be5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://services.rewasd.com/
Connection
keep-alive
Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
W/"60be2854-255"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
bundle-dtupd-7c5b9fe9b4b00b6986da.css
services.rewasd.com/assets/ 		59 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
69571bc19ba3f7046abb5bb67e2475c8c86dc28f28d8c6031094d04c90fad5f1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://services.rewasd.com/
Connection
keep-alive
Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
W/"60be2854-ea28"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
css
fonts.googleapis.com/ 		4 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700,400italic&subset=latin,cyrillic
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbf50905bd37fdbf38244e4a9dbb76688563fde21dff16753c86ed8d5a89b8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 09:47:39 GMT
server
ESF
date
Wed, 28 Jul 2021 10:04:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Jul 2021 10:04:53 GMT
css
fonts.googleapis.com/ 		8 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans|PT+Sans+Narrow:400,700|Open+Sans+Condensed:300,700&subset=cyrillic,latin
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d2fbc0d506c09ba1099c1abe70815f58d9d70aee7609097b4e43d2e8704a50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 10:04:53 GMT
server
ESF
date
Wed, 28 Jul 2021 10:04:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Jul 2021 10:04:53 GMT
bundle-common-79f26189d5dae1406462.js
services.rewasd.com/assets/ 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.rewasd.com/assets/bundle-common-79f26189d5dae1406462.js
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9f98865459188154bf854c4c31abc60f5fad39e5e2c00bbe644155d05e743917

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://services.rewasd.com/
Connection
keep-alive
Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
W/"60be2854-16252"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
bundle-dtupd-7c5b9fe9b4b00b6986da.js
services.rewasd.com/assets/ 		121 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.js
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3d9f2a369def9f53effae83b57b2815831a1b33ee542bf7813104d7cf14461cf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://services.rewasd.com/
Connection
keep-alive
Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
W/"60be2854-79"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
css
fonts.googleapis.com/ 		17 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
367723ccb78f14169eb6ab0de9a1bb8ea3304e5008ef2b123d2a7da717546cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 10:04:53 GMT
server
ESF
date
Wed, 28 Jul 2021 10:04:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Jul 2021 10:04:53 GMT
css
fonts.googleapis.com/ 		5 KB
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind:400,700,600,500,300&subset=latin,latin-ext
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6883a6789e20a3c189dd23445c9ca3af4a66f4dbac391e64e245705c0cff19a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 10:04:53 GMT
server
ESF
date
Wed, 28 Jul 2021 10:04:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Jul 2021 10:04:53 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4434
date
Wed, 28 Jul 2021 08:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 28 Jul 2021 10:50:59 GMT
watch.js
mc.yandex.ru/metrika/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a1319b8ced36e50993031105277442132e6471995340356346e3f76c37d569a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 10:04:53 GMT
content-encoding
br
last-modified
Wed, 28 Jul 2021 09:12:16 GMT
etag
"61011e70-bb44"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47940
expires
Wed, 28 Jul 2021 11:04:53 GMT
truncated
/ 		370 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35df8b1b5fcad502a69129f70ffca98af36d02bffc5077f6cde48a91311eae4a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
a64f3e338560cc6a5b88db129197cd08.png
services.rewasd.com/assets/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.rewasd.com/assets/a64f3e338560cc6a5b88db129197cd08.png
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
228056f9e1213ca013f36025ef493da37b16475e9787ec917d938e14d49350c1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Connection
keep-alive
Referer
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
"60be2854-4057"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16471
6491fc5bdd27d81c5f071c4f25903f9c.jpg
services.rewasd.com/assets/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.rewasd.com/assets/6491fc5bdd27d81c5f071c4f25903f9c.jpg
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
86698f2dfb84dd6047dd2ad2188b0df2932760b1afb28704a80813572e668448

