URL: http://yrsii.xyz/lp/6/indextwo.html
Submission: On January 15 via manual from US — Scanned from DE

Summary

This website contacted 7 IPs in 5 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::6815:3168, located in United States and belongs to CLOUDFLARENET, US. The main domain is yrsii.xyz.
This is the only time yrsii.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 yrsii.xyz
yrsii.xyz
205 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 16356
s4.histats.com — Cisco Umbrella Rank: 14220
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
434 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
18 5
Domain Requested by
12 yrsii.xyz yrsii.xyz
2 www.google-analytics.com yrsii.xyz
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s4.histats.com s10.histats.com
1 s10.histats.com yrsii.xyz
1 fonts.googleapis.com yrsii.xyz
18 6

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
histats.com
R3
2021-10-27 -
2022-01-25
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh

This page contains 1 frames:

Primary Page: http://yrsii.xyz/lp/6/indextwo.html
Frame ID: 9D7F79732EE0F03CA09F945358C7DA23
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Install Required

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

18
Requests

22 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

5
Countries

232 kB
Transfer

607 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request indextwo.html
yrsii.xyz/lp/6/
35 KB
8 KB
Document
General
Full URL
http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b767d92ec8d159615b8f4c40a6ef2c8492c27466416916b8426120af87ed9cae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 15 Jan 2022 05:07:41 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
last-modified
Fri, 14 Jan 2022 02:45:04 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlMd%2Bi08Jlo4sVEXMaAvgV6y%2Bif5QjzL2cg%2ButZ4sJANan%2F4JCxhGzGPXg4dl4n9JTnzSGCZvvv1oNvPdU6sR804ldMCxEYHgEQpYng0EX6rE%2BXVD885LUMIDq7uiGjbmFFSZL39fMY%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6cdc94f6f8fd5caa-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 04:50:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 15 Jan 2022 05:07:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jan 2022 05:07:41 GMT
jquery-1.12.4.min.js
yrsii.xyz/lp/6/
95 KB
34 KB
Script
General
Full URL
http://yrsii.xyz/lp/6/jquery-1.12.4.min.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer
http://yrsii.xyz/lp/6/indextwo.html
Origin
http://yrsii.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:42 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
W/"5f3afe32-17b8e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9SawLxCY93w8ZE2HT2xlem9M8Ykchw43IDyWl3HKVVC%2FqF1qvEuA4YNe1YVtAejNJTD7m4jimZos7cTf0pCtRNzWimNEVji6wVG6rma%2Fp0oGO2SbDj2xIGLCvHKKywtG7KMTLtTXHg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cdc94faca0b5c68-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery-ui.js
yrsii.xyz/lp/6/
329 KB
79 KB
Script
General
Full URL
http://yrsii.xyz/lp/6/jquery-ui.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:43 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
W/"5f3afe32-52380"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVOb4Y%2FZA%2BQAH6Agy9109a4ksuAI%2Fp4QK6uiwz3MSK1gebLT7SNkWJnE1vGjdY7j4AbLfQElcuZrFMk6ClPf7lNIIx3jkgyD53HN13ONN0UZcXZAF3ZPfdbrFX7K87bmvzOG5CU5ibg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cdc94fac99d699f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
sw.js
yrsii.xyz/
0
0
Script
General
Full URL
http://yrsii.xyz/sw.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:42 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
47
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIfx%2Bw5gIWsBLtPHEYvIp1hGKS2PAxW%2FxElFD6GHjDFgpqv3NIx5zOpczTkfcXOoerMhyhjmUfH3yly3xATsM7uI1bwRbGvaoFtHwVt54QqO9z1PjB3rJKsKaIARO5F%2FJ1LmaQfZ2rU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cdc94fc4a195caa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
modernArrow5.png
yrsii.xyz/lp/6/
2 KB
3 KB
Image
General
Full URL
