urlscan.io logo urlscan.io
SecurityTrails logo

apple.trobateswretul.ml Open in urlscan Pro
2606:4700:3037::6815:5292  Public Scan

Go To Rescan Add Verdict Report
URL: http://apple.trobateswretul.ml/
Submission: On January 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3037::6815:5292, located in United States and belongs to CLOUDFLARENET, US. The main domain is apple.trobateswretul.ml.
This is the only time apple.trobateswretul.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3037::6815:5292 (United States)

ASN13335 (CLOUDFLARENET, US)
apple.trobateswretul.ml
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3036::6815:e78 (United States)

ASN13335 (CLOUDFLARENET, US)
www.realist.co.th
2    2606:4700:3033::ac43:d18a (United States)

ASN13335 (CLOUDFLARENET, US)
thelist.group
8    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
2    104.21.69.162 (None, )

ASN13335 (CLOUDFLARENET, US)
4wayvoice.nownews.com
www.nownews.com
2    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
791 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
jnn-pa.googleapis.com — Cisco Umbrella Rank: 191
32 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
static.doubleclick.net — Cisco Umbrella Rank: 216
1 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 nownews.com
4wayvoice.nownews.com
www.nownews.com — Cisco Umbrella Rank: 106464
600 B
2 thelist.group
thelist.group
198 KB
2 realist.co.th
www.realist.co.th
1 KB
1 trobateswretul.ml
apple.trobateswretul.ml
20 KB
21 8
Domain Requested by
8 www.youtube.com apple.trobateswretul.ml
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 thelist.group apple.trobateswretul.ml
2 www.realist.co.th 2 redirects
1 static.doubleclick.net www.youtube.com
1 www.nownews.com apple.trobateswretul.ml
1 4wayvoice.nownews.com 1 redirects
1 fonts.googleapis.com apple.trobateswretul.ml
1 apple.trobateswretul.ml
21 11

This site contains no links.

Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://apple.trobateswretul.ml/
Frame ID: DEC2C2052A4FB1953823510623859908
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZoYtlOMk9oA
Frame ID: F5EAFAAC55067BB7CCA043252A0B20E7
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

‘อูเบอร์’ พร้อมให้บริการที่ ‘หาดใหญ่’ ตอกย้ำความมุ่งมั่นกับธุรกิจร่วมเดินทางในไทย

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

71 %
HTTPS

90 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

1073 kB
Transfer

3327 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.realist.co.th/blog/wp-content/uploads/2018/02/info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg HTTP 301
  • https://thelist.group/realist/wp-content/uploads/2018/02/info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg
Request Chain 2
  • http://www.realist.co.th/blog/wp-content/uploads/2010/02/I300-12.jpg HTTP 301
  • https://thelist.group/realist/wp-content/uploads/2010/02/I300-12.jpg
Request Chain 4
  • https://4wayvoice.nownews.com/wp-content/uploads/2020/04/Annotation-2020-04-18-110644.png HTTP 301
  • https://www.nownews.com/cat/4wayvoice/
Request Chain 11
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
apple.trobateswretul.ml/ 		80 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://apple.trobateswretul.ml/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:5292 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e1f30b8f55e4dc12cc7e4fbc4c31daf908f5f253dc3854d8113479ec831a48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7889b1940abb8c30-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Jan 2023 23:32:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGpreCAoepKehgKDz6FZqqp%2BV8mMoJqzIvw1S1f9yj5iSbpwqm6S1IaGuboNMynq9CGTNSr1YrXopLAsf%2BAG6SJGVdPjqkP6KT9ijZP5VJcukYkIRYLPuo%2FCuBrnzmFwcV%2B1iaj9FDRR0BiZvXQmWC2BSMc5qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Poppins%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext
Requested by
Host: apple.trobateswretul.ml
URL: http://apple.trobateswretul.ml/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07c975e952939c40265df65d8c0fade070412c453fde3fe97d4164ef213fbb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://apple.trobateswretul.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 23:32:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 12 Jan 2023 23:32:50 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 12 Jan 2023 23:32:50 GMT
info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg
thelist.group/realist/wp-content/uploads/2018/02/
Redirect Chain
  • http://www.realist.co.th/blog/wp-content/uploads/2018/02/info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg
  • https://thelist.group/realist/wp-content/uploads/2018/02/info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg
157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelist.group/realist/wp-content/uploads/2018/02/info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg
Requested by
Host: apple.trobateswretul.ml
URL: http://apple.trobateswretul.ml/
Protocol
H2
Server
2606:4700:3033::ac43:d18a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abca09217db4704a04821ca36fc243ff8ffcbf7820a7a4c54bc880efd16b1b7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://apple.trobateswretul.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 23:32:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
161106
pragma
public
last-modified
Thu, 17 Feb 2022 04:34:08 GMT
server
cloudflare
etag
"620dd040-27552"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8CsYyeHmYP15WbbQuqhdOAY20zIh%2BEsj03ljLdX%2B1gMCvtyAc3jl6onbtpred%2BjUKuUqKzjH3%2Fcjc3DOac1MF8Am96jEndpfXq4bkbxhltTEo4Z75Ug1BTvwPlTyA7UvSJUhS50B4D95nSc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7889b197ac5a8c15-EWR
expires
Fri, 13 Jan 2023 23:32:50 GMT