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Connection
keep-alive
Referer
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
"60be2854-209dd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
133597
truncated
/ 		379 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1637caeda8f8201322ad3a8f092218b51dc9925ac0a188737effe98973d3ab6e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		304 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c94182e35b3479cb3da56f95225fd5f4991e6fef00624681804f2421a4795b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		292 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ed5cb5c2b4ed16131839a3c0b21fb328b810f3f606c00403fc4d26f4057a9d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
5aU19_a8oxmIfJpbERySjQ.woff2
fonts.gstatic.com/s/hind/v11/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfJpbERySjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,700,600,500,300&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
806f5b4761fdb196821c0eac48fae6e26559c371226f9d73aba6eaa33aacb577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://services.rewasd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 20:40:04 GMT
x-content-type-options
nosniff
age
134689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16796
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 20:40:04 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://services.rewasd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
142723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:10 GMT
dde7a8fc8382b0a8093ce76fb7a3413d.woff
services.rewasd.com/assets/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://services.rewasd.com/assets/dde7a8fc8382b0a8093ce76fb7a3413d.woff
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.93.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
fe3bf3b487a8547ebee07e22ce2431af158a620474f22e88dc7401a6e5b1bda6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://services.rewasd.com
Accept-Encoding
gzip, deflate, br
Host
services.rewasd.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
Connection
keep-alive
Origin
https://services.rewasd.com
Referer
https://services.rewasd.com/assets/bundle-dtupd-7c5b9fe9b4b00b6986da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 10:04:53 GMT
Last-Modified
Mon, 07 Jun 2021 14:08:20 GMT
Server
nginx/1.16.1
ETag
"60be2854-1470"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5232
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://services.rewasd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 23:06:01 GMT
x-content-type-options
nosniff
age
125932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 23:06:01 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=285804623&t=pageview&_s=1&dl=https%3A%2F%2Fservices.rewasd.com%2F&ul=en-us&de=UTF-8&dt=Vielen%20Dank%20f%C3%BCr%20die%20Wahl%20unserer%20besten%20kostenlosen%20Imagesoftware%20-%20DAEMON%20Tools%20Lite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=981683786&gjid=1863436168&cid=886245449.1627466694&tid=UA-9459714-2&_gid=45212000.1627466694&_r=1&_slc=1&z=991154434
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jul 2021 10:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://services.rewasd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-9459714-2&cid=886245449.1627466694&jid=981683786&gjid=1863436168&_gid=45212000.1627466694&_u=IEBAAEAAAAAAAC~&z=938229701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 28 Jul 2021 10:04:53 GMT
content-type
text/plain
access-control-allow-origin
https://services.rewasd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9348.PFbyvo7MWSyJSLgSl0ZnGormiEgxyTjAbp2lAEO6X-asclkxbwjenhJpjQtuIDjC.kM5LzTXJXDlXadXZeS__AKTcLiE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9348.nRHF08RkkcUstMImpvDvrebcAuabGuj7xwoLwFh_WvXnU-gcJCuXExXsceC1_ezecVNRGT65O_77sOEIp8RTVg%2C%2C.Xs1essydBJpdQtdlQeWh-0eNp2Q%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9348.nRHF08RkkcUstMImpvDvrebcAuabGuj7xwoLwFh_WvXnU-gcJCuXExXsceC1_ezecVNRGT65O_77sOEIp8RTVg%2C%2C.Xs1essydBJpdQtdlQeWh-0eNp2Q%2C
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 10:04:54 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9348.nRHF08RkkcUstMImpvDvrebcAuabGuj7xwoLwFh_WvXnU-gcJCuXExXsceC1_ezecVNRGT65O_77sOEIp8RTVg%2C%2C.Xs1essydBJpdQtdlQeWh-0eNp2Q%2C
date
Wed, 28 Jul 2021 10:04:54 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: services.rewasd.com
URL: https://services.rewasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 10:04:54 GMT
last-modified
Wed, 28 Jul 2021 09:12:16 GMT
etag
"61011e70-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jul 2021 11:04:54 GMT
1
mc.yandex.com/watch/29120390/
Redirect Chain
  • https://mc.yandex.com/watch/29120390?wmode=7&page-url=https%3A%2F%2Fservices.rewasd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.com/watch/29120390/1?wmode=7&page-url=https%3A%2F%2Fservices.rewasd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3...
316 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/29120390/1?wmode=7&page-url=https%3A%2F%2Fservices.rewasd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A793029798140%3Ahid%3A1020297367%3Az%3A120%3Ai%3A20210728120453%3Aet%3A1627466694%3Ac%3A1%3Arn%3A840791203%3Au%3A1627466694477285414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627466693573%3Ads%3A16%2C24%2C8%2C1%2C1%2C0%2C%2C152%2C59%2C%2C%2C%2C211%3Adsn%3A15%2C25%2C8%2C0%2C0%2C0%2C%2C155%2C60%2C%2C%2C%2C210%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627466694%3At%3AVielen%20Dank%20f%C3%BCr%20die%20Wahl%20unserer%20besten%20kostenlosen%20Imagesoftware%20-%20DAEMON%20Tools%20Lite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e7461f869f07e6bc091cb2dff7efcb461b1c359ff2d4fb02ba893b8708ba3d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://services.rewasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jul 2021 10:04:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 28-Jul-2021 10:04:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://services.rewasd.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
316
x-xss-protection
1; mode=block
expires
Wed, 28-Jul-2021 10:04:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jul 2021 10:04:54 GMT
last-modified
Wed, 28-Jul-2021 10:04:54 GMT
location
/watch/29120390/1?wmode=7&page-url=https%3A%2F%2Fservices.rewasd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A793029798140%3Ahid%3A1020297367%3Az%3A120%3Ai%3A20210728120453%3Aet%3A1627466694%3Ac%3A1%3Arn%3A840791203%3Au%3A1627466694477285414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627466693573%3Ads%3A16%2C24%2C8%2C1%2C1%2C0%2C%2C152%2C59%2C%2C%2C%2C211%3Adsn%3A15%2C25%2C8%2C0%2C0%2C0%2C%2C155%2C60%2C%2C%2C%2C210%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627466694%3At%3AVielen%20Dank%20f%C3%BCr%20die%20Wahl%20unserer%20besten%20kostenlosen%20Imagesoftware%20-%20DAEMON%20Tools%20Lite
strict-transport-security
max-age=31536000
access-control-allow-origin
https://services.rewasd.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 28-Jul-2021 10:04:54 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| errors string| GoogleAnalyticsObject function| ga function| webpackJsonp function| jQuery function| $ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter29120390

