urlscan.io logo urlscan.io
SecurityTrails logo

platedelete5.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativ...
Effective URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativ...
Submission: On June 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 29 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is platedelete5.xtgem.com.
This is the only time platedelete5.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
platedelete5.xtgem.com
1    62.138.49.18 (Leeds, United Kingdom)

ASN20738 (GD-EMEA-DC-LD5, DE)
www.oils4life.co.uk
1    2a04:4e42:a00::268 (United States)

ASN54113 (FASTLY, US)
cdn.shopify.com
1    165.254.56.75 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.com
6    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
4.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
9    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2600:9000:2104:1600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
9 www.youtube.com platedelete5.xtgem.com
www.youtube.com
3 xtgem.com platedelete5.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 pixel.quantserve.com 1 redirects platedelete5.xtgem.com
2 rules.quantcount.com 1 redirects platedelete5.xtgem.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 cif.images.xtstatic.com platedelete5.xtgem.com
1 enif.images.xtstatic.com platedelete5.xtgem.com
1 edge.quantserve.com platedelete5.xtgem.com
1 4.thumbs.xtstatic.com platedelete5.xtgem.com
1 www.elfcosmetics.com platedelete5.xtgem.com
1 cdn.shopify.com platedelete5.xtgem.com
1 www.oils4life.co.uk platedelete5.xtgem.com
1 platedelete5.xtgem.com
29 19

This site contains links to these domains. Also see Links.

Domain
berman-niemann.technetbloggers.de
xtgem.com
Subject Issuer Validity Valid
*.oils4life.co.uk
Starfield Secure Certificate Authority - G2		 2020-12-12 -
2021-12-27		 a year crt.sh
cdn.shopify.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-30 -
2021-10-29		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.xtgem.com
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Frame ID: E9BDA4D854A6FEA42349B9AB4324C065
Requests: 10 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 7DE270EE4497BC9B919E7606628902BD
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: F1564A99987865CE402EF8FAAAF70521
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ANuuhfadIZA
Frame ID: 00A85D4BD06DAB71AA5120724557A04F
Requests: 17 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9wbGF0ZWRlbGV0ZTUueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTIxODY5NzUwJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJwbGF0ZWRlbGV0ZTUueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: D1BB0156732BC2153E15C8DF06C8134A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

29
Requests

76 %
HTTPS

69 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

887 kB
Transfer

2718 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 17
  • http://pixel.quantserve.com/pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-253535291-1624172462838;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1624172462838;tzo=-120;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-253535291-1624172462838;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1624172462838;tzo=-120;ogl=
Request Chain 18
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil
platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
dc2dc4cf1ca947861f48953d049a819206ae0ced474f900c6590720366e91f63

Request headers

Host
platedelete5.xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 07:00:58 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=2ab1da5b264e8f0afc71efe53a16d12b; expires=Tue, 20-Jun-2023 07:01:02 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly _xta_vid=0e1f4bc0e84add9d20a6a0aded72fd73-1624172462; expires=Sun, 20-Jun-2021 07:31:02 GMT; Max-Age=1800; path=/; domain=.xtgem.com; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
7396
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
Hemp2.jpg
www.oils4life.co.uk/WebRoot/Store/Shops/es133723/5CC5/4C8D/8691/B12E/C810/0A0F/111B/E78E/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oils4life.co.uk/WebRoot/Store/Shops/es133723/5CC5/4C8D/8691/B12E/C810/0A0F/111B/E78E/Hemp2.jpg
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.138.49.18 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE),
Reverse DNS
Software
Apache /
Resource Hash
ff697ed73c8d80c78ed75923d7788ae573d4ff69e9f1eae25819b6cc13819443

