gynvael.coldwind.pl Open in urlscan Pro
31.133.0.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gynvael.lunarii.org/
Effective URL:
https://gynvael.coldwind.pl/
Submission Tags: phishingrod
Submission: On July 15 via api (July 15th 2024, 5:49:03 am UTC) from DE — Scanned from PL

Summary HTTP 18 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 31.133.0.209, located in Poland and belongs to HOSTEAM-AS, PL. The main domain is gynvael.coldwind.pl.
TLS certificate: Issued by R10 on July 15th 2024. Valid for: 3 months.

This is the only time gynvael.coldwind.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	31.133.0.209 31.133.0.209	51290 (HOSTEAM-AS) (HOSTEAM-AS)
1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
18	3

16 31.133.0.209 (Poland) 1 redirects

ASN51290 (HOSTEAM-AS, PL)
PTR: gynvael.coldwind.pl

gynvael.lunarii.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gynvael.coldwind.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	coldwind.pl gynvael.coldwind.pl	308 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 98
1	ytimg.com s.ytimg.com — Cisco Umbrella Rank: 13562	2 KB
1	lunarii.org 1 redirects gynvael.lunarii.org	253 B
18	4

	Domain	Requested by
15	gynvael.coldwind.pl	gynvael.coldwind.pl
2	www.youtube.com	gynvael.coldwind.pl
1	s.ytimg.com	gynvael.coldwind.pl
1	gynvael.lunarii.org	1 redirects
18	4

This site contains links to these domains. Also see Links.

Domain
x.com
www.youtube.com
pagedout.institute
groups.google.com
twitter.com
bsky.app
infosec.exchange
code.google.com
vexillium.org
github.com
technet.microsoft.com
www.adobe.com
www.google.com
re.coldwind.pl

Subject Issuer	Validity	Valid
gynvael.coldwind.pl R10	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://gynvael.coldwind.pl/
Frame ID: FAC2F3741149D56114785588E68E2EAC
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9u-IaSxggW0
Frame ID: 682B83ED81A83A8AD36B94D107C2A90D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BYGku_8LJqc
Frame ID: 785A3F3408D14AB15311D39F6A01611D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

gynvael.coldwind//vx

Page URL History Show full URLs

https://gynvael.lunarii.org/ HTTP 302
https://gynvael.coldwind.pl/ Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

311 kB
Transfer

327 kB
Size

3
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/pr1m4te
Title: @pr1m4te

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=9u-IaSxggW0
Title: SECURITYbreak podcast

Search URL Search Domain Scan URL

URL: https://pagedout.institute/

Search URL Search Domain Scan URL

URL: https://pagedout.institute/download/PagedOut_004_beta1.pdf
Title: Paged Out! #4 PDF

Search URL Search Domain Scan URL

URL: https://pagedout.institute/download/PagedOut_004_wallpaper.jpg
Title: Oficjalna tapeta #4

Search URL Search Domain Scan URL

URL: https://pagedout.institute/?page=blog.php#entry-2024-06-01
Title: Wpis na blogu Paged Out! o #4

Search URL Search Domain Scan URL

URL: https://pagedout.institute/?page=cfp.php
Title: Call for Pages

Search URL Search Domain Scan URL

URL: https://x.com/prywatnik/status/1796991407787286679
Title: Łukaszem Olejnikiem

Search URL Search Domain Scan URL

URL: https://pagedout.institute/rss.xml
Title: RSS

Search URL Search Domain Scan URL

URL: https://pagedout.institute/atom.xml
Title: Atom

Search URL Search Domain Scan URL

URL: https://groups.google.com/forum/#!forum/pagedout-notifications
Title: grupy mejlingowej (Google Groups)

Search URL Search Domain Scan URL

URL: https://twitter.com/pagedout_zine
Title: X/Twitter

Search URL Search Domain Scan URL

URL: https://bsky.app/profile/pagedout.bsky.social
Title: Bluesky

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@PagedOut
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://code.google.com/p/dll-shared-sections/downloads/detail?name=DLL%20shared%20sections%20%28update%201%29.pdf
Title: DLL shared sections: a ghost of the past