6 Cookies

Domain/Path Name / Value
.rewasd.com/ Name: _ym_d
Value: 1627466694
.rewasd.com/ Name: _ga
Value: GA1.2.886245449.1627466694
.rewasd.com/ Name: _ym_uid
Value: 1627466694477285414
.rewasd.com/ Name: _ym_isad
Value: 2
.rewasd.com/ Name: _gat
Value: 1
.rewasd.com/ Name: _gid
Value: GA1.2.45212000.1627466694

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
services.rewasd.com
stats.g.doubleclick.net
www.google-analytics.com
138.68.93.157
2a00:1450:4001:803::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2003
2a00:1450:400c:c08::9c
2a02:6b8::1:119
1637caeda8f8201322ad3a8f092218b51dc9925ac0a188737effe98973d3ab6e
1b057841a8745a50317c6bc13bedc5b711ee5631c853caad0194b338a6a31054
228056f9e1213ca013f36025ef493da37b16475e9787ec917d938e14d49350c1
35df8b1b5fcad502a69129f70ffca98af36d02bffc5077f6cde48a91311eae4a
367723ccb78f14169eb6ab0de9a1bb8ea3304e5008ef2b123d2a7da717546cf9
3d9f2a369def9f53effae83b57b2815831a1b33ee542bf7813104d7cf14461cf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ed5cb5c2b4ed16131839a3c0b21fb328b810f3f606c00403fc4d26f4057a9d7
69571bc19ba3f7046abb5bb67e2475c8c86dc28f28d8c6031094d04c90fad5f1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
806f5b4761fdb196821c0eac48fae6e26559c371226f9d73aba6eaa33aacb577
80a683a56ed9b9cf724ccfcf5cea67d0de2c60a6c7d7d2dd26a31e80b1e56be5
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86698f2dfb84dd6047dd2ad2188b0df2932760b1afb28704a80813572e668448
9d2fbc0d506c09ba1099c1abe70815f58d9d70aee7609097b4e43d2e8704a50e
9f98865459188154bf854c4c31abc60f5fad39e5e2c00bbe644155d05e743917
a1319b8ced36e50993031105277442132e6471995340356346e3f76c37d569a7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a6883a6789e20a3c189dd23445c9ca3af4a66f4dbac391e64e245705c0cff19a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c94182e35b3479cb3da56f95225fd5f4991e6fef00624681804f2421a4795b23
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7461f869f07e6bc091cb2dff7efcb461b1c359ff2d4fb02ba893b8708ba3d39
fbf50905bd37fdbf38244e4a9dbb76688563fde21dff16753c86ed8d5a89b8ae
fe3bf3b487a8547ebee07e22ce2431af158a620474f22e88dc7401a6e5b1bda6