www.prestige.googleadguru.com Open in urlscan Pro
103.18.41.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.prestige.googleadguru.com/
Submission: On June 09 via automatic, source certstream-suspicious (June 9th 2023, 1:17:18 pm UTC) — Scanned from AU

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 103.18.41.6, located in Australia and belongs to DEDAUS-AS-AP Dedicated Servers Australia, AU. The main domain is www.prestige.googleadguru.com.
TLS certificate: Issued by R3 on June 9th 2023. Valid for: 3 months.

This is the only time www.prestige.googleadguru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.18.41.6 103.18.41.6	58940 (DEDAUS-AS...) (DEDAUS-AS-AP Dedicated Servers Australia)
7	64.233.189.190 64.233.189.190	15169 (GOOGLE) (GOOGLE)
2	74.125.204.94 74.125.204.94	15169 (GOOGLE) (GOOGLE)
1	64.233.188.149 64.233.188.149	() ()
14	5

1 103.18.41.6 (Australia)

ASN58940 (DEDAUS-AS-AP Dedicated Servers Australia, AU)
PTR: au.searchengineguru.com.au

www.prestige.googleadguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 64.233.189.190 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f190.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ti-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.188.149 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 101	922 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	doubleclick.net googleads.g.doubleclick.net Failed static.doubleclick.net	494 B
1	googleadguru.com www.prestige.googleadguru.com	999 B
0	googleapis.com Failed jnn-pa.googleapis.com Failed
14	5

	Domain	Requested by
7	www.youtube.com	www.prestige.googleadguru.com www.youtube.com
2	fonts.gstatic.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.prestige.googleadguru.com
0	jnn-pa.googleapis.com Failed	www.youtube.com
0	googleads.g.doubleclick.net Failed	www.youtube.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
prestige.googleadguru.com R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.prestige.googleadguru.com/
Frame ID: 6A009352D2B062BDB55B042879D79830
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
Frame ID: A23A80FFB9E3D821152BD7648651881D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HAcked By SYRIA

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

954 kB
Transfer

3177 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.prestige.googleadguru.com/ 907 B
999 B 1148ms
247ms Document
text/html 103.18.41.6
DEDAUS-AS-AP Dedi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prestige.googleadguru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.18.41.6 , Australia, ASN58940 (DEDAUS-AS-AP Dedicated Servers Australia, AU),
Reverse DNS: au.searchengineguru.com.au
Software: nginx /
Resource Hash: 2211e73c0a8a8b452b7b076a4dea8a71bf7f183ee6bd9469f10b55aa4cc9ec33

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 09 Jun 2023 13:17:11 GMT
server: nginx

GET
H2 200 Uj-9ghuGZs4 Show response
www.youtube.com/embed/ Frame A23A 66 KB
30 KB 1244ms
345ms Document
text/html 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Requested by

Host: www.prestige.googleadguru.com
URL: https://www.prestige.googleadguru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

ESF /

Resource Hash

054c041ee4e8145bb36045ae78cc3667bf49843a2287f06b56e0fb082ba89788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prestige.googleadguru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 13:17:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/b128dda0/ Frame A23A 408 KB
48 KB 303ms
302ms Stylesheet
text/css 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b128dda0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

sffe /

Resource Hash

d0ea261ac2adaf71099d92c38e4b5f0c134210a37ae3e7ea492edef0476d2f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48997
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 01:43:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Jun 2024 16:00:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A23A 15 KB
16 KB 1199ms
297ms Font
font/woff2 74.125.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ti-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:00:41 GMT
x-content-type-options: nosniff
age: 80194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 15:00:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A23A 15 KB
15 KB 1273ms
371ms Font
font/woff2 74.125.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ti-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 12:08:32 GMT
x-content-type-options: nosniff
age: 4123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 12:08:32 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/b128dda0/www-embed-player.vflset/ Frame A23A 306 KB
92 KB 298ms
297ms Script
text/javascript 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b128dda0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

