urlscan.io logo urlscan.io
SecurityTrails logo

vid1599671915.vb17112tiffanyhayward.pw Open in urlscan Pro
5.61.59.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Submission: On September 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 18 HTTP transactions. The main IP is 5.61.59.226, located in Ascension Island and belongs to SCALAXY-AS, NL. The main domain is vid1599671915.vb17112tiffanyhayward.pw.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 24th 2020. Valid for: 3 months.
This is the only time vid1599671915.vb17112tiffanyhayward.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 5.61.59.226 58061 (SCALAXY-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 88.198.6.88 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 49.12.122.115 24940 (HETZNER-AS)
1 50.7.230.242 174 (COGENT-174)
18 7
9    5.61.59.226 (Ascension Island)

ASN58061 (SCALAXY-AS, NL)
vid1599671915.vb17112tiffanyhayward.pw
cdn-t.vb17112tiffanyhayward.pw
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    88.198.6.88 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-6-88.clients.your-server.de
aj1907.online
1    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    49.12.122.115 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.115.122.12.49.clients.your-server.de
aj2178.online
1    50.7.230.242 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)
cdn3.vb17112tiffanyhayward.pw
Domain Requested by
8 vid1599671915.vb17112tiffanyhayward.pw vid1599671915.vb17112tiffanyhayward.pw
3 aj2178.online aj1907.online
aj2178.online
3 aj1907.online vid1599671915.vb17112tiffanyhayward.pw
aj1907.online
1 cdn3.vb17112tiffanyhayward.pw
1 cdn-t.vb17112tiffanyhayward.pw 1 redirects
1 www.gstatic.com vid1599671915.vb17112tiffanyhayward.pw
1 cdnjs.cloudflare.com vid1599671915.vb17112tiffanyhayward.pw
1 fonts.googleapis.com vid1599671915.vb17112tiffanyhayward.pw
18 8

This site contains no links.

Subject Issuer Validity Valid
*.vb17112tiffanyhayward.pw
Let's Encrypt Authority X3		 2020-08-24 -
2020-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
aj1907.online
Let's Encrypt Authority X3		 2020-08-26 -
2020-11-24		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
aj2178.online
Let's Encrypt Authority X3		 2020-08-25 -
2020-11-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Frame ID: 1095896E90C71CFC4A04BA8B3B1E0FDA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

903 kB
Transfer

2113 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://cdn-t.vb17112tiffanyhayward.pw/content/stream/BetWinner/banner_pause_rus_Barys-CSKA.jpg HTTP 302
  • https://cdn3.vb17112tiffanyhayward.pw/content/stream/BetWinner/banner_pause_rus_Barys-CSKA.jpg

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iframe
vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb89b5f0a1370d8795c55e4a600df567dfafb2751481779e17473751dfae83ec

Request headers

:method
GET
:authority
vid1599671915.vb17112tiffanyhayward.pw
:scheme
https
:path
/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 09 Sep 2020 18:23:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
gzip
skin3.css
vid1599671915.vb17112tiffanyhayward.pw/player/skin/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/skin/skin3.css?v=5587
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
65cb5b69b079971b91dc9bb1673ab18b87846eae29b2accf8f52b6c542901220

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 11:06:54 GMT
server
nginx
status
200
etag
W/"5db96ece-c332"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
vast.css
vid1599671915.vb17112tiffanyhayward.pw/player/skin/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/skin/vast.css?v=32
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
11450e8bab145b5fcfaa9a22cbce1f8377f1649a3cd2e92180843ad36376b3cf

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 07:03:56 GMT
server
nginx
status
200
etag
W/"5ed74b5c-175b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
css
fonts.googleapis.com/ 		2 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Sep 2020 16:52:29 GMT
server
ESF
date
Wed, 09 Sep 2020 18:23:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Sep 2020 18:23:19 GMT
flowplayer-min.js
vid1599671915.vb17112tiffanyhayward.pw/player/js/ 		374 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/js/flowplayer-min.js?v=1254234
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6421537b73ce106b0ace434510501c751d52e4103be4aaea283b949ecff4639e

