www.xonsale.com Open in urlscan Pro
198.71.233.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xonsale.com/
Effective URL:
http://www.xonsale.com/
Submission Tags: tranco_l324
Submission: On November 14 via api (November 14th 2021, 11:36:44 am UTC) from DE — Scanned from DE

Summary HTTP 60 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 60 HTTP transactions. The main IP is 198.71.233.44, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.xonsale.com.

This is the only time www.xonsale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	198.71.233.44 198.71.233.44	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
23	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 3	2.16.186.121 2.16.186.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.37.42.16 23.37.42.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:5c::9	15169 (GOOGLE) (GOOGLE)
60	14

2 198.71.233.44 (Ashburn, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-44.ip.secureserver.net

xonsale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.xonsale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:fe80:1010::16 (United States)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.121 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-121.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.16 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-16.deploy.static.akamaitechnologies.com

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:5c::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6ns7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	secureservercdn.net secureservercdn.net	254 KB
17	youtube.com www.youtube.com	747 KB
5	googlevideo.com r4---sn-4g5e6ns7.googlevideo.com	520 KB
5	gstatic.com fonts.gstatic.com	78 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	wsimg.com 1 redirects img1.wsimg.com img6.wsimg.com	13 KB
2	secureserver.net 1 redirects img.secureserver.net	2 KB
2	xonsale.com 1 redirects xonsale.com www.xonsale.com	8 KB
1	ytimg.com i.ytimg.com	17 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	google.com www.google.com	14 KB
1	googleapis.com fonts.googleapis.com	2 KB
60	12

	Domain	Requested by
23	secureservercdn.net	www.xonsale.com
17	www.youtube.com	secureservercdn.net www.youtube.com
5	r4---sn-4g5e6ns7.googlevideo.com	www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	img.secureserver.net	1 redirects
2	img1.wsimg.com	1 redirects www.xonsale.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	img6.wsimg.com	www.xonsale.com
1	fonts.googleapis.com	www.xonsale.com
1	www.xonsale.com
1	xonsale.com	1 redirects
60	15

This site contains links to these domains. Also see Links.

Domain
www.vancouverdealsblog.com

Subject Issuer	Validity	Valid
secureservercdn.net Starfield Secure Certificate Authority - G2	`2021-05-27` - `2022-06-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2021-09-24` - `2022-10-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-19` - `2021-12-28`	2 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.xonsale.com/
Frame ID: B280F64C9468D7FAE2EA35B64C8034DA
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
Frame ID: D3E8D8C4D561FE15822614E06009B626
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Share the best deals in Metro Vancouver!

Page URL History Show full URLs

http://xonsale.com/ HTTP 301
http://www.xonsale.com/ Page URL

Page Statistics

60
Requests

93 %
HTTPS

77 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

1653 kB
Transfer

4346 kB
Size

4
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vancouverdealsblog.com/2021/11/susanne-keramati-109-for-haircut-perm-and-style-on-shoulder-or-125-for-mid-back-length-hair-up-to-42-off.html
Title: Susanne Keramati: $109 for Haircut, Perm, and Style on Shoulder or $125 for Mid-Back Length Hair (Up to 42% Of

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/beautyworks-39-20-for-one-or-79-20-for-two-sessions-of-spider-vein-removal-laser-treatment-up-to-60-off-2.html
Title: BeautyWorks: $49 for One or $99 for Two Sessions of Spider Vein Removal Laser Treatment (Up to 50% Off)

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/elegance-laser-studio-119-for-six-laser-hair-removal-sessions-up-to-77-off.html
Title: Elegance Laser Studio: $119 for Six Laser Hair-Removal Sessions (Up to 77% Off)

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/handi-cuisine-of-india-16-50-for-lunch-for-two-valid-monday-thursday-up-to-45-off-6.html
Title: Handi Cuisine of India: $16.50 for Lunch for Two, Valid Monday-Thursday (Up to 45% Off)

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/vidanta-laser-spa-8-for-one-or-22-40-for-three-underarm-waxes-or-7-20-for-one-eyebrow-wax-up-to-62-off.html
Title: Vidanta Laser Spa: $8 for One or $22.40 for Three Underarm Waxes, or $7.20 for One Eyebrow Wax (Up to 62% Off)