Search URL Search Domain Scan URL

URL: http://code.google.com/p/dll-shared-sections/
Title: these tools

Search URL Search Domain Scan URL

URL: http://vexillium.org/dl.php?/Windows_Kernel-mode_GS_Cookies_subverted.pdf
Title: Exploiting the otherwise non-exploitable - Windows Kernel-mode GS Cookies subverted

Search URL Search Domain Scan URL

URL: http://vexillium.org/dl.php?call_gate_exploitation.pdf
Title: GDT and LDT in Windows kernel vulnerability exploitation

Search URL Search Domain Scan URL

URL: https://github.com/j00ru/kfetch-toolkit
Title: kfetch-toolkit

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/security/bulletin/ms13-016
Title: MS13-016

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/security/bulletin/ms13-017
Title: MS13-017

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/security/bulletin/ms13-031
Title: MS13-031

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/security/bulletin/ms13-036
Title: MS13-036

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb12-27.html
Title: APSB12-27

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb12-24.html
Title: APSB12-24

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb12-22.html
Title: APSB12-22

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb13-17.html
Title: APSB13-17

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb13-14.html
Title: APSB13-14

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb13-11.html
Title: APSB13-11

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb13-09.html
Title: APSB13-09

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb13-05.html
Title: APSB13-05

Search URL Search Domain Scan URL

URL: https://www.adobe.com/support/security/bulletins/apsb13-01.html
Title: APSB13-01

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=76MVumwbCj8
Title: video

Search URL Search Domain Scan URL

URL: http://vexillium.org/?sec-ff
Title: video

Search URL Search Domain Scan URL

URL: https://www.google.com/about/appsecurity/research/
Title: Google Application Security / Research site

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GynvaelColdwind?feature=creators_cornier-%2F%2Fs.ytimg.com%2Fyt%2Fimg%2Fcreators_corner%2FYouTube%2Fyoutube_32x32.png

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GynvaelColdwind
Title: Kanał na YT

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=BYGku_8LJqc
Title: Gynvael's Livestream #75: Implementujemy serwer FTP

Search URL Search Domain Scan URL

URL: http://re.coldwind.pl/
Title: ReverseCraft

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@gynvael
Title: Mastodon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gynvael.lunarii.org/ HTTP 302
https://gynvael.coldwind.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
gynvael.coldwind.pl/
Redirect Chain

https://gynvael.lunarii.org/
https://gynvael.coldwind.pl/

24 KB
9 KB

208ms
41ms

Document
text/html

31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 2093d7090017b0e2586775502daf4e2ee1926a674534eff90799f01285eb54c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8533
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Jul 2024 05:48:59 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 298
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 15 Jul 2024 05:48:58 GMT
Keep-Alive: timeout=5, max=100
Location: https://gynvael.coldwind.pl/
Server: Apache/2.4.52 (Ubuntu)

GET
H/1.1 200
OK hp.css
gynvael.coldwind.pl/ 7 KB
2 KB 38ms
36ms Stylesheet
text/css 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gynvael.coldwind.pl/hp.css
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 2499a82473d6a580b2ad5060794e73c0febbd8267e14c82f56b83f4a5378b3bd

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Aug 2023 12:19:42 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1cb4-6025442dc013e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2147

GET
H/1.1 200
OK inpost.css
gynvael.coldwind.pl/ 545 B
614 B 76ms
36ms Stylesheet
text/css 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gynvael.coldwind.pl/inpost.css
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: efb33e7624a76a1da29ae3d1f1f812640e5ef128507f066375145697b05001c4

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:40:36 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "221-5c69da35dfd09-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 279

GET
H/1.1 200
OK logo_hp.gif
gynvael.coldwind.pl/img/ 5 KB
5 KB 101ms
33ms Image
image/gif 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/img/logo_hp.gif
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 09de2eff870e11b036fb5dc12deb9d5cbd270378f4a00d2424ffab57607a1955

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sat, 01 Sep 2012 17:39:57 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1258-4c8a765a13540"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4696

GET
H/1.1 200
OK lang_en.png
gynvael.coldwind.pl/images/ 546 B
831 B 102ms
33ms Image
image/png 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/lang_en.png
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 37ab7ec3cf6e2f853848b499552808522d6a04f6dbeaeeeb75b0324bddf2d421