Redirect headers

Date
Thu, 12 Jan 2023 23:32:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHmbtR%2FNY8EIdO3EGFtFVYcw7AnoyDYCxRLnqgcufbhwG1I8%2BdoN8Q%2FPPjhmU2KOLXURN9BBIX30xSpjy8H5eTz6D7k83Ykk6LiQs1aSBuIJRt9mHCR3QtPUYGuKBQ5x1sNgjTt5djVhhoI5YRjz0w%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://thelist.group/realist/wp-content/uploads/2018/02/info-V1-%E0%B9%81%E0%B8%81%E0%B9%893-01.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7889b1966be9c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Fri, 13 Jan 2023 00:32:50 GMT
I300-12.jpg
thelist.group/realist/wp-content/uploads/2010/02/
Redirect Chain
  • http://www.realist.co.th/blog/wp-content/uploads/2010/02/I300-12.jpg
  • https://thelist.group/realist/wp-content/uploads/2010/02/I300-12.jpg
39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelist.group/realist/wp-content/uploads/2010/02/I300-12.jpg
Requested by
Host: apple.trobateswretul.ml
URL: http://apple.trobateswretul.ml/
Protocol
H2
Server
2606:4700:3033::ac43:d18a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2e97ea259a6990e6bd9545fb782dda42a471cbc859046605178cc8bddc5067

Request headers

accept-language
en-US,en;q=0.9
Referer
http://apple.trobateswretul.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 23:32:51 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40408
pragma
public
last-modified
Wed, 16 Feb 2022 16:43:54 GMT
server
cloudflare
etag
"620d29ca-9dd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frefqt3Qrd9J8DJeCjuBQ2tWezqOspEb3swDNIGdTepV8OUuJkkmJec00CixQlexj%2BcXe3%2F4LzuGQEp5nnbb%2FEeJdYv08vwKK5Jtf0wKY6STDjvvti1cvzjNuNieGpkneo75Oye2eF9LR86o"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7889b197ac5e8c15-EWR
expires
Fri, 13 Jan 2023 23:32:50 GMT

Redirect headers

Date
Thu, 12 Jan 2023 23:32:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FB%2B92ZGb3NySf2KtGRQOUarU2HijPPu6kNwGFc8fP%2F%2BIBA9n%2By2kbmAij7%2F1exj7Cl6hPVT6pHcnMT1dUFJ3WnoSvHS%2FKZGcO8dctm7ePxZyYyMNojXOYuD0zXdKek7koX8LAPNvRMRV6Zg%2BisQBw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://thelist.group/realist/wp-content/uploads/2010/02/I300-12.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7889b1966e16c345-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Fri, 13 Jan 2023 00:32:50 GMT
ZoYtlOMk9oA
www.youtube.com/embed/ Frame F5EA 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ZoYtlOMk9oA
Requested by
Host: apple.trobateswretul.ml
URL: http://apple.trobateswretul.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0171c93b7e66a2c1f7401a7699f4206bd05ededa5f7460ee692dcfda4cee20e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://apple.trobateswretul.ml/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 23:32:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
www.nownews.com/cat/4wayvoice/
Redirect Chain
  • https://4wayvoice.nownews.com/wp-content/uploads/2020/04/Annotation-2020-04-18-110644.png
  • https://www.nownews.com/cat/4wayvoice/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nownews.com/cat/4wayvoice/
Requested by
Host: apple.trobateswretul.ml
URL: http://apple.trobateswretul.ml/
Protocol
H2
Server
104.21.69.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://apple.trobateswretul.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Thu, 12 Jan 2023 23:32:52 GMT
via
mly
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mly-id
73ed7992b42ff9aef1cba39f52734d4b
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6t0bjJck%2ByfIqNNRi%2FQG8vzkeYwqLmZEOZGMDxl25AYTgFgqDYj6vmF27cvCapqlbuQVIDREfKsMpQV1PxsrYqlp8vEGd7uzvv7g6QpUFYCpj%2BGcTCdVLHSspN8hoK2ZlDuT8F0s9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.nownews.com/cat/4wayvoice/
cache-control
private
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7889b19c982a17f5-EWR
www-player.css
www.youtube.com/s/player/d759e46a/ Frame F5EA 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d759e46a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 18:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
276730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49911
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 01:16:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jan 2024 18:40:40 GMT
www-embed-player.js
www.youtube.com/s/player/d759e46a/www-embed-player.vflset/ Frame F5EA 		341 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5f44b8a3a7eeca67537acc0adf028a587c3a5ab68e6d0c836156a75f83b28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 18:40:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
276720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109234
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 01:16:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jan 2024 18:40:50 GMT
base.js
www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/ Frame F5EA 		2 MB
597 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55c388f3486b54a74fafd7ba5f40d60e89eb66269f2ee4cf00235207c2105793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 18:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
276730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
611140
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 01:16:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jan 2024 18:40:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/d759e46a/fetch-polyfill.vflset/ Frame F5EA 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d759e46a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 18:40:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
276720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 01:16:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jan 2024 18:40:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5EA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 03:07:28 GMT
x-content-type-options
nosniff
age
159922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 03:07:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5EA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 22:19:56 GMT
x-content-type-options
nosniff
age
177174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 22:19:56 GMT
id
googleads.g.doubleclick.net/pagead/ Frame F5EA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZoYtlOMk9oA
Protocol
H2
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a75fb7bef914885b12511313f17040b05ce7aeb2a3f1b1a5e60cd926ad9581af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 23:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 23:32:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F5EA 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 23:31:26 GMT
x-content-type-options
nosniff
age
84
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 12 Jan 2023 23:46:26 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 12 Jan 2023 23:32:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F5EA 		66 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
321877f9cdcb0ab08b207b24c5e5bb0fd345df410ed80eb907bb1924df5a5849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 12 Jan 2023 23:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31138
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame F5EA 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=UMoxF3wi1sOKpMMT&el=embedded&ns=yt&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24415864%2C24432345%2C24434209%2C24439360&cl=500576657&seq=1&event=streamingstats&docid=ZoYtlOMk9oA&cbr=Chrome&cbrver=109.0.5414.74&c=WEB_EMBEDDED_PLAYER&cver=1.20230108.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:1;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
X-YouTube-Client-Version
1.20230108.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtwSmFFWXpfcVZMYyiisYKeBg%3D%3D
X-YouTube-Ad-Signals
dt=1673566370729&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C150&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 23:32:50 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/ Frame F5EA 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef1566b2eb2bfbc0d3fbaa9fb06903cb330fec0965665a70009f93c2187518a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 18:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
276719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8332
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 01:16:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jan 2024 18:40:51 GMT
truncated
/ Frame F5EA 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d10c5c89fdb4ac95953df715312f2a38c42db28c6372e4809092aa957bc7a39

