urlscan.io logo urlscan.io
SecurityTrails logo

yrsii.xyz Open in urlscan Pro
2606:4700:3032::ac43:bdbd  Public Scan

Go To Rescan Add Verdict Report
URL: http://yrsii.xyz/lp/6/indextwo.html
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::ac43:bdbd, located in United States and belongs to CLOUDFLARENET, US. The main domain is yrsii.xyz.
This is the only time yrsii.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700:3032::ac43:bdbd (United States)

ASN13335 (CLOUDFLARENET, US)
yrsii.xyz
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
12 yrsii.xyz
yrsii.xyz
205 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 16356
s4.histats.com — Cisco Umbrella Rank: 14220
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
434 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
18 5
Domain Requested by
12 yrsii.xyz yrsii.xyz
2 www.google-analytics.com yrsii.xyz
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s4.histats.com s10.histats.com
1 s10.histats.com yrsii.xyz
1 fonts.googleapis.com yrsii.xyz
18 6

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
histats.com
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://yrsii.xyz/lp/6/indextwo.html
Frame ID: 77DB42F55813D7DF70CBF392FE8316CB
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Install Required

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

18
Requests

22 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

5
Countries

232 kB
Transfer

607 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request indextwo.html
yrsii.xyz/lp/6/ 		35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b767d92ec8d159615b8f4c40a6ef2c8492c27466416916b8426120af87ed9cae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 14 Jan 2022 17:33:23 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
last-modified
Fri, 14 Jan 2022 02:45:04 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdEvb1dBhpfl%2FZVq9ldHuDTF5MXW5aVZaD%2F%2FCDArGk1NKNwlkmgVjhUss%2Fx8wnl%2Bd13HYrF23SBbwkdslIG5S2Xkb5fNraY8RvXfIDVfAQpj63qFz%2B6Y3ef39B80%2F%2Fj1hZv3VGM1QAE%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6cd89bea29863752-MXP
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 16:05:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 17:33:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 17:33:23 GMT
jquery-1.12.4.min.js
yrsii.xyz/lp/6/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yrsii.xyz/lp/6/jquery-1.12.4.min.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer
http://yrsii.xyz/lp/6/indextwo.html
Origin
http://yrsii.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:24 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
W/"5f3afe32-17b8e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BzJPRbuYO%2FJRkEFaLjzQeq%2BVLAkYdz4%2BO%2FDJd1h0%2BZhyAGLpZjXcTJloAJLuCkHdIUiCICDLG2IM8exAPMic7iVYs01K7ywuQuXV0FsKuAUsnHCcOM6LkY8QSitr2DRfdVbfh3ujeg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cd89bee7dfbf933-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery-ui.js
yrsii.xyz/lp/6/ 		329 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yrsii.xyz/lp/6/jquery-ui.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:24 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
W/"5f3afe32-52380"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6i39inrufw2yrnRVa4auplV7d7r1Ep8sfPyv%2BFhqO3%2BS96wCVwaGUGGWDOOkbU8lAIIA2xFSPiwHTlheAyRWvc%2FrBz%2FXojwKarRPXmUdFLzQ3H0Wooch9At9a4hF9ukqaLAFMKCByU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cd89bee6d4f3746-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
sw.js
yrsii.xyz/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://yrsii.xyz/sw.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:24 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FGBanQQRBLKchFd7nq%2FeX81fUZ0i3BJJvqrKIA9A%2FG0Hh0fsn436cs38fUPrDqZ1%2FX0AC6Wx6GOfO7xrIxwVhH0somLhEtiMI%2BKdk9MOv4iWGaKOfBesCZ868z6U7cZaUqZpEAnj30%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cd89bef7e683752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
modernArrow5.png
yrsii.xyz/lp/6/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yrsii.xyz/lp/6/modernArrow5.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:25 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-86b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F0jF%2FLMq4mubfDGC8exljBIFhPNnWGKCw9UZ3WbtJPD4pMxAhyBgSHy4iDHARPiQ9X8kZd5HmJKJ5El%2FbbY%2BXRZr%2F1RUd8iT%2BnV%2F1RxVQYKDaovS06vcheT%2FaXiKDFblGfLsvRengs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cd89bf6ad3ff933-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2155
iconNotify.png
yrsii.xyz/lp/6/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yrsii.xyz/lp/6/iconNotify.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:25 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-568"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcxXIlf11HW06gezB4SZIRzo%2Byn%2B%2FOyIcablrQ0w9EO1KSmiehLl9ORWXZdu3%2BSvW3Z%2FoboECvFxoT6c3LSiRtyjSaLsu4zZBFXt9mSKsxcpVjkyOxMplIAzJuFvbfFDQH1hRigcGfA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cd89bf899643746-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1384
fav.png
yrsii.xyz/lp/6/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yrsii.xyz/lp/6/fav.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:26 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-b68"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwH5Nbcjd5nc8%2FPS2%2BMNFFyxsaYROnYSMKh36GdnUD0gTAuyuobzr4CkK4QjKa1GYhm%2FxiKo48zTzvuvwMkz6wYxf2STmhkNH0eTVjtcvJSV%2BXDHgIxRKibbBk09QMSNH9z0wt8Kh6s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cd89bfbddccf933-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2920
addToChrome.png
yrsii.xyz/lp/6/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yrsii.xyz/lp/6/addToChrome.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:26 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-7fb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow8K%2FC1ZcDB4LuHTSrYMzo5WhxuLGan5tw5O6qlqlSfO9DtuQ6%2BiWnM%2FVPaeC5u4F%2BfKXLVVFcQA01lVkbVlcUMH%2BwmPaI115WCYVr3%2BDMecDlZEjyOUEVWTtmmvFBKdegkXsVMA0HI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cd89bfbde9f3752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2043
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
H2
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1939
date
Fri, 14 Jan 2022 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 14 Jan 2022 19:01:06 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
sw.js
yrsii.xyz/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://yrsii.xyz/sw.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:25 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xsmyk6b17sGvInQGKgPYPTtfGmJ5khnjuEQ18BI9OVW9UMRw3jlSSya50qLnvQh2UaHNYhEn3frHElGE%2FVMH6nuNr30EsZziuQQtsDjTPg8cTZWLic3i6Us9aVtrsxwRv6%2Bk73ubDJM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cd89bf8beec3752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cursor2.png
yrsii.xyz/lp/6/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yrsii.xyz/lp/6/cursor2.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:26 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-6813"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcPwazRwBxD%2FjJxE1DHbMStfIXj25HgkuDQLxRmF0YUZdCP1ShtHaf2w%2FFNy2IIOaGWm7cGX7tfKZ5sDsgRvjb%2Feg%2FVsJgdgG51Kd0rqlJnjWA850xiRdsA5NJfY3HHW8vfLrAP4Lyk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cd89bfc1da53754-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
26643
bg.png
yrsii.xyz/lp/6/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yrsii.xyz/lp/6/bg.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac5dc6f9c48a8258b85e65d93cc2befbccd14bd42517e2f6da46b3e983b19d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:26 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-b258"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqI94PtWFNPJkxW8jh6kpNmyLatzAqcE1jcsQkt14DNjU7%2BUsxa2BvkQDh4eBjb5LrT1ILtfrfs44rtnlHZnQSBDyX%2FbrndYaVWycQ3AvcveIX864DUIULFOK1b43m29jR7lU7XMgqw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cd89bfc1e2df933-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
45656
light.mp3
yrsii.xyz/lp/6/ 		571 B
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://yrsii.xyz/lp/6/light.mp3
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bdbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2