http://yrsii.xyz/lp/6/modernArrow5.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:43 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-86b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QGyy8j0bjGC%2BonhZ7qkmVBpgaoqLOb8CdlBrMrDIO5Y1NQcESKG8fz9dF7llyk091i3zi5DrTQLGnkilm7%2FI%2BmYoldo3UMQVKh8tiCvKS6UnPKfpn9eZcbsjxH782FyQNePUtSJZOs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cdc95011dda5c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2155
iconNotify.png
yrsii.xyz/lp/6/
1 KB
2 KB
Image
General
Full URL
http://yrsii.xyz/lp/6/iconNotify.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:43 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-568"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTrVreWwPIUQtudZBpXJWQZ0qOQe6Icr13Ruqm2SUJqa4Vp1OnLKA2F9NtYiM2aF1Cprjc62BMSlxX5qLTIyC4NeoBq5lcCkUPJTXItTS5flMBEZTKa%2FFeLsId7gz%2Bot0tB6qz5DE28%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cdc95045c1d5c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1384
fav.png
yrsii.xyz/lp/6/
3 KB
4 KB
Image
General
Full URL
http://yrsii.xyz/lp/6/fav.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:44 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-b68"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gARnCuE8IlfgV4YKv7djs5kbT1br%2F3VmlCaueWtJcr%2FIVne%2FrzXfj3yhf52WItiwv2nndeARMmjBc8ZO1mqAwgnxoOFz8Xfj8iY%2BZTU4dYEXX9L7WcaCRyaf%2BeUZy1bHea6u2glIBSM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cdc95056d61699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2920
addToChrome.png
yrsii.xyz/lp/6/
2 KB
3 KB
Image
General
Full URL
http://yrsii.xyz/lp/6/addToChrome.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:44 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-7fb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf0FoyqGFfuPC9f98YvNUNCdmU5lUP9%2Fp1lBI3E2aUkVOzCck7bp5yx6oGkYI%2F16kZ%2FcKWE5M8irGmdykOA%2BK0DEEASpDFcCM7k9%2By6DA0wavIzc9Sew7u%2BqcNSqgeZunY1RO949XEI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cdc9505aa735caa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2043
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
H2
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
397
date
Sat, 15 Jan 2022 05:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 15 Jan 2022 07:01:06 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
sw.js
yrsii.xyz/
0
0
Script
General
Full URL
http://yrsii.xyz/sw.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
48
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJHHnEWZyFW%2BN88QK0V6PrUWsA8cxHRBzGvzo4%2FGsSMQBD58zJtnqmnWEwmA66CrG2wJXhAUHCU5QlS7L15I4T%2BuNLkI%2BR8DlNinBn31sx8eSkxjoTVEUbrv9IKilGSAb53fWsWCUG0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cdc95057a3d5caa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cursor2.png
yrsii.xyz/lp/6/
26 KB
27 KB
Image
General
Full URL
http://yrsii.xyz/lp/6/cursor2.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:44 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-6813"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5wAwriF%2BwpnpHVlQZyphwMAKf%2Fl1%2FMvgxtIR3u7INmTw600%2FwbXda1NfCzpwk0fHz7%2F7SNx36GgyOs50O84MJP3%2F4i4bxWW382%2BNAI8ViFyK4y2zKoIQUOKcOeh8a59flyZKVHUImk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cdc9505c9d55c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
26643
bg.png
yrsii.xyz/lp/6/
45 KB
45 KB
Image
General
Full URL
http://yrsii.xyz/lp/6/bg.png
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac5dc6f9c48a8258b85e65d93cc2befbccd14bd42517e2f6da46b3e983b19d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/lp/6/indextwo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:44 GMT
CF-Cache-Status
MISS
last-modified
Mon, 17 Aug 2020 22:01:22 GMT
Server
cloudflare
etag
"5f3afe32-b258"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utP6LLxgkIJ%2BUb9JDRTG45r%2FfNb0eX1ZKyg%2BbOr%2BIHIboOEJ8W7srWylv9t9sPHljX5s4btMPYQdJ8m6ClAClYJSRHgTYzsKuT13bqUpLb%2FYGGwAzYFi3ayv5dfQsfTHNzFbC5Qqcfc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6cdc9505cee2432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
45656
light.mp3
yrsii.xyz/lp/6/
571 B
1 KB
Media
General
Full URL
http://yrsii.xyz/lp/6/light.mp3
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:3168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2