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F5EA 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
508644f642b8e2a7ffc5edc36b8f6ee612d8e11aab873e6d986590eaa1e408e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 12 Jan 2023 23:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 12 Jan 2023 23:32:51 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame F5EA 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-Goog-Request-Time
1673566373002
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ZoYtlOMk9oA
X-YouTube-Client-Version
1.20230108.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtwSmFFWXpfcVZMYyiisYKeBg%3D%3D
X-YouTube-Ad-Signals
dt=1673566370562&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C150&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 12 Jan 2023 23:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

4 Cookies

Domain/Path Name / Value
apple.trobateswretul.ml/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: zUpnSWeaA8U
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: pJaEYz_qVLc
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU0TnpreE1qZ3lOelExTnpNeU9ETTNNUT09EKKxgp4GGKKxgp4G

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4wayvoice.nownews.com
apple.trobateswretul.ml
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
static.doubleclick.net
thelist.group
www.nownews.com
www.realist.co.th
www.youtube.com
104.21.69.162
2606:4700:3033::ac43:d18a
2606:4700:3036::6815:e78
2606:4700:3037::6815:5292
2607:f8b0:4006:809::200a
2607:f8b0:4006:81d::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::2006
0171c93b7e66a2c1f7401a7699f4206bd05ededa5f7460ee692dcfda4cee20e2
07c975e952939c40265df65d8c0fade070412c453fde3fe97d4164ef213fbb1a
0d10c5c89fdb4ac95953df715312f2a38c42db28c6372e4809092aa957bc7a39
1abca09217db4704a04821ca36fc243ff8ffcbf7820a7a4c54bc880efd16b1b7
1c5f44b8a3a7eeca67537acc0adf028a587c3a5ab68e6d0c836156a75f83b28d
2c2e97ea259a6990e6bd9545fb782dda42a471cbc859046605178cc8bddc5067
321877f9cdcb0ab08b207b24c5e5bb0fd345df410ed80eb907bb1924df5a5849
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
508644f642b8e2a7ffc5edc36b8f6ee612d8e11aab873e6d986590eaa1e408e9
55c388f3486b54a74fafd7ba5f40d60e89eb66269f2ee4cf00235207c2105793
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ef1566b2eb2bfbc0d3fbaa9fb06903cb330fec0965665a70009f93c2187518a
a75fb7bef914885b12511313f17040b05ce7aeb2a3f1b1a5e60cd926ad9581af
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f8e1f30b8f55e4dc12cc7e4fbc4c31daf908f5f253dc3854d8113479ec831a48