urlscan.io logo urlscan.io
SecurityTrails logo

whipbarber82.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_bloc...
Effective URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_bloc...
Submission: On October 01 via manual from ID — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 33 HTTP transactions. The main IP is 54.36.158.42, located in Paris, France and belongs to OVH, FR. The main domain is whipbarber82.xtgem.com.
This is the only time whipbarber82.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.36.158.42 16276 (OVH)
1 151.101.24.193 54113 (FASTLY)
6 141.94.172.213 16276 (OVH)
1 103.229.10.211 16509 (AMAZON-02)
9 142.251.12.136 15169 (GOOGLE)
1 2 13.33.33.118 16509 (AMAZON-02)
2 172.217.194.94 15169 (GOOGLE)
1 13.33.33.9 16509 (AMAZON-02)
1 103.229.10.171 16509 (AMAZON-02)
1 2 142.250.4.157 15169 (GOOGLE)
1 142.251.12.149 15169 (GOOGLE)
4 172.217.194.95 15169 (GOOGLE)
1 172.217.194.103 15169 (GOOGLE)
1 74.125.24.132 15169 (GOOGLE)
1 74.125.200.119 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
33 17
1    54.36.158.42 (Paris, France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
whipbarber82.xtgem.com
1    151.101.24.193 (Los Angeles, United States)

ASN54113 (FASTLY, US)
i.imgur.com
6    141.94.172.213 (France)

ASN16276 (OVH, FR)
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
1    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
9    142.251.12.136 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f136.1e100.net
www.youtube.com
2    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
2    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
1    13.33.33.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-9.sin2.r.cloudfront.net
pxl.qccerttest.com
1    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
googleads.g.doubleclick.net
1    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
static.doubleclick.net
4    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
jnn-pa.googleapis.com
1    172.217.194.103 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f103.1e100.net
www.google.com
1    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
yt3.ggpht.com
1    74.125.200.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f119.1e100.net
i.ytimg.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 95
797 KB
5 xtgem.com
whipbarber82.xtgem.com
xtgem.com — Cisco Umbrella Rank: 265816
25 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 275
30 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
static.doubleclick.net — Cisco Umbrella Rank: 342
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 861
1 KB
2 xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
656 B
2 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 14515
pixel.quantserve.com — Cisco Umbrella Rank: 417
11 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 118
43 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 228
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 993
550 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5961
64 KB
33 13
Domain Requested by
9 www.youtube.com whipbarber82.xtgem.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 xtgem.com whipbarber82.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 rules.quantcount.com 1 redirects whipbarber82.xtgem.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 pixel.quantserve.com whipbarber82.xtgem.com
1 pxl.qccerttest.com whipbarber82.xtgem.com
1 cif.images.xtstatic.com whipbarber82.xtgem.com
1 enif.images.xtstatic.com whipbarber82.xtgem.com
1 edge.quantserve.com whipbarber82.xtgem.com
1 i.imgur.com whipbarber82.xtgem.com
1 whipbarber82.xtgem.com
33 18

This site contains links to these domains. Also see Links.

Domain
easymoneyonlinereview.blogspot.com
xtgem.com
Subject Issuer Validity Valid
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.xtgem.com
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Frame ID: 01E9DCCAC0327D0904DB765D50C86E6E
Requests: 9 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 84047151A23B5B280279BA78248877AD
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 43202A011D91CC5667798FABE085E526
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ye4zDaEfUoc
Frame ID: A1EBF2027323794C0C38DA80B6326B73
Requests: 20 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC93aGlwYmFyYmVyODIueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTI5MTM5OTgxJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJ3aGlwYmFyYmVyODIueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: 9B735A67E833339A31E24D3568F6E4F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5 Ways to Earn Money by Traveling - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