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Last-Modified
Sun, 28 Apr 2019 06:57:37 GMT
Server
Apache
ETag
"e218-58791aed8ba40"
Content-Type
image/jpeg
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
57880
Expires
Sun, 27 Jun 2021 07:01:02 GMT
Hemp_Seed_Oil_front_view_closed.png
cdn.shopify.com/s/files/1/0958/2866/products/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0958/2866/products/Hemp_Seed_Oil_front_view_closed.png?v=1487634500
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-fra19123-FRA /
Resource Hash
31083d21df1c44396d2a5feb8605a48b251c3b2fff7d097f853ed2f4841881c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-image
generated
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn
Fastly, http2
x-dc
gcp-us-east1
x-cache
HIT, MISS
content-length
63994
x-xss-protection
1; mode=block
x-request-id
a0270b04dad182785f23921fdedba0c12916e5e9becaa6622969d921370d98be
x-served-by
cache-lga21944-LGA, cache-fra19123-FRA
last-modified
Tue, 15 Jun 2021 06:36:21 GMT
server
cache-fra19123-FRA
x-timer
S1624172463.745334,VS0,VE92
date
Sun, 20 Jun 2021 07:01:02 GMT
vary
Accept
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 15 Jun 2022 06:36:20 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0958/2866/products/Hemp_Seed_Oil_front_view_closed.png>; rel="canonical"
x-cache-hits
1, 0
81550_Closed_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7df0d688/2019/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7df0d688/2019/81550_Closed_R.jpg?sw=1100&sh=1100&sm=fit&sfrm=png
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.75 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4178d2a6a2e8a99c6f4664d2ea911c6ea4017f6242548fbe35ebd4492295d6c0

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 07:01:02 GMT
via
1.1 7e6302699a89f60ff8e9259d2dea52ba.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
0
x-yottaa-optimizations
ob/0 si/34D1a5fe384b-1624034192-1095848169 tts/1623445094091 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Miss from cloudfront
cache-control
max-age=900
content-length
28089
cf-request-id
0ac9d21b270000423355b42000000001
x-yottaa-forcecache
true
x-amz-expiration
expiry-date="Tue, 15 Feb 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
x-amz-meta-cleanquerystring
sfrm=png&sw=1100&sh=1100&sm=fit
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
x-yottaa-os
200
x-yottaa-metrics
3421a5fe3837/[24,17,-] 34D1a5fe384b/[-,26.946]
x-amz-cf-pop
LHR3-C1
cf-ray
66231fa509fb4233-LHR
x-amz-cf-id
hsyBqSxQuxoEilLPAQ3X8mYO57HHi0DggorsXIiTMMKSZwdW-i6wZQ==
ring-ring-27984.jpg
4.thumbs.xtstatic.com/100/50/-/47e47aba554f689661ea399524563b69/backtooldschool.xtgem.com/images/blog/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.thumbs.xtstatic.com/100/50/-/47e47aba554f689661ea399524563b69/backtooldschool.xtgem.com/images/blog/ring-ring-27984.jpg
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ff6ff82ba3c51139aa3c9a355f3a3f2a273fa61296acddc60da6a24e6bc1ef7f

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
X-Ngz
1
Last-Modified
Sun, 28 Oct 2018 05:29:17 GMT
Age
0
ETag
"3d3-0"
Sent-XS
0.000
X-Cache
MISS
Content-Type
image/jpeg
Expires
Tue, 22 Jun 2021 07:01:02 GMT
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Accept-Ranges
bytes
Content-Length
979
X-Cache-Hits
0
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Content-Encoding
gzip
Etag
"WhyxmPkT7L77qVDcrjxwGw=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sun, 27 Jun 2021 07:01:02 GMT
tp.gif
enif.images.xtstatic.com/ Frame 7DE2 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://platedelete5.xtgem.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://platedelete5.xtgem.com/

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Tue, 20 Jul 2021 07:01:02 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame F156 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://platedelete5.xtgem.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://platedelete5.xtgem.com/

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Tue, 20 Jul 2021 07:01:02 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
ANuuhfadIZA
www.youtube.com/embed/ Frame 00A8 		53 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ANuuhfadIZA
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6ad3c69d8c50b8e3a42966730cb29c1fcf99ee6638ef1c11bca3e35e8807654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ANuuhfadIZA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://platedelete5.xtgem.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://platedelete5.xtgem.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 20 Jun 2021 07:01:02 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=KszQpP8qATg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=2Z59_ah8ENQ; Domain=.youtube.com; Expires=Fri, 17-Dec-2021 07:01:02 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+792; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set __xt_authbar
xtgem.com/ Frame D1BB 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9wbGF0ZWRlbGV0ZTUueHRnZW0uY29tXC9fX3h0X2Jsb2dcL19feHRibG9nX2VudHJ5P19feHRibG9nX2VudHJ5PTIxODY5NzUwJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJwbGF0ZWRlbGV0ZTUueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
94d4907c81ab13b50b5c5b50cbbc58d513ffc67f985411853f3abcf70c43b56d

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://platedelete5.xtgem.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://platedelete5.xtgem.com/