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/silver-4-beauty-salon-62-40-for-conditioning-with-partial-highlights-or-84-for-balayage-2-options-available-up-to-70-off-2.html
Title: Silver 4 Beauty Salon: $62.40 for Conditioning with Partial Highlights or $84 for Balayage. 2 Options Availabl

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/groupon-com-extra-25-off-activities-restaurants-beauty-more-promo-code-nov-10.html
Title: Groupon.com: Extra 25% Off Activities, Restaurants, Beauty & More Promo Code (Nov 10)

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/hudsons-bay-one-day-sale-249-99-for-cuisinart-6-5-quart-stand-mixer-up-to-70-off-cookware-sets-nov-10.html
Title: Hudson’s Bay: One Day Sale – $249.99 for Cuisinart 6.5 Quart Stand Mixer + Up to 70% Off Cookware Sets (No

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/samira-beaute-175-for-one-350-for-two-or-525-for-three-microneedling-sessions-up-to-30-off.html
Title: Samira Beaute: $175 for One, $350 for Two, or $525 for Three Microneedling Sessions (Up to 30% Off)

Search URL Search Domain Scan URL

URL: https://www.vancouverdealsblog.com/2021/11/honor-wellness-studio-35-for-initial-exam-with-one-or-85-for-three-acupuncture-sessions-up-to-72-off-3.html
Title: Honor Wellness Studio: $35 for Initial Exam with One or $85 for Three Acupuncture Sessions (Up to 72% Off)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xonsale.com/ HTTP 301
http://www.xonsale.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

Request Chain 32

http://img.secureserver.net/t/1/tl/event?cts=1636889800283&tce=1636889798845&tcs=1636889798840&tdc=1636889800083&tdclee=1636889800083&tdcles=1636889800079&tdi=1636889800079&tdl=1636889799048&tdle=1636889798840&tdls=1636889798818&tfs=1636889798816&tns=1636889798593&trqs=1636889798845&tre=1636889799048&trps=1636889799043&tles=1636889800083&tlee=1636889800083&ht=perf&dh=www.xonsale.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&vci=357062842&cv=1.0.6&z=2126950244&vg=25f62ac8-0285-4766-8568-0e20dbf59bc5&vtg=25f62ac8-0285-4766-8568-0e20dbf59bc5&ap=wpaas&trfd=%7B%22cts%22%3A1636889800077%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22217f5609-449c-e2f5-57f8-00852c8e955d.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD06%22%2C%22storage%22%3A%22a2pewpnas02_data03%22%2C%22xid%22%3A%2242947314%22%2C%22wp%22%3A%225.8.1%22%2C%22php%22%3A%227.2.34%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22383%22%2C%22wp_alloptions_bytes%22%3A%22169727%22%7D&dp=%2F HTTP 301
https://img.secureserver.net/t/1/tl/event?cts=1636889800283&tce=1636889798845&tcs=1636889798840&tdc=1636889800083&tdclee=1636889800083&tdcles=1636889800079&tdi=1636889800079&tdl=1636889799048&tdle=1636889798840&tdls=1636889798818&tfs=1636889798816&tns=1636889798593&trqs=1636889798845&tre=1636889799048&trps=1636889799043&tles=1636889800083&tlee=1636889800083&ht=perf&dh=www.xonsale.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&vci=357062842&cv=1.0.6&z=2126950244&vg=25f62ac8-0285-4766-8568-0e20dbf59bc5&vtg=25f62ac8-0285-4766-8568-0e20dbf59bc5&ap=wpaas&trfd=%7B%22cts%22%3A1636889800077%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22217f5609-449c-e2f5-57f8-00852c8e955d.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD06%22%2C%22storage%22%3A%22a2pewpnas02_data03%22%2C%22xid%22%3A%2242947314%22%2C%22wp%22%3A%225.8.1%22%2C%22php%22%3A%227.2.34%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22383%22%2C%22wp_alloptions_bytes%22%3A%22169727%22%7D&dp=%2F

Request Chain 39

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.xonsale.com/
Redirect Chain

http://xonsale.com/
http://www.xonsale.com/

33 KB
8 KB

226ms
197ms

Document
text/html

198.71.233.44
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.xonsale.com/

Protocol

HTTP/1.1

Server

198.71.233.44 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-44.ip.secureserver.net

Software

Resource Hash

8b5e6feafc604d8bbce17734e2acf80c6dda8957f9ad9a2002208205b2b5be63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 36676
Content-Encoding: gzip
Content-Length: 7359
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Nov 2021 01:25:21 GMT
Vary: Accept-Encoding, User-Agent
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Redirect headers