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
last-modified
Wed, 01 Jul 2020 10:14:14 GMT
server
nginx
status
200
etag
W/"5efc61f6-5d838"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
hls.js
cdnjs.cloudflare.com/ajax/libs/hls.js/0.10.1/ 		676 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hls.js/0.10.1/hls.js
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fcd03848dd7de943ac2a9d1e84fd36c93d639e37ca858c6985efba7dd2ad00
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
573059
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
123629
cf-request-id
0515b4afb1000032482893b200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:36 GMT
server
cloudflare
etag
"5eb03e7c-a9096"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d02f092bc8a3248-FRA
expires
Mon, 30 Aug 2021 18:23:19 GMT
main.js
vid1599671915.vb17112tiffanyhayward.pw/player/js/ 		312 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/js/main.js?v=901234522636789168
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9387bf30607e856ed371fbac270dc556118b68d34e59b3ac37df0e85dd75b45c

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 08:42:58 GMT
server
nginx
status
200
etag
W/"5f462092-4decd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
jquery.js
vid1599671915.vb17112tiffanyhayward.pw/player/js/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/js/jquery.js
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 11:06:54 GMT
server
nginx
status
200
etag
W/"5db96ece-1538e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
serials.js
vid1599671915.vb17112tiffanyhayward.pw/player/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/js/serials.js?v=3
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bc6fc5a1a016c0fef6d0078d150a4202c72c9e002445cf4e9b8536925c1dc145

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 11:06:54 GMT
server
nginx
status
200
etag
W/"5db96ece-13d2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
ads.js
vid1599671915.vb17112tiffanyhayward.pw/player/js/ 		19 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vid1599671915.vb17112tiffanyhayward.pw/player/js/ads.js?v=1
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.59.226 , Ascension Island, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
770b166e6581feb9bf6886850b17ca8d58b81e2ab946228d263fd1d2d0c297fd

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
last-modified
Fri, 27 Sep 2019 13:43:47 GMT
server
nginx
etag
"5d8e1213-13"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
accept-ranges
bytes
content-length
19
63c0d7d8.js
aj1907.online/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1907.online/63c0d7d8.js
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/player/js/main.js?v=901234522636789168
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.6.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-6-88.clients.your-server.de
Software
/
Resource Hash
21b9681603081fb7fafabb19f8b65ecf891eefa09ff20c30e6cfbcf604e4536a

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"06e0bf2078fe3818404cc854aef54c201"
vary
Accept-Encoding
content-type
application/javascript
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		1 KB
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: vid1599671915.vb17112tiffanyhayward.pw
URL: https://vid1599671915.vb17112tiffanyhayward.pw/player/js/flowplayer-min.js?v=1254234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87abd10ff4dde54aa21a9acf3dfd863f6ff99e35f74b9ab3987cf2e36b817bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Jan 2019 17:53:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
680
x-xss-protection
0
expires
Wed, 09 Sep 2020 18:23:19 GMT
z08CJsdv2GBCmlN--OeLYIvaUFvi4xahM-VI6fAxolLAy2Js4bLoKyoVkJphQwVC1fv9ie1TGDZclryb_6FbrkXz-SRtqiuNOCGnO0pMQJdv4lUpq3zmQ6CgVrVdGWxQey7BrBMoCGSfcuy-WEjHJ6YqIoDrihHt2DReFpH32Erlq0U7vB9tg9YC3R3-7hIgv0rLA...
aj1907.online/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1907.online/z08CJsdv2GBCmlN--OeLYIvaUFvi4xahM-VI6fAxolLAy2Js4bLoKyoVkJphQwVC1fv9ie1TGDZclryb_6FbrkXz-SRtqiuNOCGnO0pMQJdv4lUpq3zmQ6CgVrVdGWxQey7BrBMoCGSfcuy-WEjHJ6YqIoDrihHt2DReFpH32Erlq0U7vB9tg9YC3R3-7hIgv0rLAKwWUFiFdRZNpPoDw4yKpASrr1TxIAXYhpriWPzPN0DRGU1RFeDyBuJ1fg2c6AU_7VuCWDEUdQ2TPi_L1mWNWS1Nz_11CgrRiLi6A_Nhfac_Gzo9gP349gu8jYUCH5J2uRISebblTBNvpdYPOeROvFyNmuzV3dnpVqLmPw6xF15tIm1Ldxbgom5BYnDR9WdKi9czED-waAeaKb68yI9Vg9K1_bHNrZWFOYOgJ-dR31xZKzSjylihoQdO7M9s8HR9a6Qe4cMUdmMOf687LWALetbglIoHCYp-_pO0QDRw1hyc8erBNVYWC-zbxFTu8_O47D0NP3VLbAWkcCv1K7pQ2hVEKnuzBdtEFddvLSLBpQAC0RDqxr4D0gg2f7vwMYLRZYbwW-cly8Ti1bsDje-cHvuEGpFPQz-zQcwAOZm9cBinf?
Requested by
Host: aj1907.online
URL: https://aj1907.online/63c0d7d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.6.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-6-88.clients.your-server.de
Software
/
Resource Hash
35a3f9f62f77cbd9ce410a3ba4083158e0e86247fa21a6ac8cc1d4f85a48efdf