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w3~l2i4m6a1il1kpdp2r0jn7o0291; expires=Mon, 21-Jun-2021 07:01:03 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Tue, 20-Jul-2021 07:01:03 GMT; Max-Age=2592000; path=/ __lang=us; expires=Tue, 20-Jul-2021 07:01:03 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2932
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Origin
http://platedelete5.xtgem.com
Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
X-Cache-Hits
0
close2.png
xtgem.com/images/ 		564 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 07:00:56 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
5
ETag
"234-59774aa04e000"
X-Cache
HIT
Content-Type
image/png
Expires
Tue, 20 Jul 2021 07:00:56 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
15
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 01:37:42 GMT
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
age
25739
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
iZWkHwGTwWpO4UXEr2oHaSPRk5_MwI5Ije2O4VCVyglx8sNrck2sZQ==

Redirect headers

Date
Sun, 20 Jun 2021 07:01:02 GMT
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
tZqa-C17X1sb4vuGWX0UEaSctwNMZwELp5C-2RvBR4NP_1VaZtoZZw==
www-player-webp.css
www.youtube.com/s/player/da9443d1/ Frame 00A8 		362 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b3fd8d57c048b1bd2b0207d58bca55ef61bcbd3774411ae8e30ef75f60288e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
231321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47324
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 14:45:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00A8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 04:48:34 GMT
x-content-type-options
nosniff
age
94348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 04:48:34 GMT
www-embed-player.js
www.youtube.com/s/player/da9443d1/www-embed-player.vflset/ Frame 00A8 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
357666c70339cf6a94535db39de633477890624b7c75ce0ce34d65b47af167f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
age
231320
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65711
x-xss-protection
0
expires
Fri, 17 Jun 2022 14:45:42 GMT
base.js
www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/ Frame 00A8 		2 MB
483 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3834faad744e53aa5f64ec5d70a1f18b1ee549b20cb2d6e60841783d2c1a3f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
age
231320
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
494745
x-xss-protection
0
expires
Fri, 17 Jun 2022 14:45:42 GMT
fetch-polyfill.js
www.youtube.com/s/player/da9443d1/fetch-polyfill.vflset/ Frame 00A8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
age
231320
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 17 Jun 2022 14:45:42 GMT
pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil%...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-wi...
  • https://pixel.quantserve.com/pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-w...
35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-253535291-1624172462838;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1624172462838;tzo=-120;ogl=
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://platedelete5.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Jun 2021 07:01:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=2078859005;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fplatedelete5.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-253535291-1624172462838;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1624172462838;tzo=-120;ogl=
Date
Sun, 20 Jun 2021 07:01:03 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Mon, 21 Jun 2021 07:01:03 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 00A8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94df26eb34faf9089f61cfda2593bf7e9724e8cb4f8531535e4308efa2283466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 07:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 20 Jun 2021 07:01:02 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 00A8 		29 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 06:46:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
845
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sun, 20 Jun 2021 07:01:57 GMT
remote.js
www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/ Frame 00A8 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ac66c25615894c4154c349ff7a2d8501f46881622cd9c27f482424940f45a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
age
231321
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29358
x-xss-protection
0
expires
Fri, 17 Jun 2022 14:45:42 GMT
4ei-1Li0OARRjg6gM_rJrQo05sYOK4TBAJFJjDcj5xQ.js
www.google.com/js/th/ Frame 00A8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/4ei-1Li0OARRjg6gM_rJrQo05sYOK4TBAJFJjDcj5xQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1e8bed4b8b43804518e0ea033fac9ad0a34e6c60e2b84c10091498c3723e714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 21:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
35596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13416
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 13:30:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Jun 2022 21:07:47 GMT
embed.js
www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/ Frame 00A8 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9dde92c72995d2a5636d09ba649d73e9d000023bec4af5dd6f0faf51a9452c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
age
231321
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7447
x-xss-protection
0
expires
Fri, 17 Jun 2022 14:45:42 GMT
truncated
/ Frame 00A8 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwngW9jPwVo-zkndb5B4FYP8VHFIYQFPTuCbkqob2MQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 00A8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwngW9jPwVo-zkndb5B4FYP8VHFIYQFPTuCbkqob2MQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9c09dc85e522e8c4d2301e04c9df9039dd6d5bb1987d9445518dbca433f9582e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 06:52:37 GMT
x-content-type-options
nosniff
age
506
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3424
x-xss-protection
0
server
fife
etag
"v88e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 13 Jun 2021 16:33:02 GMT
sddefault.webp
i.ytimg.com/vi_webp/ANuuhfadIZA/ Frame 00A8 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ANuuhfadIZA/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ANuuhfadIZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3d9b599c8f596dceb1ef0eee91b49520c11ec630a5b456e8199334fc9b8a61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 06:59:44 GMT
x-content-type-options
nosniff
server
sffe
age
79
etag
"1620973444"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19966
x-xss-protection
0
expires
Sun, 20 Jun 2021 08:59:44 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 00A8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 07:01:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sun, 20 Jun 2021 07:01:03 GMT
generate_204
www.youtube.com/ Frame 00A8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ymLBXw
Requested by
Host: platedelete5.xtgem.com
URL: http://platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/21869750-coco-chill-calming-body-oil-with-cannabis-sativa-seed-oil?__xtblog_block_id=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ANuuhfadIZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 07:01:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame 00A8 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ANuuhfadIZA
X-YouTube-Client-Version
1.20210616.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgsyWjU5X2FoOEVOUSiuz7uGBg%3D%3D
X-YouTube-Ad-Signals
dt=1624172462913&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKqTTM2oixkNordb4bZsU7Ntz3qq1L1lXZ3b_JY2BHZ8J4SvfSLcIWPwP8Y8pboaHguAczs5xiUbsN9DZqLbVZfFZpO3Qg