sffe /

Resource Hash

02f492b321d49001540a1026fbd54bc785f3178747acac60c4bf8f469f220943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 17:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94029
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 01:43:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 05 Jun 2024 17:44:19 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/b128dda0/player_ias.vflset/en_GB/ Frame A23A 2 MB
741 KB 586ms
586ms Script
text/javascript 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b128dda0/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

sffe /

Resource Hash

9a7ac36b21a6cc3f24de5b47d1ac0e6636f49367e3bf2848d7cdb3ab1b8753a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758727
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 01:43:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Jun 2024 20:41:08 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b128dda0/fetch-polyfill.vflset/ Frame A23A 9 KB
3 KB 582ms
581ms Script
text/javascript 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b128dda0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 01:43:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Jun 2024 16:08:07 GMT

GET

id
googleads.g.doubleclick.net/pagead/ Frame A23A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

0
0

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A23A 29 B
494 B 1202ms
298ms Script
text/javascript 64.233.188.149

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b128dda0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.149 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 13:08:37 GMT
x-content-type-options: nosniff
age: 520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Jun 2023 13:23:37 GMT

OPTIONS Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A23A 0
0

POST
H2 204 qoe Show response
www.youtube.com/api/stats/ Frame A23A 0
200 B 320ms
320ms XHR
text/html 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=k51Yg7trOOHwZGVD&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24364789%2C24366917%2C24372799%2C24378891%2C24415864%2C24416291%2C24439361%2C24470718%2C24532855%2C24558641%2C24559326%2C39323074%2C51000011&cl=537732624&seq=1&event=streamingstats&docid=Uj-9ghuGZs4&qclc=ChBrNTFZZzd0ck9PSHdaR1ZEEAE&cbr=Chrome&cbrver=114.0.5735.106&c=WEB_EMBEDDED_PLAYER&cver=1.20230604.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b128dda0/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
X-YouTube-Client-Version: 1.20230604.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtPU2NQZ2ZoOXpMMCjazIykBg%3D%3D
X-YouTube-Ad-Signals: dt=1686316636521&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C315&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 13:17:16 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/b128dda0/player_ias.vflset/en_GB/ Frame A23A 28 KB
8 KB 299ms
298ms Script
text/javascript 64.233.189.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b128dda0/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b128dda0/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f190.1e100.net

Software

sffe /

Resource Hash

355d65df3915664a0cd4f1878c13adad9ffa0154de74c5fd6b6608aac3c2557b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Uj-9ghuGZs4?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 318967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8186
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 01:43:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Jun 2024 20:41:10 GMT

GET
DATA 200
OK truncated
/ Frame A23A 296 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6HaB8hRNRMg
			.youtube.com/	1970-01-20 16:44:28	Name: VISITOR_INFO1_LIVE Value: OScPgfh9zL0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
static.doubleclick.net
www.prestige.googleadguru.com
www.youtube.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
103.18.41.6
64.233.188.149
64.233.189.190
74.125.204.94
02f492b321d49001540a1026fbd54bc785f3178747acac60c4bf8f469f220943
054c041ee4e8145bb36045ae78cc3667bf49843a2287f06b56e0fb082ba89788
2211e73c0a8a8b452b7b076a4dea8a71bf7f183ee6bd9469f10b55aa4cc9ec33
355d65df3915664a0cd4f1878c13adad9ffa0154de74c5fd6b6608aac3c2557b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3
9a7ac36b21a6cc3f24de5b47d1ac0e6636f49367e3bf2848d7cdb3ab1b8753a0
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
d0ea261ac2adaf71099d92c38e4b5f0c134210a37ae3e7ea492edef0476d2f64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

www.prestige.googleadguru.com Open in urlscan Pro 103.18.41.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

954 kBTransfer

3177 kBSize

2 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

www.prestige.googleadguru.com Open in urlscan Pro
103.18.41.6 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

954 kB
Transfer

3177 kB
Size

2
Cookies

14 HTTP transactions
1 data transactions