secure.vshcontent.com Open in urlscan Pro
65.108.209.41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.vshcontent.com/
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2022, 6:18:51 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 65.108.209.41, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is secure.vshcontent.com.
TLS certificate: Issued by R3 on February 11th 2022. Valid for: 3 months.

This is the only time secure.vshcontent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	65.108.209.41 65.108.209.41	24940 (HETZNER-AS) (HETZNER-AS)
5	2a04:4e42:200... 2a04:4e42:200::626	54113 (FASTLY) (FASTLY)
8	3

1 65.108.209.41 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.41.209.108.65.clients.your-server.de

secure.vshcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2468	188 KB
1	vshcontent.com secure.vshcontent.com main.vshcontent.com Failed	1 KB
8	2

	Domain	Requested by
5	ssl.p.jwpcdn.com	secure.vshcontent.com ssl.p.jwpcdn.com
1	secure.vshcontent.com
0	main.vshcontent.com Failed	ssl.p.jwpcdn.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
storage.vshcontent.com R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure.vshcontent.com/
Frame ID: D687FFFBFBAB0E24DAE29179116A975A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TITLE

Page Statistics

8
Requests

63 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

189 kB
Transfer

683 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response secure.vshcontent.com/	2 KB 1 KB	194ms 40ms	Document text/html	65.108.209.41 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://secure.vshcontent.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 65.108.209.41 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.41.209.108.65.clients.your-server.de Software nginx/1.14.0 (Ubuntu) / Resource Hash `006dc3cf65e2c5271e319f27dbddcd1c4fb5db024fc825c270f085b07aeb4f7e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.14.0 (Ubuntu) Date Fri, 11 Feb 2022 18:18:47 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
GET H2	200	jwplayer.js Show response ssl.p.jwpcdn.com/player/v/8.1.3/	81 KB 26 KB	63ms 16ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.1.3/jwplayer.js Requested by Host: secure.vshcontent.com URL: https://secure.vshcontent.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash `04428792ed4940a77a3ee5a87f3792f15c42126a00fcbbd55b880b3693ee38c0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.vshcontent.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 18:18:47 GMT content-encoding gzip age 667033 x-cache HIT content-length 26304 via 1.1 varnish x-served-by cache-mxp6951-MXP last-modified Wed, 07 Feb 2018 22:15:48 GMT server AmazonS3 x-timer S1644603527.187421,VS0,VE0 etag "c764ae379a604f00ac9db6edf44a51da" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 3
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.1.3/	217 KB 54 KB	16ms 16ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.1.3/jwplayer.core.controls.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.1.3/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash `fc691700fff69a2fc6bc08da04497d23c1718e6a6b74f431c209304ba454d623` Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.vshcontent.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 18:18:47 GMT content-encoding gzip age 667962 x-cache HIT content-length 54755 via 1.1 varnish x-served-by cache-mxp6951-MXP last-modified Wed, 07 Feb 2018 22:15:47 GMT server AmazonS3 x-timer S1644603527.221914,VS0,VE0 etag "d4a3cc8fee7e71fe4363243b9f39d9ef" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 2
GET H2	200	vast.js Show response ssl.p.jwpcdn.com/player/plugins/vast/v/8.1.1/	63 KB 19 KB	32ms 31ms	Script text/plain	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/plugins/vast/v/8.1.1/vast.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.1.3/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash `a8306d9da073cd532ed4e4ed3607b63e4e7ae82db3dae655843444a1ce3d148d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.vshcontent.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 18:18:47 GMT content-encoding gzip age 320961 x-cache HIT content-length 19157 via 1.1 varnish x-served-by cache-mxp6951-MXP last-modified Fri, 19 Jan 2018 22:46:05 GMT server AmazonS3 x-timer S1644603527.222825,VS0,VE0 etag "6ce1494b4431b12ebbe9701226365609" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 2
GET H2	200	related.js Show response ssl.p.jwpcdn.com/player/plugins/related/v/6.1.3/	65 KB 16 KB	33ms 33ms	Script text/plain	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/plugins/related/v/6.1.3/related.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.1.3/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash `cdffa27b6be9e0555e2b8b650c78f7f482fad4e70433c3efdd29bbf292e8d180` Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.vshcontent.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 18:18:47 GMT content-encoding gzip age 2037139 x-cache HIT content-length 15856 via 1.1 varnish x-served-by cache-mxp6951-MXP last-modified Tue, 20 Feb 2018 21:20:11 GMT server AmazonS3 x-timer S1644603527.223068,VS0,VE0 etag "9252a72b4402878e1aeb2fc72ac0ca4c" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 9
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.1.3/	255 KB 74 KB	34ms 34ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.1.3/provider.hlsjs.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.1.3/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash `d948a557c645536fe06fbec68afa9982b2aad12e935ce6f1863e7f68e5dab64d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://secure.vshcontent.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 18:18:47 GMT content-encoding gzip age 314580 x-cache HIT content-length 75335 via 1.1 varnish x-served-by cache-mxp6951-MXP last-modified Wed, 07 Feb 2018 22:15:51 GMT server AmazonS3 x-timer S1644603527.223568,VS0,VE0 etag "dc2f8fdbf8bb3c98379ef4a3c0ba1bfd" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 2
GET		prog_index.m3u8 main.vshcontent.com/hls/	0 0