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 18:23:19 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://vid1599671915.vb17112tiffanyhayward.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
1293
expires
0
58dc5dfd.js
aj2178.online/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj2178.online/58dc5dfd.js
Requested by
Host: aj1907.online
URL: https://aj1907.online/63c0d7d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.12.122.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.122.12.49.clients.your-server.de
Software
/
Resource Hash
3182627947934dc0faa7d3b32d92a8581b576167676e2da512656c4f6084cdf4

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 18:23:20 GMT
Content-Encoding
gzip
ETag
"0a878c013b08ee74fba5721a0e0d7e433"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
close
Accept-Ranges
bytes
zupxdUjDjdrBlW0Lv9qZNxvV7HBRwKU17kmSTH-YgnUXMuILCvOqAGTxme3CF0vGmhIXIzoL9YGSxdcrrQKFRIfDhRajpJ2s8Ti0dz72g2JzT03DET51I0sGx-e0uWe9a2SvhCCcjJYU9YqaN_berTeK3CEkHvd3dPgpGs5OnVTkrMtf77dKpiNS7I3PO-mBng64M...
aj1907.online/ 		43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1907.online/zupxdUjDjdrBlW0Lv9qZNxvV7HBRwKU17kmSTH-YgnUXMuILCvOqAGTxme3CF0vGmhIXIzoL9YGSxdcrrQKFRIfDhRajpJ2s8Ti0dz72g2JzT03DET51I0sGx-e0uWe9a2SvhCCcjJYU9YqaN_berTeK3CEkHvd3dPgpGs5OnVTkrMtf77dKpiNS7I3PO-mBng64MQCuxkFzC9J38uiYzjjxBSysvjwkar39YHRz5O4nTNNRpSJErqSgJsfeI9UUTiF9DAwOnkHZlyuf-HhNz3GpX5mSUEAfVbZOAXyKzRUoJWbrLD7GFy2j3G60gsaL31R0JndNQb-ASrAGExd25NrCjGT5MxIa-N3cEyLwCbZceuAQ4Ky8sCXZ-reAQ6dSx9odj-8QmByRM5nJcamB5gwJKJ3by3ocXAgotbAzaZTxc?DC=HZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.6.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-6-88.clients.your-server.de
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 18:23:19 GMT
last-modified
Wed, 02 Sep 2020 08:27:02 GMT
etag
W/"43-1599035222000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
zdDVptj_FKuVN5J5FP8BZ9bCgn22ce1tVlvaMHz0x6J39LZ0kpjK5j0-3qvAysZ8RQoHkYSegHzO6ifRw8-3GxdhW4joabN9h1cO7yfLjrC0bDVlzd1iri_Hw6kzbDAYs_O5fcjVBvG68nPgnJ054bzeo06wKt8gzZEzNMWfNKYQk3GWMh_fnX2XUI7B549YRM7Rb...
aj2178.online/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj2178.online/zdDVptj_FKuVN5J5FP8BZ9bCgn22ce1tVlvaMHz0x6J39LZ0kpjK5j0-3qvAysZ8RQoHkYSegHzO6ifRw8-3GxdhW4joabN9h1cO7yfLjrC0bDVlzd1iri_Hw6kzbDAYs_O5fcjVBvG68nPgnJ054bzeo06wKt8gzZEzNMWfNKYQk3GWMh_fnX2XUI7B549YRM7Rb4qjKEf0hWZKvuOoqyZC0fOxC8SQV71Zi65ZYQY3ayrG01m_OC7FXsu2T8KiG9aYIt4lawv6VVEagbuvekaEOfSKWP4bWtbDiTM-1MxM42jLlN0e0wOBNcEVZF9BWCzuXxp2GGbzF7y3PwFhbQED3Pa3ZS__E6F_cTuErf2ELwissNr58nqXyNkS5saKMzqNb829x7rSe538zpeH423n15R2tR59xzHjlMDfFlRzrYsH3zbb9zQYzBEl4MkAPTxmgB4M4ocJvIbg7mBOAhtf7HIDn9UWs4poXaTc-CjiSStLBtqY5Njsykbg_FTrfUKmZyLElA9M6JpV3f92TXLH6vWlQxEB_fyvR6P2GpEu7IRe3WAO1kWhlHQPKYPZ9JIZLdkq2d3Qu-AkWLmsT5iDzbeoSeG7O0h2LXWPEm5jvdscvJFplFnQQdgwmjVj6p5JaQ3yRzRpR9YNZBktKhNSECvmKRMQy9IeGCL4EoSal3XOHouHAsedV4mzxB-sH5ywsF_Df4VRanzXz0CRXmEuZwdqHMV-NiHC9_-_P3kcTnlE553dS0WanEA4xoXGdnDELQbGef4fhAMrwt9Dbbt8XRSmkNj2lr7Kv-KESPHKsndA2hII-ztMp66Mwda10p8TD10phavZslfR3qK3bUx7nT239PzXrKCZJexmUeLOrDOt0RGfS-vpfy_1dGsqHeUhy7hm5WQWfu_AXPRTk23N3Bo4CMlcUaYtQ3bea19wiQA-xhkeyBaUGDwEhOXQnWlBbtFSRPVlb-hkXPw7S14fQsCVv26XUBSqEmCFD4XBdaz2KazZo1knga7ivgw434UVj1KTxRhYh4HA1IbmhwC5aMD_rRfb4G3cTuIy5UQ-w6lNZc4MrNvmS2wKfI4ZCnv9ygbI45sMk-0MQg3YdeNKWmmfig5_iPdQinSjBDw_I3u0Fsqesbi8ZZ6Npot09rmFHIKnMXdFmnE9PIFEc6UySJqPuJrq1XBG8iRN5QrWeabNy3H911Oe9_BynE9O5fSMaDundiymztuJfc6RSY2kI7Z_oxxKN6cSYF2Haf5wLn_IbSWHkwCCd9VzVBcjcIGWh9S0HxIerhg?
Requested by
Host: aj2178.online
URL: https://aj2178.online/58dc5dfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.12.122.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.122.12.49.clients.your-server.de
Software
/
Resource Hash
ff879884606245bf0cac4d2ed53d4826871d1c16a5773792333d248335af8734

