[a2g4rAVy]

SSL cert is very suspicious. It is by Google Trust Services LLC valid starting on Thu, 01 Apr 2021 02:07:46 GMT. Video was uploaded to YouTube on April first.

I would go with a fun joke.

[gruez]

>SSL cert is very suspicious. It is by Google Trust Services LLC

There's nothing suspicious about that CA. If you do a search[1] you can see plenty certificates issued for benign sites. My guess is that's the CA for google related products? eg. GCP, app engine, or google site builder.

[1] https://crt.sh/?Identity=%25&iCAID=180754

[a2g4rAVy]

Yep! but the dates are suspicious. There is no record of this happening anywhere before April 1st.

Youtube, SSL, domain, everything. April first. Also, humorously hosted on google.

[alisonkisk]

What's so suspicious about celebrating the 25th anniversary of a prank by publishing it, but preferring anonymity because people on the Internet are terrible nowadays?

[judge2020]

I believe GTS certs are Google (employee) only, correct? The hostname also goes to 1e100.net.

  host `dig www.microsoftcoffee.org +short | tail -1`
  51.165.217.172.in-addr.arpa domain name pointer pnatla-aa-in-f19.1e100.net.

[gruez]

>I believe GTS certs are Google (employee) only, correct?

Doesn't seem like it

https://crt.sh/?Identity=%25&iCAID=180754

[judge2020]

Ah ok, I thought Letsencrypt was the only available auto-issuing CA on Google Cloud but that must have changed with GKE. The 1e100 address is probably pointed at a gke load balancer then.

[jhugo]

Why GKE? It's probably just a static site hosted on Google Sites or something...

[ipython]

It is hosted on google sites. The little (I) pop up in the bottom corner gives it away.

[efreak]

IIRC, Google sites doesn't actually have static sites.

[praisewhitey]

the webpage is hosted on Google Sites