Request headers

Referer
http://yrsii.xyz/lp/6/indextwo.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 15 Jan 2022 05:07:44 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92OBaqBGioA0TiSobYs4PKNEavKtFH42K2K4Wu2Ea2ov%2Fk0GjFTM%2BtHzy2bDTnYcPgLxi%2FBmEEQEe2lBnK3JjoCKdX%2FUginJidGS8FD6SRCmWnWbgACOaitjpgmNapi9GxYxpfNEAbo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6cdc9505dd9c5b32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: yrsii.xyz
URL: http://yrsii.xyz/lp/6/indextwo.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 05:00:54 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
40744
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D972D784:B2E6_2E69C9F0:0050_61E2569F_62708:2277D
content-length
4547
x-request-id
848332604
0.php
s4.histats.com/stats/
66 B
200 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?3450293&@f16&@g1&@h1&@i1&@j1642223263684&@k0&@l1&@mInstall%20Required&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:10140310&@b3:1642223264&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fyrsii.xyz%2Flp%2F6%2Findextwo.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.27 Ajax, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500876.ip-192-99-8.net
Software
/
Resource Hash
24749c34a13328c69864e5b1c7ce5b6fbe9f137dbd00094c404dd6e50b5c9199

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 05:07:43 GMT
Connection
close
Content-Length
66
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/
4 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1540620119&t=event&_s=1&dl=http%3A%2F%2Fyrsii.xyz%2Flp%2F6%2Findextwo.html&ul=en-us&de=windows-1252&dt=Install%20Required&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=START%20PAGE%2090141&_u=IEBAAEABAAAAAC~&jid=1293012799&gjid=215977012&cid=1998782507.1642223264&tid=UA-68721678-1&_gid=122890584.1642223264&_r=1&_slc=1&z=964350818
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://yrsii.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 Jan 2022 05:07:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://yrsii.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
434 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68721678-1&cid=1998782507.1642223264&jid=1293012799&gjid=215977012&_gid=122890584.1642223264&_u=IEBAAEAAAAAAAC~&z=763787480
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://yrsii.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 15 Jan 2022 05:07:43 GMT
content-type
text/plain
access-control-allow-origin
http://yrsii.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yrsii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery string| url1 string| url2 string| pid string| ver string| info string| hostnameDD string| GoogleAnalyticsObject function| ga function| AddmyTime function| AddmyTime1 boolean| isChrome boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| openInstall2 function| successCallback function| successCallback1 function| failureCallback function| Yes function| No function| myMove function| myMove1 object| cursor object| canvas object| ctx undefined| cx undefined| cy number| x number| y object| animationDD function| animateDD object| addTimer object| myVar object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _HistatsCounterGraphics_0_setValues number| Py number| px number| py

10 Cookies

Domain/Path Name / Value
yrsii.xyz/ Name: HstCfa3450293
Value: 1642223263684
yrsii.xyz/ Name: HstCla3450293
Value: 1642223263684
yrsii.xyz/ Name: HstCmu3450293
Value: 1642223263684
yrsii.xyz/ Name: HstPn3450293
Value: 1
yrsii.xyz/ Name: HstPt3450293
Value: 1
yrsii.xyz/ Name: HstCnv3450293
Value: 1
yrsii.xyz/ Name: HstCns3450293
Value: 1
.yrsii.xyz/ Name: _ga
Value: GA1.2.1998782507.1642223264
.yrsii.xyz/ Name: _gid
Value: GA1.2.122890584.1642223264
.yrsii.xyz/ Name: _gat
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: http://yrsii.xyz/sw.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://yrsii.xyz/sw.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://yrsii.xyz/lp/6/light.mp3
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
www.google-analytics.com
yrsii.xyz
192.99.8.27
2606:4700:3035::6815:3168
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:400c:c07::9a
46.105.201.240
22ada793f9f0b7ab9b7b0cf9a96c1385a6bdcc9e8f8463bcc49ba48a0cacc9f2
24749c34a13328c69864e5b1c7ce5b6fbe9f137dbd00094c404dd6e50b5c9199
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aac5dc6f9c48a8258b85e65d93cc2befbccd14bd42517e2f6da46b3e983b19d1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b767d92ec8d159615b8f4c40a6ef2c8492c27466416916b8426120af87ed9cae
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61