Request headers

Referer
http://yrsii.xyz/lp/6/indextwo.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 14 Jan 2022 17:33:26 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MX%2BPluNQjAZlUXZMO2F2x6J0CE3Tbgfc5tVvU9kr7hZJFLvAVi%2BhzN8YiLNkGl5UdMIbGDafe3iPeqPfquuKWUPGq2UnI6sUXFs0KtdFg%2FqWhyUNJs84wLLANE1%2FFvzmS6Q%2FO5iDn0o%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cd89bfc2a8c3746-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 17:29:02 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
40743
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D9409720:CF1A_2E69C9F0:0050_61E1B3E5_13257:2164B
content-length
4547
x-request-id
118980889
0.php
s4.histats.com/stats/ 		65 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3450293&@f16&@g1&@h1&@i1&@j1642181605748&@k0&@l1&@mInstall%20Required&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-176675375&@b3:1642181606&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fyrsii.xyz%2Flp%2F6%2Findextwo.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
a76728fe20bec0d4922d83373e8636680bc4d881beeba4d086fa190763d6aae3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 17:33:26 GMT
Connection
close
Content-Length
65
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=270102402&t=event&_s=1&dl=http%3A%2F%2Fyrsii.xyz%2Flp%2F6%2Findextwo.html&ul=en-us&de=windows-1252&dt=Install%20Required&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=START%20PAGE%2090141&_u=IEBAAEABAAAAAC~&jid=340867175&gjid=1134378383&cid=1821739231.1642181606&tid=UA-68721678-1&_gid=1036057393.1642181606&_r=1&_slc=1&z=1363761841
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://yrsii.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 17:33:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://yrsii.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68721678-1&cid=1821739231.1642181606&jid=340867175&gjid=1134378383&_gid=1036057393.1642181606&_u=IEBAAEAAAAAAAC~&z=1013705943
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://yrsii.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 14 Jan 2022 17:33:25 GMT
content-type
text/plain
access-control-allow-origin
http://yrsii.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery string| url1 string| url2 string| pid string| ver string| info string| hostnameDD string| GoogleAnalyticsObject function| ga function| AddmyTime function| AddmyTime1 boolean| isChrome boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| openInstall2 function| successCallback function| successCallback1 function| failureCallback function| Yes function| No function| myMove function| myMove1 object| cursor object| canvas object| ctx undefined| cx undefined| cy number| x number| y object| animationDD function| animateDD object| addTimer object| myVar object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _HistatsCounterGraphics_0_setValues number| Py number| px number| py

10 Cookies

Domain/Path Name / Value
yrsii.xyz/ Name: HstCfa3450293
Value: 1642181605748
yrsii.xyz/ Name: HstCla3450293
Value: 1642181605748
yrsii.xyz/ Name: HstCmu3450293
Value: 1642181605748
yrsii.xyz/ Name: HstPn3450293
Value: 1
yrsii.xyz/ Name: HstPt3450293
Value: 1
yrsii.xyz/ Name: HstCnv3450293
Value: 1
yrsii.xyz/ Name: HstCns3450293
Value: 1
.yrsii.xyz/ Name: _ga
Value: GA1.2.1821739231.1642181606
.yrsii.xyz/ Name: _gid
Value: GA1.2.1036057393.1642181606
.yrsii.xyz/ Name: _gat
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: http://yrsii.xyz/sw.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://yrsii.xyz/sw.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://yrsii.xyz/lp/6/light.mp3
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
www.google-analytics.com
yrsii.xyz
198.27.80.143
2606:4700:3032::ac43:bdbd
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:400c:c08::9d
46.105.201.240
22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a76728fe20bec0d4922d83373e8636680bc4d881beeba4d086fa190763d6aae3
aac5dc6f9c48a8258b85e65d93cc2befbccd14bd42517e2f6da46b3e983b19d1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b767d92ec8d159615b8f4c40a6ef2c8492c27466416916b8426120af87ed9cae
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61