Response headers

date
Sun, 20 Jun 2021 07:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 20 Jun 2021 07:01:05 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| pubcidCookie

6 Cookies

Domain/Path Name / Value
platedelete5.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.youtube.com/ Name: YSC
Value: KszQpP8qATg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2Z59_ah8ENQ
.xtgem.com/ Name: __qca
Value: P0-253535291-1624172462838
.xtgem.com/ Name: _xta_uid
Value: 2ab1da5b264e8f0afc71efe53a16d12b
.xtgem.com/ Name: _xta_vid
Value: 0e1f4bc0e84add9d20a6a0aded72fd73-1624172462

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.thumbs.xtstatic.com
cdn.shopify.com
cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
pixel.quantserve.com
platedelete5.xtgem.com
rules.quantcount.com
static.doubleclick.net
www.elfcosmetics.com
www.google.com
www.gstatic.com
www.oils4life.co.uk
www.youtube.com
xtgem.com
yt3.ggpht.com
165.254.56.75
178.33.123.218
2600:9000:2104:1600:6:44e3:f8c0:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2016
2a04:4e42:a00::268
54.36.158.42
62.138.49.18
91.228.74.226
0b3fd8d57c048b1bd2b0207d58bca55ef61bcbd3774411ae8e30ef75f60288e8
31083d21df1c44396d2a5feb8605a48b251c3b2fff7d097f853ed2f4841881c9
357666c70339cf6a94535db39de633477890624b7c75ce0ce34d65b47af167f0
3834faad744e53aa5f64ec5d70a1f18b1ee549b20cb2d6e60841783d2c1a3f05
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4178d2a6a2e8a99c6f4664d2ea911c6ea4017f6242548fbe35ebd4492295d6c0
4ac66c25615894c4154c349ff7a2d8501f46881622cd9c27f482424940f45a0c
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
94d4907c81ab13b50b5c5b50cbbc58d513ffc67f985411853f3abcf70c43b56d
94df26eb34faf9089f61cfda2593bf7e9724e8cb4f8531535e4308efa2283466
9c09dc85e522e8c4d2301e04c9df9039dd6d5bb1987d9445518dbca433f9582e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
c9dde92c72995d2a5636d09ba649d73e9d000023bec4af5dd6f0faf51a9452c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d3d9b599c8f596dceb1ef0eee91b49520c11ec630a5b456e8199334fc9b8a61a
d6ad3c69d8c50b8e3a42966730cb29c1fcf99ee6638ef1c11bca3e35e8807654
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc2dc4cf1ca947861f48953d049a819206ae0ced474f900c6590720366e91f63
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e1e8bed4b8b43804518e0ea033fac9ad0a34e6c60e2b84c10091498c3723e714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff697ed73c8d80c78ed75923d7788ae573d4ff69e9f1eae25819b6cc13819443
ff6ff82ba3c51139aa3c9a355f3a3f2a273fa61296acddc60da6a24e6bc1ef7f