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Mon, 05 Mar 2012 21:35:04 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "222-4ba85b3097200"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 546

GET
H/1.1 200
OK feed-icon-14x14.png
gynvael.coldwind.pl/img/ 689 B
974 B 79ms
34ms Image
image/png 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/img/feed-icon-14x14.png
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Thu, 27 Jul 2006 11:33:26 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2b1-4198e906dad80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 689

GET
H/1.1 200
OK lang_pl.png
gynvael.coldwind.pl/images/ 162 B
445 B 90ms
39ms Image
image/png 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/lang_pl.png
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e0dfaeda62470514a6d81e86135757b854b34bd8260d8b8a76c5a8e3e27325e1

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Mon, 05 Mar 2012 21:35:04 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "a2-4ba85b3097200"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 162

GET
H/1.1 200
OK po4_top_banner.jpg
gynvael.coldwind.pl/img/ 284 KB
284 KB 90ms
34ms Image
image/jpeg 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/img/po4_top_banner.jpg
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 822a21c214cb2eb489518c7682a21ecf9b3b3471da26a684715d0dcd844ed299

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sun, 02 Jun 2024 11:50:01 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4701e-619e6d1190b85"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 290846

GET
H2 200 youtube_32x32.png
s.ytimg.com/yt/img/creators_corner/YouTube/ 2 KB
2 KB 503ms
53ms Image
image/png 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.ytimg.com/yt/img/creators_corner/YouTube/youtube_32x32.png

Requested by

Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

b9d916313f6ec177af86f2e0284624293befbd91ce893cc4733c2afcff83d67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:28:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 Sep 2012 02:59:50 GMT
server: sffe
age: 501605
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=691200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1832
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 17 Jul 2024 10:28:54 GMT

GET
H2 200 9u-IaSxggW0
www.youtube.com/embed/ Frame 682B 0
0 573ms
159ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9u-IaSxggW0

Requested by

Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gynvael.coldwind.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jul 2024 05:48:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=pl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 BYGku_8LJqc
www.youtube.com/embed/ Frame 785A 0
0 512ms
101ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BYGku_8LJqc

Requested by

Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gynvael.coldwind.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jul 2024 05:48:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=pl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bg.gif
gynvael.coldwind.pl/images/ 77 B
360 B 52ms
34ms Image
image/gif 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/bg.gif
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/hp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 3b4654f39ba5907385f9806f09e0548cfbb08137f3523f8aee67e79542ca137c

Request headers

Referer: https://gynvael.coldwind.pl/hp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sun, 28 Feb 2010 08:57:17 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4d-480a551ca1540"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 77

GET
H/1.1 200
OK gradient.jpg
gynvael.coldwind.pl/images/ 2 KB
2 KB 42ms
34ms Image
image/jpeg 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/gradient.jpg
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/hp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8b7f157a8a03b56654b4b872a6d555faa87b9043fdf126cd907916ed0f874b53

Request headers

Referer: https://gynvael.coldwind.pl/hp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sun, 28 Feb 2010 08:57:17 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "64a-480a551ca1540"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1610

GET
H/1.1 200
OK topbg.gif
gynvael.coldwind.pl/images/ 244 B
527 B 41ms
33ms Image
image/gif 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/topbg.gif
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/hp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c0c7ed8cb2b2a6fe162dcf9736aab0e14a94535cd7f5847fd389482485b8c6de

Request headers

Referer: https://gynvael.coldwind.pl/hp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sun, 28 Feb 2010 08:57:17 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f4-480a551ca1540"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 244

GET
H/1.1 200
OK th_left.png
gynvael.coldwind.pl/images/ 129 B
412 B 47ms
36ms Image
image/png 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/th_left.png
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/hp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c5c7fcc3596880be13afa128110dc9d54139b5bec053799d5bfebb48bf4c57a1

Request headers

Referer: https://gynvael.coldwind.pl/hp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sat, 01 Sep 2012 17:47:08 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "81-4c8a77f51bf00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 129