Age: 65745
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Nov 2021 17:20:53 GMT
Location: http://www.xonsale.com/
Vary: User-Agent
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Content-Type-Options: nosniff
X-Redirect-By: WordPress
X-Xss-Protection: 1; mode=block

GET
H2 200 style.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 382ms
355ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182534
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 10523
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:16 GMT
server: nginx
etag: "13abe-5cffd86ad02ef-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/css/ 58 KB
35 KB 470ms
444ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.8.1&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182534
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 35730
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:16 GMT
server: nginx
etag: "e688-5cffd86ad493f-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 everest-forms.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/everest-forms/assets/css/ 26 KB
4 KB 391ms
365ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.6.6&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f3726823e4a7868f250cff015dfec934036b45e1402fe6201484460c1a1c0538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182534
x-cache: cached
x-sucuri-cache: MISS
content-length: 3324
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:54 GMT
server: nginx
etag: "673f-5a4fefa7ed313"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/themes/hello-elementor/ 6 KB
3 KB 383ms
357ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/themes/hello-elementor/style.min.css?ver=2.2.0&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

7947c696cb1740c717f760da2c340b30218fdeb33ef1d72f7d65934920d7575b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182524
x-cache: cached
x-sucuri-cache: MISS
content-length: 2290
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 10:25:16 GMT
server: nginx
etag: "19db-592446fe0fb00"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/themes/hello-elementor/ 5 KB
2 KB 386ms
360ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.2.0&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cba3c79b123521ee8314ba63823bed29aa88d93df282596f1feb60a1b076f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182524
x-cache: cached
x-sucuri-cache: MISS
content-length: 1429
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 10:25:16 GMT
server: nginx
etag: "1461-592446fe0fb00"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elementor-icons.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 16 KB
4 KB 402ms
377ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

445cd8a23972ac2d37cbc1676f21486a7f634cdc81fd8dac262935e27914647c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 3352
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:41 GMT
server: nginx
etag: "3e7e-5a4fef9b8f46f"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animations.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 391ms
366ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.8&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 2592
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:42 GMT
server: nginx
etag: "4824-5a4fef9be3cb4"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/css/ 108 KB
15 KB 476ms
451ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.8&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d574be1557f9fd461e6fccef27e5bb97622031363b2d8adfed696439927b2384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 15385
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:42 GMT
server: nginx
etag: "1b0f2-5a4fef9c44eba"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/uploads/elementor/css/ 6 KB
1 KB 388ms
363ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/uploads/elementor/css/global.css?ver=1588793923&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d842e625f711a01581ff3dd11c86752fd4bf534b8b31a64a33892a4e9cba829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 747
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 19:38:43 GMT
server: nginx
etag: "16db-5a4ffe96a092b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-466.css
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 383ms
359ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/uploads/elementor/css/post-466.css?ver=1588793923&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

82cadea5baaedc87def1641949a268fa187dc558ab3704cce993abbf41ed7672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 681
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 19:38:43 GMT
server: nginx
etag: "cec-5a4ffe96db540"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 55 KB
2 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.8.1

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2322678675dfcbd79aa4085a2f6858aa36d214b8600a790cb0505b72eff59130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 11:16:17 GMT
server: ESF
date: Sun, 14 Nov 2021 11:36:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 11:36:39 GMT

GET
H2 200 continuous-rss-scrolling.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/continuous-rss-scrolling/ 2 KB
1 KB 386ms
362ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/continuous-rss-scrolling/continuous-rss-scrolling.js?ver=5.8.1&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

175a98f4a83b350b2f08e828a5340bdaa723b5d9028f01f617a384b95d6803d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182524
x-cache: cached
x-sucuri-cache: MISS
content-length: 968
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:26 GMT
server: nginx
etag: "7f3-5a4fef8cb995a"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cropped-Xonsale-7-copy.jpg
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/uploads/2019/11/ 34 KB
35 KB 457ms
455ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/uploads/2019/11/cropped-Xonsale-7-copy.jpg