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Sep 2020 18:23:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://vid1599671915.vb17112tiffanyhayward.pw
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Expires
0
zJt9n2KpthGMSlTcZZ5O92vJs60Ux4ZuWbUOieB6zfuQ-I3nULO8UWGMdtM35hpx-sSZ90S46MFeWjLIi-igu4Xmf_MsD1ZVteWaq_9w0EcYOBEK9-fIgYq4alqnyi4Go1jz9QtZ2XX7CDtdANOZVPW-NVqGLZPB-_lXEUw65AVIXgBnYHoV2kABMabSKTJLhAE85...
aj2178.online/ 		43 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj2178.online/zJt9n2KpthGMSlTcZZ5O92vJs60Ux4ZuWbUOieB6zfuQ-I3nULO8UWGMdtM35hpx-sSZ90S46MFeWjLIi-igu4Xmf_MsD1ZVteWaq_9w0EcYOBEK9-fIgYq4alqnyi4Go1jz9QtZ2XX7CDtdANOZVPW-NVqGLZPB-_lXEUw65AVIXgBnYHoV2kABMabSKTJLhAE85sX-6x29QOdlKoxikaxS3HBpwYYk8QVCs5iAoOeqE_-BvMyjWJ6ttIQQOJALWjN21odCGYruabS62byzc_arrawnRaqY7uvUVJBVwPtuYMXBQziZKwZgZAQQPb-ThaCtoHTcQw_L-7S70pml5kn_eofLmkUI0-7f6L9JDNiNnSo43D3EuTeYjDkxw3nSir99hCkBAkho2yzrTnzHaKN01LI8Vto0SMtUAZ6Rg1IRt?DC=HZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.12.122.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.122.12.49.clients.your-server.de
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Sep 2020 18:23:20 GMT
Last-Modified
Wed, 02 Sep 2020 08:27:02 GMT
ETag
W/"43-1599035222000"
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
banner_pause_rus_Barys-CSKA.jpg
cdn3.vb17112tiffanyhayward.pw/content/stream/BetWinner/
Redirect Chain
  • https://cdn-t.vb17112tiffanyhayward.pw/content/stream/BetWinner/banner_pause_rus_Barys-CSKA.jpg
  • https://cdn3.vb17112tiffanyhayward.pw/content/stream/BetWinner/banner_pause_rus_Barys-CSKA.jpg
493 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn3.vb17112tiffanyhayward.pw/content/stream/BetWinner/banner_pause_rus_Barys-CSKA.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
50.7.230.242 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
53d54bb05df86c2d372e13b3834bc1f3f66ab9beee919469faa9b117d0559d4c

