urlscan.io logo urlscan.io
SecurityTrails logo

one-travel.net Open in urlscan Pro
3.12.185.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one-travel.net/
Effective URL: https://one-travel.net/
Submission Tags: @phish_report
Submission: On December 07 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 3.12.185.132, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is one-travel.net.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 5th 2023. Valid for: 3 months.
This is the only time one-travel.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 3.12.185.132 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 16.182.41.32 16509 (AMAZON-02)
7 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
20 6
3    3.12.185.132 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-185-132.us-east-2.compute.amazonaws.com
one-travel.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    16.182.41.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
7    2404:6800:4006:80b::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2404:6800:4006:811::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
1 MB
3 one-travel.net
one-travel.net
6 KB
2 gstatic.com
fonts.gstatic.com
22 KB
1 amazonaws.com
s3.amazonaws.com
7 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
35 KB
0 ggpht.com Failed
yt3.ggpht.com Failed
0 ytimg.com Failed
i.ytimg.com Failed
0 google.com Failed
www.google.com Failed
0 googleapis.com Failed
jnn-pa.googleapis.com Failed
0 doubleclick.net Failed
googleads.g.doubleclick.net Failed
static.doubleclick.net Failed
20 10
Domain Requested by
7 www.youtube.com one-travel.net
www.youtube.com
3 one-travel.net 1 redirects one-travel.net
2 fonts.gstatic.com www.youtube.com
1 s3.amazonaws.com one-travel.net
1 cdn.jsdelivr.net one-travel.net
0 yt3.ggpht.com Failed www.youtube.com
0 i.ytimg.com Failed www.youtube.com
0 www.google.com Failed www.youtube.com
0 jnn-pa.googleapis.com Failed www.youtube.com
0 static.doubleclick.net Failed www.youtube.com
0 googleads.g.doubleclick.net Failed www.youtube.com
20 11

This site contains links to these domains. Also see Links.

Domain
www.chinesepod.com
Subject Issuer Validity Valid
one-travel.net
ZeroSSL RSA Domain Secure Site CA		 2023-10-05 -
2024-01-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://one-travel.net/
Frame ID: 37B8EF6A7FDBE531810B34875AFE7237
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Frame ID: BBD35395C8732E14948D994BFBC44433
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Check out our sponsor - Chinesepod.com

Page URL History Show full URLs

  1. http://one-travel.net/ HTTP 301
    https://one-travel.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

65 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

6
IPs

2
Countries

1101 kB
Transfer

3740 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one-travel.net/ HTTP 301
    https://one-travel.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one-travel.net/
Redirect Chain
  • http://one-travel.net/
  • https://one-travel.net/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one-travel.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.12.185.132 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-185-132.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
be13ef0e80c10e19d498e447d26d3d71d3d05588c6e10bc5bbbb8822ac1187ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Dec 2023 04:48:57 GMT
ETag
W/"393b-gYz8rc2eUp1sDZdJzP6dfgtjA6s"
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 07 Dec 2023 04:48:56 GMT
Location
https://one-travel.net/
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: one-travel.net
URL: https://one-travel.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-travel.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 04:48:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
4674391
x-jsd-version
5.3.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34902
x-served-by
cache-fra-etou8220083-FRA, cache-akl10333-AKL
x-jsd-version-type
version
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
logo.chinesepod.white.svg
s3.amazonaws.com/assets.chinesepod/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/assets.chinesepod/images/logo.chinesepod.white.svg
Requested by
Host: one-travel.net
URL: https://one-travel.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.41.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8db3d17d3a4893052476a69336f68082d2d22ed98bb383a417c6770f2b19313e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-travel.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 07 Dec 2023 04:48:58 GMT
x-amz-version-id
null
Last-Modified
Fri, 31 Dec 2021 23:51:03 GMT
Server
AmazonS3
x-amz-request-id
1KE8KGF1KWFZYY4B
ETag
"ad5fd34d16adad727ba96c21d5d41d19"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
6638
x-amz-id-2
Oyr7l4iHEd/NZj1zolArs5BuwL/o4XhXmXCq56gr6wmc1qK3Fp93ZisFW8LVLMf+1QlH7dOLvzo=
api
one-travel.net/ 		23 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://one-travel.net/api
Requested by
Host: one-travel.net
URL: https://one-travel.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.12.185.132 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-185-132.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
275e07a07385525068328676b6d08053cd270a24c9e60afbfcd462dd9f404d4f

Request headers

Referer
https://one-travel.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

Date
Thu, 07 Dec 2023 04:48:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
ETag
W/"17-jJ86VH+OvociQhw3H0Tca65O9HQ"
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: one-travel.net
URL: https://one-travel.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-travel.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 07 Dec 2023 04:48:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Thu, 07 Dec 2023 04:48:59 GMT
www-widgetapi.js
www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-travel.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Dec 2023 07:02:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
78382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68329
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Dec 2024 07:02:37 GMT
58Vi0Y_28hc
www.youtube.com/embed/ Frame BBD3 		92 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9a8736bca93d8d6c611401b9435bd939e14c6838fd4a2b83a4f98f73d74d5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one-travel.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 04:49:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame BBD3 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Dec 2023 07:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
78191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48920
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Dec 2024 07:05:49 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBD3 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Dec 2023 21:51:01 GMT
x-content-type-options
nosniff
age
25079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10748
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 21:51:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBD3 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 01 Dec 2023 03:27:18 GMT
x-content-type-options
nosniff
age
523302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10788
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 03:27:18 GMT
embed.js
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/ Frame BBD3 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f21a803f0b7f63109cd608bfbe9769a3dc2e2a17c8e885826529d3981d15d313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Dec 2023 12:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
57281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16506
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Dec 2024 12:54:19 GMT
www-embed-player.js
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame BBD3 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Dec 2023 06:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
81988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98499
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Dec 2024 06:02:32 GMT
base.js
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/ Frame BBD3 		2 MB
766 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc70bebc8a0e4ae5b13a5f8409693a3e88aa4b4415a75f632f11d0f0c423457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/58Vi0Y_28hc?autoplay=0&controls=1&showinfo=1&rel=0&iv_load_policy=3&cc_load_policy=0&fs=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fone-travel.net&widgetid=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Dec 2023 10:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
784263
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Dec 2024 10:38:25 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BBD3 		0
0
ad_status.js
static.doubleclick.net/instream/ Frame BBD3 		0
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BBD3 		0
0
q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js
www.google.com/js/th/ Frame BBD3 		0
0
sddefault.jpg
i.ytimg.com/vi/58Vi0Y_28hc/ Frame BBD3 		0
0
truncated
/ Frame BBD3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
APkrFKbUC9bvz4KmxaXO3bBguo_2xMMbg_GlyoXcJZjJEg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BBD3 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/id
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/instream/ad_status.js
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Domain
www.google.com
URL
https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi/58Vi0Y_28hc/sddefault.jpg
Domain
yt3.ggpht.com
URL
https://yt3.ggpht.com/ytc/APkrFKbUC9bvz4KmxaXO3bBguo_2xMMbg_GlyoXcJZjJEg=s68-c-k-c0x00ffffff-no-rj

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| video string| uuid function| onYouTubePlayerAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: xsb_FXEPHtg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gWk337V9KY4

2 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js(Line 1248)
Message:
Unrecognized feature: 'web-share'.
security error URL: https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js(Line 1256)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://one-travel.net').