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

251a2d372f7054ce06693cd5d577479b179484bc4fe8a0dbca18a0fb4f3f7030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182521
x-cache: cached
x-sucuri-cache: MISS
content-length: 35078
x-xss-protection: 1; mode=block
last-modified: Sun, 03 Nov 2019 21:45:36 GMT
server: nginx
etag: "8906-596781e87a000"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/ 1 KB
1 KB 359ms
358ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.8.1&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182523
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 765
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:17 GMT
server: nginx
etag: "592-5cffd86b236f9-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/ 87 KB
31 KB 439ms
438ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 30908
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:13 GMT
server: nginx
etag: "15db1-5cffd86825b0f;59572ccedd4d9-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/ 11 KB
5 KB 368ms
363ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:13 GMT
server: nginx
etag: "2bd8-5cffd86824787-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-modules.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/js/ 58 KB
17 KB 446ms
440ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.8&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

ca3043e21ab00fc0d5c2ce543b5c49d40cd8c07e6a26373dc54fc0a7fffb00eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 17039
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:42 GMT
server: nginx
etag: "e983-5a4fef9c2bb25"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 364ms
359ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 6865
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:13 GMT
server: nginx
etag: "5133-5cffd86826aaf-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dialog.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 362ms
357ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb567d9bafc7064a86cd894d15a4a43073fe20789bafc64a47ac5efcf7a78285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 3473
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:41 GMT
server: nginx
etag: "29c7-5a4fef9b2dd39"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 waypoints.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 368ms
363ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 2993
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:42 GMT
server: nginx
etag: "2fa6-5a4fef9bfc5ff"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
35 KB 452ms
447ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 35522
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:42 GMT
server: nginx
etag: "21fb7-5a4fef9bbe52f"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 share-link.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 370ms
366ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.8&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

20d67dc1d22cadd6326639e1510929bd3bfdefe7a3a4bd2d78160514b3aa6f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 1116
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:41 GMT
server: nginx
etag: "a4b-5a4fef9baa802"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/js/ 113 KB
30 KB 451ms
448ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.8&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

e1e69cc775a18d34eeb16ade98fd6e374a048e93510f6653135045af4213379e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 115961
x-cache: cached
x-sucuri-cache: MISS
content-length: 30370
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2020 18:31:42 GMT
server: nginx
etag: "1c56c-5a4fef9c08126"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tcc_l.combined.1.0.6.min.js Show response
img1.wsimg.com/tcc/ 12 KB
5 KB 41ms
8ms Script
application/x-javascript 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by: Host: www.xonsale.com
URL: http://www.xonsale.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 16:26:41 GMT
etag: "52ef5c943baad21:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4564
expires: Mon, 14 Nov 2022 11:36:39 GMT

GET
H2

200

tti.min.js Show response
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

24 KB
8 KB

29ms
21ms

Script
application/javascript

2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by: Host: www.xonsale.com
URL: http://www.xonsale.com/
Protocol: H2
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 247, 247
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
x-amz-request-id: VP8MMSVFK992J1PT
x-edgeconnect-midmile-rtt: 15, 15
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7498
x-amz-id-2: WPdzJfQDQyS4hD+xuYsG8/XIlDF8SfFW6fY7TywWHFwCrHZxYW7+fWZzjZljcKq0iGAfdR/ixq8=
last-modified: Wed, 16 Jun 2021 21:48:11 GMT
date: Sun, 14 Nov 2021 11:36:39 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
date: Sun, 14 Nov 2021 11:36:39 GMT
cache-control: max-age=5
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
expires: Sun, 14 Nov 2021 11:36:44 GMT

GET
H2 200 wp-emoji-release.min.js Show response
secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/ 18 KB
5 KB 367ms
365ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1&time=1620851341

Requested by

Host: www.xonsale.com
URL: http://www.xonsale.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 182521
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 4930
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:51:17 GMT
server: nginx
etag: "4705-5cffd86b330fa-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.xonsale.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:36:08 GMT
x-content-type-options: nosniff
age: 237631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 17:36:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.xonsale.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 182294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 08:58:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.xonsale.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 453878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.xonsale.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 237622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 17:36:17 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: secureservercdn.net
URL: https://secureservercdn.net/198.71.233.44/f2b.174.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0&time=1620851341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Sun, 14 Nov 2021 11:36:40 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/ 140 KB
46 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13301
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46909
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Nov 2022 07:54:59 GMT

GET
H/1.1

200
OK

event
img.secureserver.net/t/1/tl/
Redirect Chain

http://img.secureserver.net/t/1/tl/event?cts=1636889800283&tce=1636889798845&tcs=1636889798840&tdc=1636889800083&tdclee=1636889800083&tdcles=1636889800079&tdi=1636889800079&tdl=1636889799048&tdle=1...
https://img.secureserver.net/t/1/tl/event?cts=1636889800283&tce=1636889798845&tcs=1636889798840&tdc=1636889800083&tdclee=1636889800083&tdcles=1636889800079&tdi=1636889800079&tdl=1636889799048&tdle=...

43 B
379 B

198ms
175ms

Image
image/gif

23.37.42.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1636889800283&tce=1636889798845&tcs=1636889798840&tdc=1636889800083&tdclee=1636889800083&tdcles=1636889800079&tdi=1636889800079&tdl=1636889799048&tdle=1636889798840&tdls=1636889798818&tfs=1636889798816&tns=1636889798593&trqs=1636889798845&tre=1636889799048&trps=1636889799043&tles=1636889800083&tlee=1636889800083&ht=perf&dh=www.xonsale.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&vci=357062842&cv=1.0.6&z=2126950244&vg=25f62ac8-0285-4766-8568-0e20dbf59bc5&vtg=25f62ac8-0285-4766-8568-0e20dbf59bc5&ap=wpaas&trfd=%7B%22cts%22%3A1636889800077%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22217f5609-449c-e2f5-57f8-00852c8e955d.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD06%22%2C%22storage%22%3A%22a2pewpnas02_data03%22%2C%22xid%22%3A%2242947314%22%2C%22wp%22%3A%225.8.1%22%2C%22php%22%3A%227.2.34%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22383%22%2C%22wp_alloptions_bytes%22%3A%22169727%22%7D&dp=%2F

Protocol

HTTP/1.1

Server

23.37.42.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sun, 14 Nov 2021 11:36:40 GMT
X-Frame-Options: DENY
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://img.secureserver.net/t/1/tl/event?cts=1636889800283&tce=1636889798845&tcs=1636889798840&tdc=1636889800083&tdclee=1636889800083&tdcles=1636889800079&tdi=1636889800079&tdl=1636889799048&tdle=1636889798840&tdls=1636889798818&tfs=1636889798816&tns=1636889798593&trqs=1636889798845&tre=1636889799048&trps=1636889799043&tles=1636889800083&tlee=1636889800083&ht=perf&dh=www.xonsale.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&vci=357062842&cv=1.0.6&z=2126950244&vg=25f62ac8-0285-4766-8568-0e20dbf59bc5&vtg=25f62ac8-0285-4766-8568-0e20dbf59bc5&ap=wpaas&trfd=%7B%22cts%22%3A1636889800077%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22217f5609-449c-e2f5-57f8-00852c8e955d.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD06%22%2C%22storage%22%3A%22a2pewpnas02_data03%22%2C%22xid%22%3A%2242947314%22%2C%22wp%22%3A%225.8.1%22%2C%22php%22%3A%227.2.34%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22383%22%2C%22wp_alloptions_bytes%22%3A%22169727%22%7D&dp=%2F
Date: Sun, 14 Nov 2021 11:36:40 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 -qBNA_A-zFI Show response
www.youtube.com/embed/ Frame D3E8 60 KB
25 KB 73ms
72ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31910ca6b8d2b667f8df10ebd91942d1af68b185ee153ee304e53d63f335633a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.xonsale.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 14 Nov 2021 11:36:40 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: clear

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/8d287e4d/ Frame D3E8 335 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199725
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 47155
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 04:07:55 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/ Frame D3E8 207 KB
68 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101475
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 69543
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 13 Nov 2022 07:25:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/ Frame D3E8 2 MB
517 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf68424ddac709c40c15412cb5cdae3c95f7ddf7ed720b4874e1ffc5e81dfeee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 528903
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 03:38:36 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/ Frame D3E8 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17356
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Nov 2022 06:47:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D3E8 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:18:33 GMT
x-content-type-options: nosniff
age: 199087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 04:18:33 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D3E8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

39ms
39ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b8989d02a35a28ac9e1f16f86885b11354a5cf7d9a25868136b08044104914d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 11:36:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D3E8 29 B
462 B 29ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:28:00 GMT
x-content-type-options: nosniff
age: 520
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 11:43:00 GMT