GET
H/1.1 200
OK th_right.png
gynvael.coldwind.pl/images/ 168 B
451 B 56ms
36ms Image
image/png 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/th_right.png
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/hp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: a997ac979fb3a46ebec780d1ab622483560b386ed6879c2d5377122917d4890c

Request headers

Referer: https://gynvael.coldwind.pl/hp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sat, 01 Sep 2012 17:47:08 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "a8-4c8a77f51bf00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 168

GET
H/1.1 200
OK dot.png
gynvael.coldwind.pl/images/ 79 B
361 B 69ms
35ms Image
image/png 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gynvael.coldwind.pl/images/dot.png
Requested by: Host: gynvael.coldwind.pl
URL: https://gynvael.coldwind.pl/hp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: f11aceaf80c1455877d2adc4a7eeca48743f0037d66533353db09cf46ffb220f

Request headers

Referer: https://gynvael.coldwind.pl/hp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:48:59 GMT
Last-Modified: Sat, 01 Sep 2012 18:13:20 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4f-4c8a7dd049000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 79

GET
H/1.1 200
OK fav.ico
gynvael.coldwind.pl/ 1 KB
1 KB 35ms
34ms Other
image/vnd.microsoft.icon 31.133.0.209
HOSTEAM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gynvael.coldwind.pl/fav.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.133.0.209 , Poland, ASN51290 (HOSTEAM-AS, PL),
Reverse DNS: gynvael.coldwind.pl
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: f7aa4012ef4ea3be191769bb29bcc643a848f1a5a8e5c15648680891e5fdc9b4

Request headers

Referer: https://gynvael.coldwind.pl/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 05:49:00 GMT
Last-Modified: Sun, 28 Feb 2010 08:57:17 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "47e-480a551ca1540"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1150

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| resize_yt_embed

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: riOSk6yisO4
.youtube.com/	1970-01-21 02:22:54	Name: VISITOR_INFO1_LIVE Value: 3hunoFFE1x0
.youtube.com/	1970-01-21 02:22:54	Name: VISITOR_PRIVACY_METADATA Value: CgJQTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHw%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gynvael.coldwind.pl/(Line 54) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gynvael.coldwind.pl
gynvael.lunarii.org
s.ytimg.com
www.youtube.com
142.250.186.174
172.217.18.14
31.133.0.209
09de2eff870e11b036fb5dc12deb9d5cbd270378f4a00d2424ffab57607a1955
2093d7090017b0e2586775502daf4e2ee1926a674534eff90799f01285eb54c1
2499a82473d6a580b2ad5060794e73c0febbd8267e14c82f56b83f4a5378b3bd
37ab7ec3cf6e2f853848b499552808522d6a04f6dbeaeeeb75b0324bddf2d421
3b4654f39ba5907385f9806f09e0548cfbb08137f3523f8aee67e79542ca137c
822a21c214cb2eb489518c7682a21ecf9b3b3471da26a684715d0dcd844ed299
8b7f157a8a03b56654b4b872a6d555faa87b9043fdf126cd907916ed0f874b53
8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8
a997ac979fb3a46ebec780d1ab622483560b386ed6879c2d5377122917d4890c
b9d916313f6ec177af86f2e0284624293befbd91ce893cc4733c2afcff83d67a
c0c7ed8cb2b2a6fe162dcf9736aab0e14a94535cd7f5847fd389482485b8c6de
c5c7fcc3596880be13afa128110dc9d54139b5bec053799d5bfebb48bf4c57a1
e0dfaeda62470514a6d81e86135757b854b34bd8260d8b8a76c5a8e3e27325e1
efb33e7624a76a1da29ae3d1f1f812640e5ef128507f066375145697b05001c4
f11aceaf80c1455877d2adc4a7eeca48743f0037d66533353db09cf46ffb220f
f7aa4012ef4ea3be191769bb29bcc643a848f1a5a8e5c15648680891e5fdc9b4

gynvael.coldwind.pl Open in urlscan Pro 31.133.0.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

311 kBTransfer

327 kBSize

3 Cookies

40 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

gynvael.coldwind.pl Open in urlscan Pro
31.133.0.209 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

311 kB
Transfer

327 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions