urlscan.io logo urlscan.io
SecurityTrails logo

marchsailor4.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-afford...
Effective URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-afford...
Submission: On May 04 via manual from ZA — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 33 HTTP transactions. The main IP is 54.36.158.42, located in Paris, France and belongs to OVH, FR. The main domain is marchsailor4.xtgem.com.
This is the only time marchsailor4.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.36.158.42 16276 (OVH)
1 104.75.88.209 16625 (AKAMAI-AS)
1 192.124.249.105 30148 (SUCURI-SEC)
1 54.231.132.1 16509 (AMAZON-02)
6 141.94.172.213 16276 (OVH)
1 91.228.74.226 16509 (AMAZON-02)
9 216.58.214.14 15169 (GOOGLE)
1 2 143.204.98.9 16509 (AMAZON-02)
1 142.250.185.99 15169 (GOOGLE)
1 2 142.250.185.194 15169 (GOOGLE)
1 142.250.186.70 15169 (GOOGLE)
4 142.250.185.138 15169 (GOOGLE)
1 142.250.186.36 15169 (GOOGLE)
1 142.250.184.193 15169 (GOOGLE)
1 172.217.16.150 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
1 2 91.228.74.134 16509 (AMAZON-02)
33 18
1    54.36.158.42 (Paris, France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
marchsailor4.xtgem.com
1    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
i.pinimg.com
1    192.124.249.105 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10105.sucuri.net
rainforestrealty.com
1    54.231.132.1 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
usm-feed-maine.s3.amazonaws.com
6    141.94.172.213 (France)

ASN16276 (OVH, FR)
4.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
9    216.58.214.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr26s05-in-f14.1e100.net
www.youtube.com
2    143.204.98.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net
rules.quantcount.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
static.doubleclick.net
4    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
jnn-pa.googleapis.com
1    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
1    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
yt3.ggpht.com
1    172.217.16.150 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f22.1e100.net
i.ytimg.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.gstatic.com
2    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
732 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 336
22 KB
4 xtgem.com
marchsailor4.xtgem.com
xtgem.com — Cisco Umbrella Rank: 180454
17 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
static.doubleclick.net — Cisco Umbrella Rank: 419
1 KB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 16339
pixel.quantserve.com — Cisco Umbrella Rank: 653
11 KB
3 xtstatic.com
4.thumbs.xtstatic.com — Cisco Umbrella Rank: 835494
enif.images.xtstatic.com — Cisco Umbrella Rank: 862720
cif.images.xtstatic.com — Cisco Umbrella Rank: 837379
3 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
18 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1160
857 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
65 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 191
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 20
14 KB
1 amazonaws.com
usm-feed-maine.s3.amazonaws.com
1 MB
1 rainforestrealty.com
rainforestrealty.com
147 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1814
73 KB
33 14
Domain Requested by
9 www.youtube.com marchsailor4.xtgem.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 xtgem.com marchsailor4.xtgem.com
2 pixel.quantserve.com 1 redirects marchsailor4.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 rules.quantcount.com 1 redirects marchsailor4.xtgem.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 cif.images.xtstatic.com marchsailor4.xtgem.com
1 enif.images.xtstatic.com marchsailor4.xtgem.com
1 edge.quantserve.com marchsailor4.xtgem.com
1 4.thumbs.xtstatic.com marchsailor4.xtgem.com
1 usm-feed-maine.s3.amazonaws.com marchsailor4.xtgem.com
1 rainforestrealty.com marchsailor4.xtgem.com
1 i.pinimg.com marchsailor4.xtgem.com
1 marchsailor4.xtgem.com
33 20

This site contains links to these domains. Also see Links.

Domain
spearbeer84.werite.net
xtgem.com
Subject Issuer Validity Valid
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
rainforestrealty.com
Go Daddy Secure Certificate Authority - G2		 2021-10-15 -
2022-10-15		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.xtgem.com
R3		 2022-04-25 -
2022-07-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Frame ID: F07561493D7287A02EDC4BC5EB348BFE
Requests: 10 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: F91B96DD6842684C6E970054212B79A8
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: A62A5A0E9853742440AC1507AD624A0A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/aSm13l3EpJU
Frame ID: 61AB099361A362CE644353F9E797B5B9
Requests: 19 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9tYXJjaHNhaWxvcjQueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTI2Njc2MjA1Jl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJtYXJjaHNhaWxvcjQueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: F0F75FD4C7C9C3B5A66CDAFE2BE8054A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The smart Trick of These Are The 10 Most Affordable Dallas Suburbs - Movoto That Nobody is Discussing - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

33
Requests

70 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

18
IPs

4
Countries

2334 kB
Transfer

4360 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 28
  • http://pixel.quantserve.com/pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-2032966540-1651662879638;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1651662879638;tzo=0;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-2032966540-1651662879638;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1651662879638;tzo=0;ogl=

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing
marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
574fc999b024c9ee5095ad6ed6477a55aa138588c6880cf8e20d686c40fb9f2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
7824
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 May 2022 11:14:37 GMT
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Pragma
no-cache
Vary
Host,Accept-Encoding
0701d5ca9e65daf2596d24fe3da14bb7.jpg
i.pinimg.com/736x/07/01/d5/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/07/01/d5/0701d5ca9e65daf2596d24fe3da14bb7.jpg
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6aafd1e38cc5c0c2e6d608b37084d1d1abfed75f6ebf0bbe66117cc5e7ae993d

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.926656b8.1651662878.30012bf
etag
"f302a6f8010039721d080b81c8c9ef0e"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
74323
Belize-Land-for-Sale-12-Acres-with-Two-Structures-3.JPG
rainforestrealty.com/wp-content/gallery/pineapple-hill-l291404tk/ 		146 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainforestrealty.com/wp-content/gallery/pineapple-hill-l291404tk/Belize-Land-for-Sale-12-Acres-with-Two-Structures-3.JPG
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.105 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10105.sucuri.net
Software
nginx /
Resource Hash
a1c925499bff69ac26d0e6bf6b8c955e96fe9d78f478c06d6fd9d050376b06b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 11:14:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Oct 2021 07:12:06 GMT
server
nginx
etag
"b417bd-24830-5ce4acbdad873"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
19005
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
149552
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
d62056910513580babcd04b876a108cc-1-.jpg
usm-feed-maine.s3.amazonaws.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usm-feed-maine.s3.amazonaws.com/d62056910513580babcd04b876a108cc-1-.jpg?1582306092
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.132.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
97b8b35807234142d9039f1b4cbccaae3da15e5a2e052bef8129ddf7f0190b32

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 May 2022 11:14:39 GMT
Last-Modified
Fri, 13 Nov 2020 09:03:54 GMT
Server
AmazonS3
x-amz-request-id
524BME1SS4CPBJ63
ETag
"ea529688252b37913fbb42cc5128db32"
Content-Type
image/jpeg
Accept-Ranges
bytes
x-amz-meta-usm-modified
2020-02-21 12:28:12
Content-Length
1258654
x-amz-id-2
mE1xbX0dg85DQiA71VmWaPPJJCDyUMXcop0R6lguDsYG7vDkbpKXPcmOtYu+Elu0vzZ5MJap4fU=
old-school-swatch-watches-21484.jpg
4.thumbs.xtstatic.com/100/50/-/402a207ac912cff61d3bcd8232a4634f/backtooldschool.xtgem.com/images/blog/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.thumbs.xtstatic.com/100/50/-/402a207ac912cff61d3bcd8232a4634f/backtooldschool.xtgem.com/images/blog/old-school-swatch-watches-21484.jpg
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d8c758c1449d174a41912e1b630769fee9ba65c3f1ed4a068f2e6ca877f5a338

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 May 2022 11:14:38 GMT
X-Ngz
1
Last-Modified
Wed, 14 Nov 2018 00:11:07 GMT
ETag
"765-0"
Sent-XS
0.000
Content-Type
image/jpeg
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Content-Length
1893
Expires
Fri, 06 May 2022 11:14:38 GMT
quant.js
edge.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 May 2022 11:14:38 GMT
Content-Encoding
gzip
Etag
"u2JtyZzqnTXwzBUswy2r+w=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 11 May 2022 11:14:38 GMT
tp.gif
enif.images.xtstatic.com/ Frame F91B 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://marchsailor4.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Wed, 04 May 2022 11:14:38 GMT
ETag
"2a-59774aa04e000"
Expires
Fri, 03 Jun 2022 11:14:38 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
tp.gif
cif.images.xtstatic.com/ Frame A62A 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://marchsailor4.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Wed, 04 May 2022 11:14:38 GMT
ETag
"2a-59774aa04e000"
Expires
Fri, 03 Jun 2022 11:14:38 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
aSm13l3EpJU
www.youtube.com/embed/ Frame 61AB 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/aSm13l3EpJU
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
ESF /
Resource Hash
19d81d85358690b2b54009b8ae54cc7f557471c698aea5542e805fc319da9e70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://marchsailor4.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Wed, 04 May 2022 11:14:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=is for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
__xt_authbar
xtgem.com/ Frame F0F7 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9tYXJjaHNhaWxvcjQueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTI2Njc2MjA1Jl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJtYXJjaHNhaWxvcjQueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
280dc03fc1fa8cd59968c83a0cd342f95edf9d840c82c8be71cbba6305a17f66

Request headers

Referer
http://marchsailor4.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
2936
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 May 2022 11:14:38 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Vary
Accept-Encoding
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://marchsailor4.xtgem.com/
Origin
http://marchsailor4.xtgem.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 May 2022 11:14:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 May 2022 11:14:38 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Fri, 03 Jun 2022 11:14:38 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
H2
Server
143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-9.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 03:26:41 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
age
28080
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
jP6IqJWHWTVZwkzS37wcOxmzlLwEIA39iDlc5yUDer1tm9gwLHllqw==

Redirect headers

Date
Wed, 04 May 2022 11:14:38 GMT
Via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
5SHtiSDVQCYEr6Tmw_yDzTWtkQ31qOatR-qkFSpbZZtfgIzVaEMJog==
www-player.css
www.youtube.com/s/player/dfe7ea14/ Frame 61AB 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfe7ea14/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
sffe /
Resource Hash
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 May 2022 15:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
158997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47149
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:13:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 May 2023 15:04:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 61AB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
86194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 03 May 2023 11:18:05 GMT
www-embed-player.js
www.youtube.com/s/player/dfe7ea14/www-embed-player.vflset/ Frame 61AB 		277 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfe7ea14/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
sffe /
Resource Hash
b7dbce7b6a67a928e71f7019520ebfebcb0ab55b5d68095460af58d7ecf77949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 May 2022 15:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
158997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87497
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:13:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 May 2023 15:04:41 GMT
base.js
www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/ Frame 61AB 		2 MB
526 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
sffe /
Resource Hash
e0dd3ab8b81d18be74b87dd734f6741420b1a1ca19eae4aeec6c4f36b2bdbe36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
154154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
537873
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:13:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 May 2023 16:25:24 GMT
fetch-polyfill.js
www.youtube.com/s/player/dfe7ea14/fetch-polyfill.vflset/ Frame 61AB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfe7ea14/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 May 2022 15:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
158997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:13:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 May 2023 15:04:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 61AB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
bc853cd90549d74b43f9e7096a705f55ccfa19e4688ebd23d5c06c4fa6712b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 11:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 04 May 2022 11:14:39 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 61AB 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 11:08:11 GMT
x-content-type-options
nosniff
age
388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 May 2022 11:23:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 04 May 2022 11:14:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 61AB 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
29cea0c583ec69e6a7fc1b33fffc57cebdf4e9b13d5100fc19bc2ecc5a7ece55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 04 May 2022 11:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22400
x-xss-protection
0
remote.js
www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/ Frame 61AB 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
sffe /
Resource Hash
6954bfce041e74e27758fca2dceafd7badbc8aa72fdbda94f374624e2d1bbcc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
154154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37604
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:13:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 May 2023 16:25:25 GMT
wvacUuC91pKIQAAituQ6bo9qbqvqQFp5U6For2zlVfY.js
www.google.com/js/th/ Frame 61AB 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/wvacUuC91pKIQAAituQ6bo9qbqvqQFp5U6For2zlVfY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
c2f69c52e0bdd69288400022b6e43a6e8f6a6eabea405a7953a168af6ce555f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 05:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
21844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13707
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 May 2023 05:10:35 GMT
embed.js
www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/ Frame 61AB 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
sffe /
Resource Hash
a4729f989a0349251f7d93689fbf9e15b876df723e442d978ac452a3309f0212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
154154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:13:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 May 2023 16:25:25 GMT
truncated
/ Frame 61AB 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLT-yexa44wYboGKAvHwyhP3XztUH1XyQrPMEOIG=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 61AB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLT-yexa44wYboGKAvHwyhP3XztUH1XyQrPMEOIG=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
fife /
Resource Hash
9f8cb37325ce2fb0c60834c7b75c1f9251922141284f2a304f429e0f4728f855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 10:46:52 GMT
x-content-type-options
nosniff
age
1667
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2256
x-xss-protection
0
server
fife
etag
"v1a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Apr 2022 13:08:46 GMT
sddefault.webp
i.ytimg.com/vi_webp/aSm13l3EpJU/ Frame 61AB 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/aSm13l3EpJU/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f22.1e100.net
Software
sffe /
Resource Hash
ec629107b41cf39e46875548b4a6adf49336cd0d153ac1b4189fa5bede39cc91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 10:46:52 GMT
x-content-type-options
nosniff
age
1667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65584
x-xss-protection
0
server
sffe
etag
"1651010070"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 04 May 2022 12:46:52 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 61AB 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 11:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 May 2022 11:14:39 GMT
pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-t...
  • https://pixel.quantserve.com/pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-...
35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-2032966540-1651662879638;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1651662879638;tzo=0;ogl=
Requested by
Host: marchsailor4.xtgem.com
URL: http://marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing?__xtblog_block_id=1
Protocol
H2
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://marchsailor4.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 11:14:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Date
Wed, 04 May 2022 11:14:40 GMT
Access-Control-Allow-Origin
*
Location
https://pixel.quantserve.com/pixel;r=1898287722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fmarchsailor4.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26676205-the-smart-trick-of-these-are-the-10-most-affordable-dallas-suburbs-movoto-that-nobody-is-discussing%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-2032966540-1651662879638;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1651662879638;tzo=0;ogl=
Cache-Control
private, no-transform, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 05 May 2022 11:14:40 GMT
generate_204
www.youtube.com/ Frame 61AB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Zbp--Q
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/aSm13l3EpJU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/aSm13l3EpJU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 May 2022 11:14:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 61AB 		98 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
e144e8ce280ffbcf0ba1aaa46963af3fdefbe5ab7b7a3d5d613388f2bd577a91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 04 May 2022 11:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 04 May 2022 11:14:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 61AB 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dfe7ea14/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr26s05-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/aSm13l3EpJU
X-YouTube-Client-Version
1.20220501.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtteUt2QXc1Z2gwYyiewMmTBg%3D%3D
X-YouTube-Ad-Signals
dt=1651662878919&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 04 May 2022 11:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 04 May 2022 11:14:42 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

7 Cookies

Domain/Path Name / Value
marchsailor4.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: 19008e79dd5b183dfc848c9efc4b9e34
.xtgem.com/ Name: _xta_vid
Value: e088e2bb328dbc150f77d64c7a64f654-1651662877
.youtube.com/ Name: YSC
Value: nGyZlU30gpc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: myKvAw5gh0c
.quantserve.com/ Name: mc
Value: 62726020-ae499-5216b-43ddd
.xtgem.com/ Name: __qca
Value: P0-2032966540-1651662879638

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.thumbs.xtstatic.com
cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.pinimg.com
i.ytimg.com
jnn-pa.googleapis.com
marchsailor4.xtgem.com
pixel.quantserve.com
rainforestrealty.com
rules.quantcount.com
static.doubleclick.net
usm-feed-maine.s3.amazonaws.com
www.google.com
www.gstatic.com
www.youtube.com
xtgem.com
yt3.ggpht.com
104.75.88.209
141.94.172.213
142.250.184.193
142.250.185.138
142.250.185.194
142.250.185.67
142.250.185.99
142.250.186.36
142.250.186.70
143.204.98.9
172.217.16.150
192.124.249.105
216.58.214.14
54.231.132.1
54.36.158.42
91.228.74.134
91.228.74.226
19d81d85358690b2b54009b8ae54cc7f557471c698aea5542e805fc319da9e70
280dc03fc1fa8cd59968c83a0cd342f95edf9d840c82c8be71cbba6305a17f66
29cea0c583ec69e6a7fc1b33fffc57cebdf4e9b13d5100fc19bc2ecc5a7ece55
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
574fc999b024c9ee5095ad6ed6477a55aa138588c6880cf8e20d686c40fb9f2a
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6954bfce041e74e27758fca2dceafd7badbc8aa72fdbda94f374624e2d1bbcc3
6aafd1e38cc5c0c2e6d608b37084d1d1abfed75f6ebf0bbe66117cc5e7ae993d
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
97b8b35807234142d9039f1b4cbccaae3da15e5a2e052bef8129ddf7f0190b32
9f8cb37325ce2fb0c60834c7b75c1f9251922141284f2a304f429e0f4728f855
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c925499bff69ac26d0e6bf6b8c955e96fe9d78f478c06d6fd9d050376b06b6
a4729f989a0349251f7d93689fbf9e15b876df723e442d978ac452a3309f0212
b7dbce7b6a67a928e71f7019520ebfebcb0ab55b5d68095460af58d7ecf77949
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
bc853cd90549d74b43f9e7096a705f55ccfa19e4688ebd23d5c06c4fa6712b09
c2f69c52e0bdd69288400022b6e43a6e8f6a6eabea405a7953a168af6ce555f6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8c758c1449d174a41912e1b630769fee9ba65c3f1ed4a068f2e6ca877f5a338
e0dd3ab8b81d18be74b87dd734f6741420b1a1ca19eae4aeec6c4f36b2bdbe36
e144e8ce280ffbcf0ba1aaa46963af3fdefbe5ab7b7a3d5d613388f2bd577a91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec629107b41cf39e46875548b4a6adf49336cd0d153ac1b4189fa5bede39cc91
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629