GET
H2 200 kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js Show response
www.google.com/js/th/ Frame D3E8 35 KB
14 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 210690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 01:05:10 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/ Frame D3E8 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a158a9cbe6178caba51f4567c57684933795e769f02d00073ed7f9a3ea2804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7365
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 03:47:19 GMT

GET
DATA 200
OK truncated
/ Frame D3E8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTf0HjKJv0B_VEq1yAHDrdtfrqmX6CF_Ijdig=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D3E8 1021 B
1 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTf0HjKJv0B_VEq1yAHDrdtfrqmX6CF_Ijdig=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b045e74e5fc1251b858458c98f7c298ae24619fc54aea54424ff00110cae4ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:19:29 GMT
x-content-type-options: nosniff
server: fife
age: 1031
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: clear
content-length: 1021
x-xss-protection: 0
expires: Mon, 15 Nov 2021 11:19:29 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/-qBNA_A-zFI/ Frame D3E8 16 KB
17 KB 71ms
48ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/-qBNA_A-zFI/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9a6d79d2ec5a7756f4595df1e644bb612c461b80965c3d3f9c6120a10a0731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 16644
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Nov 2021 13:36:40 GMT

POST
H2 200 player Show response
www.youtube.com/youtubei/v1/ Frame D3E8 71 KB
20 KB 120ms
120ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

3778ad9547ee92252d4b2126ca574b32552843797f318945594981186cac926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211110.01.01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id: CgszSXkxTWNkWTRkRSjI6cOMBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 14 Nov 2021 11:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 20525
x-xss-protection: 0
expires: Sun, 14 Nov 2021 11:36:40 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame D3E8 0
39 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?D3Ie1A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:36:40 GMT
alt-svc: clear
content-length: 0

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame D3E8 0
176 B 14ms
14ms Ping
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=398&afmt=250&cpn=9H1co8tWKQksRMMA&ei=yPSQYbrDMoT51gKsjpHQCw&el=embedded&docid=-qBNA_A-zFI&ns=yt&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24115509%2C24116744%2C24116772%2C24129402%2C24129451%2C24132436&cl=409174836&seq=1&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211110.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:B,0.013:S,0.154:S,0.154:S&cmt=0.010:0.000,0.013:0.000,0.154:0.000&afs=0.153:250::i&vfs=0.154:398:398::r&view=0.154:1600:900&bwe=0.154:130000&bat=0.154:1:1&vis=0.154:0&bh=0.154:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 11:36:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6ns7.googlevideo.com/ Frame D3E8 65 KB
66 KB 120ms
76ms XHR
video/mp4 2a00:1450:4001:5c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6ns7.googlevideo.com/videoplayback?expire=1636911400&ei=yPSQYbrDMoT51gKsjpHQCw&ip=2a0f%3A9441%3A5%3A0%3Ae4%3A%3A1&id=o-AKbtaP7PJm61sdSFfSWe6HPNJ_iPg2xv524KyJBnpb-R&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=Yv&mm=31%2C26&mn=sn-4g5e6ns7%2Csn-f5f7kn7z&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=2052500&vprv=1&mime=video%2Fmp4&ns=xTAGDZQKhwOwqNfbCRUVWE8G&gir=yes&clen=1543405&dur=61.966&lmt=1614493627939909&mt=1636889334&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5436432&n=RDFd1tk3n0RyrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPMcb5k2DXuWytlOAtbABaK6ihJV1ueENA8KqWaMOFP4AiBwSSReGQkhfUsoJUdNnEggGd5fo0apVqMFjJLR1-pEsw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQuQjrlJ1NUG4qzfk4BraqmwR2iY9e6ur1APoZSDAdg0CIFbbUNr5BE4HmLY3WfRLQCMDPj36wcUz2cRmZa05Npzi&alr=yes&cpn=9H1co8tWKQksRMMA&cver=1.20211110.01.01&range=0-66423&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b9de082a25e27a6d8e9a7265150b78201071a2206924abb38a374db118a15cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 11:36:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66424
Last-Modified: Sun, 28 Feb 2021 06:27:07 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sun, 14 Nov 2021 11:36:41 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6ns7.googlevideo.com/ Frame D3E8 28 KB
29 KB 75ms
32ms XHR
audio/webm 2a00:1450:4001:5c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6ns7.googlevideo.com/videoplayback?expire=1636911400&ei=yPSQYbrDMoT51gKsjpHQCw&ip=2a0f%3A9441%3A5%3A0%3Ae4%3A%3A1&id=o-AKbtaP7PJm61sdSFfSWe6HPNJ_iPg2xv524KyJBnpb-R&itag=250&source=youtube&requiressl=yes&mh=Yv&mm=31%2C26&mn=sn-4g5e6ns7%2Csn-f5f7kn7z&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=2052500&vprv=1&mime=audio%2Fwebm&ns=xTAGDZQKhwOwqNfbCRUVWE8G&gir=yes&clen=28346&dur=62.001&lmt=1614490341465522&mt=1636889334&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1432434&n=RDFd1tk3n0RyrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUo6Mj5p4TIDhD8mhcLkq2g2PBc4gzu4665Z53K0wnegCICUkM8IrLvC3J7j0lrOvvxSVe3wUyqaaDaHa2beBDIHK&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQuQjrlJ1NUG4qzfk4BraqmwR2iY9e6ur1APoZSDAdg0CIFbbUNr5BE4HmLY3WfRLQCMDPj36wcUz2cRmZa05Npzi&alr=yes&cpn=9H1co8tWKQksRMMA&cver=1.20211110.01.01&range=0-28345&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8c1a6a8781a8e61be8f266d2ac89686efee3109dd1877e38aec173f3a9f9c299

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 11:36:41 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 28346
Last-Modified: Sun, 28 Feb 2021 05:32:21 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Sun, 14 Nov 2021 11:36:41 GMT

GET
H2 200 endscreen.js Show response
www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/ Frame D3E8 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3365148defa2f522c49007b216af866f1422cf024fabebbfe1bbfd8826c8afe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201062
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7216
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 03:45:38 GMT

POST
H2 200 next Show response
www.youtube.com/youtubei/v1/ Frame D3E8 66 KB
5 KB 235ms
235ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

45e8dfa786bd3bd8bdd2cff8a139c6037899399edd7d0d9144851c1577f15afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211110.01.01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id: CgszSXkxTWNkWTRkRSjI6cOMBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 14 Nov 2021 11:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 4441
x-xss-protection: 0
expires: Sun, 14 Nov 2021 11:36:41 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6ns7.googlevideo.com/ Frame D3E8 62 KB
63 KB 7ms
6ms XHR
video/mp4 2a00:1450:4001:5c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b676abf5df6ebde8353af1dd67e158c7dda619a5a7e40a6c85879340bdc84433

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 11:36:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 63895
Last-Modified: Sun, 28 Feb 2021 06:27:07 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sun, 14 Nov 2021 11:36:41 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6ns7.googlevideo.com/ Frame D3E8 127 KB
128 KB 7ms
7ms XHR
video/mp4 2a00:1450:4001:5c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4a1b768fd7ddf15e683446eaab4686e73834749f4e564e47aee2476bb69a93b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 11:36:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 129603
Last-Modified: Sun, 28 Feb 2021 06:27:07 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sun, 14 Nov 2021 11:36:41 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame D3E8 0
55 B 16ms
15ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=9H1co8tWKQksRMMA&docid=-qBNA_A-zFI&ver=2&cmt=0.043&fmt=398&fs=0&rt=0.399&euri=http%3A%2F%2Fwww.xonsale.com%2F&lact=182&cl=409174836&mos=1&volume=100&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211110.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=62.001&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24115509%2C24116744%2C24116772%2C24129402%2C24129451%2C24132436&rtn=2&afmt=250&size=1600%3A900&inview=0&muted=1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F-qBNA_A-zFI%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttp%253A%252F%252Fwww.xonsale.com%26widgetid%3D1&ei=yPSQYbrDMoT51gKsjpHQCw&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdERURVTkFWYlc0N0RVcTByanF5YnF6a2RPYmpPOFd0azJ3YXkzbjRadWlyQWJLQVBta0tETGJJZ3ozTTh5eFVGSnhCWjltOHd6c0RJYnFIZGxKM0ZWajdhVUF4SWhGLV92SWxVMjNtekhFeW5Vems0Zm1RbGRZOWpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 11:36:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ptracking
www.youtube.com/ Frame D3E8 0
132 B 15ms
15ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=-qBNA_A-zFI&cpn=9H1co8tWKQksRMMA&ei=yPSQYbrDMoT51gKsjpHQCw&ptk=youtube_none&pltype=contentugc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 11:36:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6ns7.googlevideo.com/ Frame D3E8 233 KB
234 KB 8ms
8ms XHR
video/mp4 2a00:1450:4001:5c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5a85dcd796c51f4366ff9380ff3254ab4531c458196527aedbdbde5c3ae64bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 11:36:42 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 238322
Last-Modified: Sun, 28 Feb 2021 06:27:07 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21298
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sun, 14 Nov 2021 11:36:42 GMT