33
Requests

73 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

1023 kB
Transfer

3238 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 18
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 29139981-5-ways-to-earn-money-by-traveling
whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
8c32d86bcf2a65ead06201f0b773f2f94385aa5524f86cc6b56f93cc0453c0ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
8275
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 04:18:54 GMT
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Pragma
no-cache
Vary
Host,Accept-Encoding
M8ZbqI2.jpg
i.imgur.com/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/M8ZbqI2.jpg
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3b416e6f52e4248429771d5c33893cc1d625437e3feecec60807374031b415b2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:18:55 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
73876
x-cache
HIT, MISS
content-length
64824
x-served-by
cache-iad-kcgs7200049-IAD, cache-lax10645-LGB
last-modified
Fri, 30 Sep 2022 07:44:27 GMT
server
cat factory 1.0
x-timer
S1664597935.165416,VS0,VE57
etag
"230b64d2f6442d3a4bc66bb42e6c75c3"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
4, 0
xtgem-forums.jpg
xtgem.com/images/forum/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/forum/xtgem-forums.jpg
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 04:18:55 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"20c8-59774aa04e000"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
8392
Expires
Mon, 31 Oct 2022 04:18:55 GMT
quant.js
edge.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 04:18:54 GMT
Content-Encoding
gzip
Etag
"+b0B6ncQDCugPb96DWf2QA=="
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 08 Oct 2022 04:18:54 GMT
tp.gif
enif.images.xtstatic.com/ Frame 8404 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://whipbarber82.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Sat, 01 Oct 2022 04:18:55 GMT
ETag
"2a-59774aa04e000"
Expires
Mon, 31 Oct 2022 04:18:55 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
tp.gif
cif.images.xtstatic.com/ Frame 4320 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://whipbarber82.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Sat, 01 Oct 2022 04:18:55 GMT
ETag
"2a-59774aa04e000"
Expires
Mon, 31 Oct 2022 04:18:55 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ye4zDaEfUoc
www.youtube.com/embed/ Frame A1EB 		67 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ye4zDaEfUoc
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
ESF /
Resource Hash
6617d6b4069faade7b002fb4aed40e5b4073c02d0f3c3f35b47de583425c9d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://whipbarber82.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 01 Oct 2022 04:18:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
__xt_authbar
xtgem.com/ Frame 9B73 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC93aGlwYmFyYmVyODIueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTI5MTM5OTgxJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJ3aGlwYmFyYmVyODIueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
81f96859788e67fa8c612b5f3097d4b1f9b7a7744e3ee0cba89609a8e53a75bd

Request headers

Referer
http://whipbarber82.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
2934
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 04:18:55 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Vary
Accept-Encoding
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://whipbarber82.xtgem.com/
Origin
http://whipbarber82.xtgem.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 04:18:55 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 04:18:55 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Mon, 31 Oct 2022 04:18:55 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
H2
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
927b2192b0a42834e25d6eb5cb51f21badd183704d1ce8cb71750b1ba042da86

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 03:47:02 GMT
via
1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1915
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Sun, 28 Aug 2022 09:07:03 GMT
server
AmazonS3
etag
"e58725dc50dbd527cc5c5339221ad344"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9NYJrenA-ozPnZAbH99OTPxouqf2z2yDSspnXCMX2TQTrVgD08gR0g==

Redirect headers

Date
Sat, 01 Oct 2022 04:18:55 GMT
Via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
WRncGoxqg2BgHzdqJuudRGgn3bP0APHg5jiPEZHuPsZtlCJ4M_mCBw==
www-player.css
www.youtube.com/s/player/a336babc/ Frame A1EB 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a336babc/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
sffe /
Resource Hash
015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
134566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49958
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1EB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 03:40:43 GMT
x-content-type-options
nosniff
age
2292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 03:40:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1EB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 19:59:02 GMT
x-content-type-options
nosniff
age
29993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 19:59:02 GMT
www-embed-player.js
www.youtube.com/s/player/a336babc/www-embed-player.vflset/ Frame A1EB 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
sffe /
Resource Hash
1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
134566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97177
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:09 GMT
base.js
www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/ Frame A1EB 		2 MB
578 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
sffe /
Resource Hash
780d1f87d8b5e2ba546bad71b04ef402b518efb04e2ad783520e205fb3b1226d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 15:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
133846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
591689
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 15:08:09 GMT
fetch-polyfill.js
www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/ Frame A1EB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
134566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:09 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1210404424;fpan=1;fpa=P0-760653698-1664597936015;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=xtgem.com;dst=0;et=1664597936015;tzo=0;url=http%3A%2F%2Fwhipbarber82.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F29139981-5-ways-to-earn-money-by-traveling%3F__xtblog_block_id%3D1%23xt_blog;ogl=
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-9.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 10:38:02 GMT
via
1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P1
age
63655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
34Z1b5W3cFMfFSWmzJXuBYwsJjq2D-AeowCvRETNBuGAjA_kXwJ8AA==
pixel;r=945947578;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwhipbarber82.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F29139981-5-ways-to-earn-money-by-traveling%3F__xtblog_block_id%3D1%2...
pixel.quantserve.com/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=945947578;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwhipbarber82.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F29139981-5-ways-to-earn-money-by-traveling%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=0;fpa=P0-760653698-1664597936015;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=xtgem.com;dst=0;et=1664597936017;tzo=0;ogl=;ses=ad430bbb-7590-4dfc-be47-fc500a6a4694
Requested by
Host: whipbarber82.xtgem.com
URL: http://whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/29139981-5-ways-to-earn-money-by-traveling?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://whipbarber82.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 04:18:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A1EB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
092a09f12c788fc8259afac2a4e28468af7fb7523c6449aefdd9ef048a82fbbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 01 Oct 2022 04:18:56 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A1EB 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:04:57 GMT
x-content-type-options
nosniff
age
839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Oct 2022 04:19:57 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 01 Oct 2022 04:18:56 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1EB 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
39cafe0109d6e2b2fe07f2737485ec2af897b5d80376d3ab3f9fa7e7190c70bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 01 Oct 2022 04:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30671
x-xss-protection
0
remote.js
www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/ Frame A1EB 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
sffe /
Resource Hash
2deca0aac569529585ce5fa3997b4f1a2d290e6045276c1de14c3f5e5123fda1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 15:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
133821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37032
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 15:08:35 GMT
nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js
www.google.com/js/th/ Frame A1EB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
sffe /
Resource Hash
9eb4cf605d4c796856e6efb5bab89c1c954976c908091b854e48efeb4504880b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 06:58:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
249606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14144
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 15:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 06:58:50 GMT
embed.js
www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/ Frame A1EB 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
sffe /
Resource Hash
f05d7b60f16b7a5fa8991a89692818022ee99f4c9da858eae2f1cd6a6049df04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 15:08:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
133839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8048
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 15:08:17 GMT
truncated
/ Frame A1EB 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu9rsd0RgaPo-V-3iHYHalmZbnOsBCIMTBHjZih1Iw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A1EB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu9rsd0RgaPo-V-3iHYHalmZbnOsBCIMTBHjZih1Iw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
fife /
Resource Hash
ce9b89e2c5fe84b9567088e7ec4cd02067589f92681dc537bc198d552993a093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:38:50 GMT
x-content-type-options
nosniff
age
9606
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2110
x-xss-protection
0
server
fife
etag
"v461"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 10 Sep 2022 22:06:57 GMT
sddefault.jpg
i.ytimg.com/vi/ye4zDaEfUoc/ Frame A1EB 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ye4zDaEfUoc/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f119.1e100.net
Software
sffe /
Resource Hash
df1bd6983a0506202a5963f25249eff2f511ff5c6eaad9453a98532104530962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:18:56 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42980
x-xss-protection
0
server
sffe
etag
"1591537379"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Oct 2022 06:18:56 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A1EB 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 04:18:57 GMT
generate_204
www.youtube.com/ Frame A1EB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?c6UUMw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ye4zDaEfUoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:18:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1EB 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
6fe3264ec5715f1cf3a5d338f55ef61db99e19389e8b0f7ddddaade7fdf71759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 01 Oct 2022 04:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 01 Oct 2022 04:18:57 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame A1EB 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f136.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time
1664597939261
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ye4zDaEfUoc
X-YouTube-Client-Version
1.20220928.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs0Y25GSXl5UGp0RSiv_96ZBg%3D%3D
X-YouTube-Ad-Signals
dt=1664597935842&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C546%2C305&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 01 Oct 2022 04:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

8 Cookies

Domain/Path Name / Value
whipbarber82.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: d90c2f9bbfa72076264fa3e9502c5e16
.xtgem.com/ Name: _xta_vid
Value: ec428d309fd45a4d389876929783f67a-1664597934
.youtube.com/ Name: YSC
Value: 4mf00LbfcQo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4cnFIyyPjtE
whipbarber82.xtgem.com/ Name: qcSxc
Value: 1664597936018
.quantserve.com/ Name: mc
Value: 6337bfb0-7b7f6-7f389-29d75
.xtgem.com/ Name: __qca
Value: P0-760653698-1664597936015

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
pixel.quantserve.com
pxl.qccerttest.com
rules.quantcount.com
static.doubleclick.net
whipbarber82.xtgem.com
www.google.com
www.gstatic.com
www.youtube.com
xtgem.com
yt3.ggpht.com
103.229.10.171
103.229.10.211
13.33.33.118
13.33.33.9
141.94.172.213
142.250.4.157
142.251.12.136
142.251.12.149
151.101.24.193
172.217.194.103
172.217.194.94
172.217.194.95
54.36.158.42
74.125.200.119
74.125.24.132
74.125.24.94
015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6
092a09f12c788fc8259afac2a4e28468af7fb7523c6449aefdd9ef048a82fbbe
1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f
2deca0aac569529585ce5fa3997b4f1a2d290e6045276c1de14c3f5e5123fda1
39cafe0109d6e2b2fe07f2737485ec2af897b5d80376d3ab3f9fa7e7190c70bf
3b416e6f52e4248429771d5c33893cc1d625437e3feecec60807374031b415b2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6617d6b4069faade7b002fb4aed40e5b4073c02d0f3c3f35b47de583425c9d53
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6fe3264ec5715f1cf3a5d338f55ef61db99e19389e8b0f7ddddaade7fdf71759
780d1f87d8b5e2ba546bad71b04ef402b518efb04e2ad783520e205fb3b1226d
81f96859788e67fa8c612b5f3097d4b1f9b7a7744e3ee0cba89609a8e53a75bd
8c32d86bcf2a65ead06201f0b773f2f94385aa5524f86cc6b56f93cc0453c0ed
927b2192b0a42834e25d6eb5cb51f21badd183704d1ce8cb71750b1ba042da86
9eb4cf605d4c796856e6efb5bab89c1c954976c908091b854e48efeb4504880b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ce9b89e2c5fe84b9567088e7ec4cd02067589f92681dc537bc198d552993a093
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
df1bd6983a0506202a5963f25249eff2f511ff5c6eaad9453a98532104530962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d7b60f16b7a5fa8991a89692818022ee99f4c9da858eae2f1cd6a6049df04