Request headers

Referer
https://vid1599671915.vb17112tiffanyhayward.pw/serial/9adf7a1c1767dd8466c9f2577f3a58762ba2d2c9d103295e0727823c7fcaf3d4/iframe?e=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 18:23:20 GMT
last-modified
Wed, 09 Sep 2020 05:39:47 GMT
server
nginx
etag
"5f586aa3-7b42e"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length
504878

Redirect headers

date
Wed, 09 Sep 2020 18:23:20 GMT
server
nginx
status
302
location
https://cdn3.vb17112tiffanyhayward.pw/content/stream/BetWinner/banner_pause_rus_Barys-CSKA.jpg
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
content-length
138

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| flowplayer function| Hls string| cookie_name boolean| eng string| domain string| poster string| iframe_domain string| next_id boolean| nots boolean| noepisode boolean| noseasons boolean| notranslations boolean| auto string| user_ip string| user_id string| country_code string| city_name string| region boolean| fapi function| getCookie function| setCookie function| deleteCookie function| isEmpty function| in_array function| television string| redomain function| pauseBanner function| NativeAdv function| AdvPlayer function| VpaidAd object| main function| $ function| jQuery function| build_query function| change_buttons boolean| adblock function| __onGCastApiAvailable string| txt function| postscribe object| area51 object| that number| elMax

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aj1907.online
aj2178.online
cdn-t.vb17112tiffanyhayward.pw
cdn3.vb17112tiffanyhayward.pw
cdnjs.cloudflare.com
fonts.googleapis.com
vid1599671915.vb17112tiffanyhayward.pw
www.gstatic.com
2606:4700::6811:4e6b
2a00:1450:4001:815::2003
2a00:1450:4001:820::200a
49.12.122.115
5.61.59.226
50.7.230.242
88.198.6.88
11450e8bab145b5fcfaa9a22cbce1f8377f1649a3cd2e92180843ad36376b3cf
21b9681603081fb7fafabb19f8b65ecf891eefa09ff20c30e6cfbcf604e4536a
3182627947934dc0faa7d3b32d92a8581b576167676e2da512656c4f6084cdf4
35a3f9f62f77cbd9ce410a3ba4083158e0e86247fa21a6ac8cc1d4f85a48efdf
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53d54bb05df86c2d372e13b3834bc1f3f66ab9beee919469faa9b117d0559d4c
6421537b73ce106b0ace434510501c751d52e4103be4aaea283b949ecff4639e
65cb5b69b079971b91dc9bb1673ab18b87846eae29b2accf8f52b6c542901220
770b166e6581feb9bf6886850b17ca8d58b81e2ab946228d263fd1d2d0c297fd
87abd10ff4dde54aa21a9acf3dfd863f6ff99e35f74b9ab3987cf2e36b817bff
9387bf30607e856ed371fbac270dc556118b68d34e59b3ac37df0e85dd75b45c
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a6fcd03848dd7de943ac2a9d1e84fd36c93d639e37ca858c6985efba7dd2ad00
bb89b5f0a1370d8795c55e4a600df567dfafb2751481779e17473751dfae83ec
bc6fc5a1a016c0fef6d0078d150a4202c72c9e002445cf4e9b8536925c1dc145
ff879884606245bf0cac4d2ed53d4826871d1c16a5773792333d248335af8734