GET		prog_index.m3u8 main.vshcontent.com/hls/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: main.vshcontent.com
URL: https://main.vshcontent.com/hls/prog_index.m3u8?md5=REgel674Xe76EedrZSl7IQ&expires=1644610727

Domain: main.vshcontent.com
URL: https://main.vshcontent.com/hls/prog_index.m3u8?md5=REgel674Xe76EedrZSl7IQ&expires=1644610727

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| webpackJsonpjwplayer function| jwplayer object| playerInstance

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://secure.vshcontent.com/ Message: Access to XMLHttpRequest at 'https://main.vshcontent.com/hls/prog_index.m3u8?md5=REgel674Xe76EedrZSl7IQ&expires=1644610727' from origin 'https://secure.vshcontent.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://storage.vshcontent.com' that is not equal to the supplied origin.
network	error	URL: https://main.vshcontent.com/hls/prog_index.m3u8?md5=REgel674Xe76EedrZSl7IQ&expires=1644610727 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://secure.vshcontent.com/ Message: Access to XMLHttpRequest at 'https://main.vshcontent.com/hls/prog_index.m3u8?md5=REgel674Xe76EedrZSl7IQ&expires=1644610727' from origin 'https://secure.vshcontent.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://storage.vshcontent.com' that is not equal to the supplied origin.
network	error	URL: https://main.vshcontent.com/hls/prog_index.m3u8?md5=REgel674Xe76EedrZSl7IQ&expires=1644610727 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

main.vshcontent.com
secure.vshcontent.com
ssl.p.jwpcdn.com
main.vshcontent.com
2a04:4e42:200::626
65.108.209.41
006dc3cf65e2c5271e319f27dbddcd1c4fb5db024fc825c270f085b07aeb4f7e
04428792ed4940a77a3ee5a87f3792f15c42126a00fcbbd55b880b3693ee38c0
a8306d9da073cd532ed4e4ed3607b63e4e7ae82db3dae655843444a1ce3d148d
cdffa27b6be9e0555e2b8b650c78f7f482fad4e70433c3efdd29bbf292e8d180
d948a557c645536fe06fbec68afa9982b2aad12e935ce6f1863e7f68e5dab64d
fc691700fff69a2fc6bc08da04497d23c1718e6a6b74f431c209304ba454d623

secure.vshcontent.com Open in urlscan Pro 65.108.209.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

63 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

189 kBTransfer

683 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

secure.vshcontent.com Open in urlscan Pro
65.108.209.41 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

63 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

189 kB
Transfer

683 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions