urlscan.io logo urlscan.io
SecurityTrails logo

juneskiing84.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_i...
Effective URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Submission: On January 20 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 49 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is juneskiing84.xtgem.com.
This is the only time juneskiing84.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.36.158.42 16276 (OVH)
1 23.49.60.192 20940 (AKAMAI-ASN1)
6 141.94.172.213 16276 (OVH)
1 103.229.10.192 16509 (AMAZON-02)
8 74.125.200.91 15169 (GOOGLE)
5 142.250.4.103 15169 (GOOGLE)
1 1 13.227.254.2 16509 (AMAZON-02)
1 13.227.254.11 16509 (AMAZON-02)
2 74.125.24.94 15169 (GOOGLE)
14 172.253.118.95 15169 (GOOGLE)
1 103.229.10.171 16509 (AMAZON-02)
2 172.217.194.94 15169 (GOOGLE)
1 2 142.251.12.156 15169 (GOOGLE)
1 74.125.68.148 15169 (GOOGLE)
1 172.217.194.95 15169 (GOOGLE)
1 74.125.24.132 15169 (GOOGLE)
1 74.125.200.119 15169 (GOOGLE)
1 142.250.4.95 ()
49 18
1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
juneskiing84.xtgem.com
1    23.49.60.192 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-192.deploy.static.akamaitechnologies.com
postfiles7.naver.net
6    141.94.172.213 (France)

ASN16276 (OVH, FR)
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
1    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
8    74.125.200.91 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f91.1e100.net
www.youtube.com
5    142.250.4.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f103.1e100.net
www.google.com
1    13.227.254.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-2.sin52.r.cloudfront.net
rules.quantcount.com
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
2    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
14    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
maps.googleapis.com
jnn-pa.googleapis.com
1    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
maps.gstatic.com
www.gstatic.com
2    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
googleads.g.doubleclick.net
1    74.125.68.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f148.1e100.net
static.doubleclick.net
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
jnn-pa.googleapis.com
1    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
yt3.ggpht.com
1    74.125.200.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f119.1e100.net
i.ytimg.com
1    142.250.4.95 (None, )

ASN- ()
khms0.googleapis.com
Apex Domain
Subdomains		 Transfer
16 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 350
jnn-pa.googleapis.com — Cisco Umbrella Rank: 188
khms0.googleapis.com
272 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
830 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
34 KB
5 xtgem.com
juneskiing84.xtgem.com
xtgem.com — Cisco Umbrella Rank: 266195
24 KB
4 gstatic.com
fonts.gstatic.com
maps.gstatic.com
www.gstatic.com
102 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 210
1 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 870
1 KB
2 xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
656 B
2 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 16061
pixel.quantserve.com — Cisco Umbrella Rank: 662
11 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 90
19 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 233
4 KB
1 naver.net
postfiles7.naver.net
49 12
Domain Requested by
11 maps.googleapis.com www.google.com
maps.googleapis.com
juneskiing84.xtgem.com
8 www.youtube.com juneskiing84.xtgem.com
www.youtube.com
5 www.google.com juneskiing84.xtgem.com
www.youtube.com
maps.googleapis.com
4 jnn-pa.googleapis.com www.youtube.com
4 xtgem.com juneskiing84.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 rules.quantcount.com 1 redirects juneskiing84.xtgem.com
1 khms0.googleapis.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 maps.gstatic.com www.google.com
1 pixel.quantserve.com juneskiing84.xtgem.com
1 cif.images.xtstatic.com juneskiing84.xtgem.com
1 enif.images.xtstatic.com juneskiing84.xtgem.com
1 edge.quantserve.com juneskiing84.xtgem.com
1 postfiles7.naver.net juneskiing84.xtgem.com
1 juneskiing84.xtgem.com
49 20

This site contains links to these domains. Also see Links.

Domain
xtgem.com
Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.xtgem.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Frame ID: C0C7E652308E694E6E41D5830B6170E2
Requests: 8 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: FFEFD31E2BAE365BF48112973764FEDD
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 6DD7DEC7C48154D0E5F41FDBCA1656BB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Frame ID: 4E7DFC119757D8785F4367C4F1F4ED1D
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
Frame ID: 33D5130F6BA5993B3BD0984453CD9000
Requests: 19 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9qdW5lc2tpaW5nODQueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTMxNzg2NjE5Jl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJqdW5lc2tpaW5nODQueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: 0C504570AAE98AB452D35D9E00F99135
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

giftvoucherpayment - An Overview - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

49
Requests

78 %
HTTPS

0 %
IPv6

12
Domains

20
Subdomains

18
IPs

3
Countries

1297 kB
Transfer

4306 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.youtube.com/embed/qZpIRUvRHnQ?t=2 HTTP 307
  • https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Request Chain 10
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 21
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 31786619-giftvoucherpayment-an-overview
juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
24613da3d76ccf74b0a045a9144cee7369e3f871685675ed71ffdca5bb8e24a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
6259
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Jan 2023 15:53:15 GMT
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Pragma
no-cache
Vary
Host,Accept-Encoding
2016-04-11_17%3B15%3B27.jpg
postfiles7.naver.net/20160412_6/whymarketing0122_1460437029057QxI97_JPEG/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://postfiles7.naver.net/20160412_6/whymarketing0122_1460437029057QxI97_JPEG/2016-04-11_17%3B15%3B27.jpg?type=w1
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
23.49.60.192 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://juneskiing84.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
xtgem-forums.jpg
xtgem.com/images/forum/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/forum/xtgem-forums.jpg
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://juneskiing84.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 15:53:16 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"20c8-59774aa04e000"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
8392
Expires
Sun, 19 Feb 2023 15:53:16 GMT
quant.js
edge.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://juneskiing84.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 15:53:16 GMT
Content-Encoding
gzip
Etag
"OVi4z6W4qM+KoQEZlRgh5w=="
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 27 Jan 2023 15:53:16 GMT
tp.gif
enif.images.xtstatic.com/ Frame FFEF 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://juneskiing84.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Fri, 20 Jan 2023 15:53:16 GMT
ETag
"2a-59774aa04e000"
Expires
Sun, 19 Feb 2023 15:53:16 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
tp.gif
cif.images.xtstatic.com/ Frame 6DD7 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://juneskiing84.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Fri, 20 Jan 2023 15:53:16 GMT
ETag
"2a-59774aa04e000"
Expires
Sun, 19 Feb 2023 15:53:16 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
qZpIRUvRHnQ
www.youtube.com/embed/ Frame 4E7D
Redirect Chain
  • http://www.youtube.com/embed/qZpIRUvRHnQ?t=2
  • https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
68 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
ESF /
Resource Hash
248322095773a9c5a0feb7e4fe423395435ed38abb193b5d7b14e5b1927553f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://juneskiing84.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 15:53:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Non-Authoritative-Reason
HSTS
embed
www.google.com/maps/ Frame 33D5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
mafe /
Resource Hash
974b96e3d0a8fa7768a1500e7d4f4f396c542119f56f9593143fde3d24ddcad4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-VhUDTN6hEL2owXb1EVJQ2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

Referer
http://juneskiing84.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1510
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-VhUDTN6hEL2owXb1EVJQ2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 15:53:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
mafe
server-timing
gfet4t7; dur=168
vary
Accept-Language
x-xss-protection
0
__xt_authbar
xtgem.com/ Frame 0C50 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9qdW5lc2tpaW5nODQueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTMxNzg2NjE5Jl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJqdW5lc2tpaW5nODQueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bb5fce15cfe98e6cbc4cbd22dfc79a1bb68dd4569032c679380cd74c379ad974

Request headers

Referer
http://juneskiing84.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
2936
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Jan 2023 15:53:16 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Vary
Accept-Encoding
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://juneskiing84.xtgem.com/
Origin
http://juneskiing84.xtgem.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 15:53:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://juneskiing84.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 15:53:16 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Sun, 19 Feb 2023 15:53:16 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
H2
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://juneskiing84.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:37:23 GMT
via
1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:42:04 GMT
server
AmazonS3
etag
"2440f0fe7f89d580c051f453f7cc5d22"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
qvSV-M4UXVrSzuen9Z62febBSQJHK9u2l3ar92-HwoSHo5LdCMEAUQ==

Redirect headers

Date
Fri, 20 Jan 2023 15:53:16 GMT
Via
1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
SIN52-C3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
F5dOooTAq8Q9gtj6CpTYW92MYEUOfvj-REWv4QvA4O9Iq-LCfFAoag==
www-player.css
www.youtube.com/s/player/4248d311/ Frame 4E7D 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
sffe /
Resource Hash
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:05:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
85681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49911
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 Jan 2024 16:05:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E7D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 15:46:49 GMT
x-content-type-options
nosniff
age
345988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 15:46:49 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4E7D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 05:03:53 GMT
x-content-type-options
nosniff
age
384564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 05:03:53 GMT
js
maps.googleapis.com/maps/api/ Frame 33D5 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
mafe /
Resource Hash
6352c57cc81e547fcc09ec90f0508644df3298cd5ca20e88bedac025bf771d58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:17 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=14
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56025
x-xss-protection
0
expires
Fri, 20 Jan 2023 16:23:17 GMT
www-embed-player.js
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 4E7D 		342 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
sffe /
Resource Hash
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:05:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
85664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109432
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 Jan 2024 16:05:33 GMT
base.js
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 4E7D 		2 MB
597 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
sffe /
Resource Hash
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
85694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
611243
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 Jan 2024 16:05:03 GMT
fetch-polyfill.js
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 4E7D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 02:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
48121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 20 Jan 2024 02:31:16 GMT
pixel;r=1246050640;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fjuneskiing84.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F31786619-giftvoucherpayment-an-overview%3F__xtblog_block_id%3D1%23x...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1246050640;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fjuneskiing84.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F31786619-giftvoucherpayment-an-overview%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-1265137752-1674229996173;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=xtgem.com;dst=0;et=1674229997805;tzo=0;ogl=;ses=a3fa6881-cb3f-4aff-9b8c-3b7171abbd95
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://juneskiing84.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 15:53:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 33D5 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/51/6/intl/en_gb/ Frame 33D5 		222 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/51/6/intl/en_gb/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
927347a3f7482e39634264833314a535945e1a96256ace6f1ef80ad1a695a7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 20:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69386
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 20:36:35 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4E7D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
c251ad22a59909054ee62421cd12b4f1b99bb9dd86ee7e8fe7526f4a136a7b71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 20 Jan 2023 15:53:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4E7D 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:50:06 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 16:05:06 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 20 Jan 2023 15:53:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4E7D 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
193d2199886781421180b67d8a1ee8e3df731fe7e561938cf0ed746b304d8dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 20 Jan 2023 15:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31135
x-xss-protection
0
remote.js
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 4E7D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
sffe /
Resource Hash
f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:13:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
85210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37215
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 Jan 2024 16:13:08 GMT
Bdw2VvWHBnLyaZnICW60B-ZF7DgMaGaXgSsIEsc-hUM.js
www.google.com/js/th/ Frame 4E7D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Bdw2VvWHBnLyaZnICW60B-ZF7DgMaGaXgSsIEsc-hUM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
sffe /
Resource Hash
05dc3656f5870672f26999c8096eb407e645ec380c686697812b0812c73e8543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 22:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
61819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14360
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 15:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 22:43:00 GMT
embed.js
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 4E7D 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
sffe /
Resource Hash
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 06:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
464716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8333
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 15 Jan 2024 06:48:03 GMT
truncated
/ Frame 4E7D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_8fB8a0wWRXPxXpu9_ldKMpLoN3JkpsSKB1cYg9g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4E7D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_8fB8a0wWRXPxXpu9_ldKMpLoN3JkpsSKB1cYg9g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
fife /
Resource Hash
adaeb2d791d1e7289c0044d4392e653508e97e1f9ab5d96699ae43e04acea21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:25:37 GMT
x-content-type-options
nosniff
age
5262
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3997
x-xss-protection
0
server
fife
etag
"v1b8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 21 Jan 2023 14:25:37 GMT
sddefault.webp
i.ytimg.com/vi_webp/qZpIRUvRHnQ/ Frame 4E7D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/qZpIRUvRHnQ/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f119.1e100.net
Software
sffe /
Resource Hash
2ccee3a7957bb31bbc236bbbaae62050902380fc5f7bb6cd6f50c855250f3321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:45:58 GMT
x-content-type-options
nosniff
age
4041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19018
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Jan 2023 16:45:58 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4E7D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 15:53:19 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 33D5 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
bbeee5045a5e289de2ee33ca8c453f85d79ccbb0b951f2ffe5f00da786145468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 13:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77371
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 13:40:23 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 33D5 		157 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
51170d11b56d3ca82a0d8475d7fa0a89f6476c135b59e2a6fa4ec9ff0585bc12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 20:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59325
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 20:31:11 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 33D5 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
7f318fe2bed380515c3409a139d311e4150b52f0fc536cfddcddb733ad3eceaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 20:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27375
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 20:31:11 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 33D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
6edde9a4553ca6fcb40d39e3f516eccce24c4aa1213c53a032e432e31d113c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 20:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1377
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 20:31:54 GMT
truncated
/ Frame 33D5 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 33D5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i6856&2i3147&2e1&3u5&4m2&1u300&2u150&5m6&1e0&5sen-NZ&6skr&10b1&12b1&14i1379903&client=google-maps-embed&token=91651
Requested by
Host: juneskiing84.xtgem.com
URL: http://juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/31786619-giftvoucherpayment-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
adfe7ddfc892553f59280c4b221d75b6ba86947558ca711da0420e15eae42855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:19 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9765
x-xss-protection
0
expires
Sat, 21 Jan 2023 15:53:19 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 33D5 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
a543212f60528529154e14b5d50ac8944156f4d90d3f4ca36a072266702d4b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 22:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10011
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 22:59:53 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 33D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&region=kr&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
6b05d7e56e2187a7121bb1028d3a96b98ec3f5f20de9d8aa3eaf4d9efe4bdac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 20:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1404
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 20:54:45 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4E7D 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
234ce0e7d9c27ad4cb5cfcdeac15dd4656cb136f463b25515bc72a3c0ec492b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 20 Jan 2023 15:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 20 Jan 2023 15:53:19 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
generate_204
www.youtube.com/ Frame 4E7D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?8WrjSQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f91.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 33D5 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d27.255196233286707&2d107.95195370831206&2m2&1d43.822080218225686&2d148.03312463961603&2u5&4sen-NZ&5e0&6sm%40630000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._tbbod2&client=google-maps-embed&token=71243
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
mafe /
Resource Hash
b6beba28d400ca509374dd1145673d01af6b65c4ab8d748ecb1367c5b57673c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 15:53:20 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3011
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kh
khms0.googleapis.com/ Frame 33D5 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://khms0.googleapis.com/kh?v=938&hl=en-NZ&gl=KR&x=6&y=3&z=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 -, , ASN (),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:21 GMT
x-content-type-options
nosniff
last-modified
Fri, 1 Jan 2010 01:00:00 GMT
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11258
x-xss-protection
0
expires
Sat, 20 Jan 2024 15:53:21 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 33D5 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=74122
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
mafe /
Resource Hash
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 15:53:20 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vt
www.google.com/maps/ Frame 33D5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/maps/vt?pb=!1m5!1m4!1i5!2i27!3i12!4i256!2m3!1e0!2sm!3i630369002!2m35!1e2!2sspotlight!5i1!8m31!1m2!12m1!20e1!2m6!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!4m2!3d35.81905!4d127.8733!5e5!11e11!13m12!2sa!14b1!18m5!6b0!9b0!20b1!21b1!22b0!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!3m12!2sen-NZ!3sKR!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&client=google-maps-embed&token=107221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
79ccb39a77b38366d01a4c7d30a50a57e59a1998f13a5db147c022341ba5aa1c
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:20 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=92
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17491
x-xss-protection
0
x-server-version-bin
CggIBBDvzKGeBgoICAUQpMnynQY=
server
scaffolding on HTTPServer2
etag
07e4f7397c737cda6
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=300
expires
Fri, 20 Jan 2023 15:58:20 GMT
vt
www.google.com/maps/ Frame 33D5 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/maps/vt?pb=!1m5!1m4!1i5!2i26!3i12!4i256!2m3!1e0!2sm!3i630369002!2m35!1e2!2sspotlight!5i1!8m31!1m2!12m1!20e1!2m6!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!4m2!3d35.81905!4d127.8733!5e5!11e11!13m12!2sa!14b1!18m5!6b0!9b0!20b1!21b1!22b0!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!3m12!2sen-NZ!3sKR!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&client=google-maps-embed&token=44802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:20 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35197
x-xss-protection
0
x-server-version-bin
CggIBBDvzKGeBgoICAUQpMnynQY=
server
scaffolding on HTTPServer2
etag
0b276d96f64415b41
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=300
expires
Fri, 20 Jan 2023 15:58:20 GMT
vt
www.google.com/maps/ Frame 33D5 		167 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/vt?pb=!1m4!1m3!1i5!2i26!3i12!1m4!1m3!1i5!2i27!3i12!2m3!1e0!2sm!3i630369026!2m35!1e2!2sspotlight!5i1!8m31!1m2!12m1!20e1!2m6!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!4m2!3d35.81905!4d127.8733!5e5!11e11!13m12!2sa!14b1!18m5!6b0!9b0!20b1!21b1!22b0!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!3m12!2sen-NZ!3sKR!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1!23i1379903&client=google-maps-embed&token=31086
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/util.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
b31cab43648f4b766b8765c2614d2b5c61406a779912bb04d41d2271f0c5b10b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3312866.4332525562!2d127.8733!3d35.81905!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x72608dcf0a0489b2!2z7IOB7ZKI6raM7YyQ64ukIC0g7Lus7LOQ656c65OcLO2VtO2UvOuouOuLiCDrrLjtmZTsg4Htkojqtowg7YyQ66ekIOy5tOuTnOqysOygnCztnLTrjIDtj7DshozslaHqsrDsoJwg6rCA64ql!5e0!3m2!1sko!2skr!4v1673769010442!%20%3Ca%20href=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:53:20 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=76
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
x-server-version-bin
CggIBBDvzKGeBgoICAUQpMnynQY=
server
scaffolding on HTTPServer2
etag
0b740b669cd6c8047
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
private, max-age=300
expires
Fri, 20 Jan 2023 15:53:20 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 33D5 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s4pbcad&10e1&11b0&callback=_xdc_._c23y2t&client=google-maps-embed&token=6441

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontentvisibilityautostatechange object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions

8 Cookies

Domain/Path Name / Value
juneskiing84.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: 0da3fb663d4147d33948842bd08ba418
.xtgem.com/ Name: _xta_vid
Value: 93a00a7289d034930a1abb4fc85285d5-1674229995
.youtube.com/ Name: YSC
Value: h5sbJn_XSlI
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU1TURjMk16QTNPVFUyT0RJek1qWXhPUT09EOzxqp4GGOzxqp4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wtL2WFvG6q8
.quantserve.com/ Name: mc
Value: 63cab8ee-61e40-29c81-72aa7
.xtgem.com/ Name: __qca
Value: P0-1265137752-1674229996173

1 Console Messages

Source Level URL
Text
network error URL: http://postfiles7.naver.net/20160412_6/whymarketing0122_1460437029057QxI97_JPEG/2016-04-11_17%3B15%3B27.jpg?type=w1
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
juneskiing84.xtgem.com
khms0.googleapis.com
maps.googleapis.com
maps.gstatic.com
pixel.quantserve.com
postfiles7.naver.net
rules.quantcount.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
xtgem.com
yt3.ggpht.com
maps.googleapis.com
103.229.10.171
103.229.10.192
13.227.254.11
13.227.254.2
141.94.172.213
142.250.4.103
142.250.4.95
142.251.12.156
172.217.194.94
172.217.194.95
172.253.118.95
23.49.60.192
54.36.158.42
74.125.200.119
74.125.200.91
74.125.24.132
74.125.24.94
74.125.68.148
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
05dc3656f5870672f26999c8096eb407e645ec380c686697812b0812c73e8543
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f
193d2199886781421180b67d8a1ee8e3df731fe7e561938cf0ed746b304d8dbd
234ce0e7d9c27ad4cb5cfcdeac15dd4656cb136f463b25515bc72a3c0ec492b2
24613da3d76ccf74b0a045a9144cee7369e3f871685675ed71ffdca5bb8e24a8
248322095773a9c5a0feb7e4fe423395435ed38abb193b5d7b14e5b1927553f5
2ccee3a7957bb31bbc236bbbaae62050902380fc5f7bb6cd6f50c855250f3321
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
51170d11b56d3ca82a0d8475d7fa0a89f6476c135b59e2a6fa4ec9ff0585bc12
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
6352c57cc81e547fcc09ec90f0508644df3298cd5ca20e88bedac025bf771d58
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b05d7e56e2187a7121bb1028d3a96b98ec3f5f20de9d8aa3eaf4d9efe4bdac9
6edde9a4553ca6fcb40d39e3f516eccce24c4aa1213c53a032e432e31d113c19
79ccb39a77b38366d01a4c7d30a50a57e59a1998f13a5db147c022341ba5aa1c
7f318fe2bed380515c3409a139d311e4150b52f0fc536cfddcddb733ad3eceaa
927347a3f7482e39634264833314a535945e1a96256ace6f1ef80ad1a695a7fb
974b96e3d0a8fa7768a1500e7d4f4f396c542119f56f9593143fde3d24ddcad4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a543212f60528529154e14b5d50ac8944156f4d90d3f4ca36a072266702d4b10
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
adaeb2d791d1e7289c0044d4392e653508e97e1f9ab5d96699ae43e04acea21d
adfe7ddfc892553f59280c4b221d75b6ba86947558ca711da0420e15eae42855
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b31cab43648f4b766b8765c2614d2b5c61406a779912bb04d41d2271f0c5b10b
b6beba28d400ca509374dd1145673d01af6b65c4ab8d748ecb1367c5b57673c0
bb5fce15cfe98e6cbc4cbd22dfc79a1bb68dd4569032c679380cd74c379ad974
bbeee5045a5e289de2ee33ca8c453f85d79ccbb0b951f2ffe5f00da786145468
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
c251ad22a59909054ee62421cd12b4f1b99bb9dd86ee7e8fe7526f4a136a7b71
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856