GET
H2 204 watchtime
www.youtube.com/api/stats/ Frame D3E8 0
55 B 21ms
21ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=9H1co8tWKQksRMMA&docid=-qBNA_A-zFI&ver=2&cmt=1.647&fmt=398&fs=0&rt=2.002&euri=http%3A%2F%2Fwww.xonsale.com%2F&lact=1785&cl=409174836&state=playing&volume=100%2C100&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211110.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=62&rtn=12&afmt=250&idpj=-9&ldpj=-15&rti=2&size=1600%3A900&inview=0&st=0%2C0.146&et=0.043%2C1.647&muted=1%2C1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F-qBNA_A-zFI%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttp%253A%252F%252Fwww.xonsale.com%26widgetid%3D1&ei=yPSQYbrDMoT51gKsjpHQCw&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdERURVTkFWYlc0N0RVcTByanF5YnF6a2RPYmpPOFd0azJ3YXkzbjRadWlyQWJLQVBta0tETGJJZ3ozTTh5eFVGSnhCWjltOHd6c0RJYnFIZGxKM0ZWajdhVUF4SWhGLV92SWxVMjNtekhFeW5Vems0Zm1RbGRZOWpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 11:36:42 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D3E8 28 B
201 B 33ms
32ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/-qBNA_A-zFI?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=http%3A%2F%2Fwww.xonsale.com&widgetid=1
X-YouTube-Client-Version: 1.20211110.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszSXkxTWNkWTRkRSjI6cOMBg%3D%3D
X-YouTube-Ad-Signals: dt=1636889800588&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 14 Nov 2021 11:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 31
x-xss-protection: 0
expires: Sun, 14 Nov 2021 11:36:42 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ySwKmyP9OaU
.youtube.com/	1970-01-20 03:00:41	Name: VISITOR_INFO1_LIVE Value: 3Iy1McdY4dE
www.xonsale.com/	1970-01-20 07:27:05	Name: _tccl_visitor Value: 25f62ac8-0285-4766-8568-0e20dbf59bc5
www.xonsale.com/	1970-01-19 22:41:31	Name: _tccl_visit Value: 25f62ac8-0285-4766-8568-0e20dbf59bc5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.secureserver.net
img1.wsimg.com
img6.wsimg.com
r4---sn-4g5e6ns7.googlevideo.com
secureservercdn.net
static.doubleclick.net
www.google.com
www.xonsale.com
www.youtube.com
xonsale.com
yt3.ggpht.com
198.71.233.44
2.16.186.121
23.37.42.16
2a00:1450:4001:5c::9
2a00:1450:4001:809::2016
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a02:fe80:1010::16
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
175a98f4a83b350b2f08e828a5340bdaa723b5d9028f01f617a384b95d6803d8
1d842e625f711a01581ff3dd11c86752fd4bf534b8b31a64a33892a4e9cba829
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
20d67dc1d22cadd6326639e1510929bd3bfdefe7a3a4bd2d78160514b3aa6f50
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2322678675dfcbd79aa4085a2f6858aa36d214b8600a790cb0505b72eff59130
251a2d372f7054ce06693cd5d577479b179484bc4fe8a0dbca18a0fb4f3f7030
31910ca6b8d2b667f8df10ebd91942d1af68b185ee153ee304e53d63f335633a
3365148defa2f522c49007b216af866f1422cf024fabebbfe1bbfd8826c8afe8
3778ad9547ee92252d4b2126ca574b32552843797f318945594981186cac926e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9a6d79d2ec5a7756f4595df1e644bb612c461b80965c3d3f9c6120a10a0731
445cd8a23972ac2d37cbc1676f21486a7f634cdc81fd8dac262935e27914647c
45e8dfa786bd3bd8bdd2cff8a139c6037899399edd7d0d9144851c1577f15afa
4a1b768fd7ddf15e683446eaab4686e73834749f4e564e47aee2476bb69a93b6
5a85dcd796c51f4366ff9380ff3254ab4531c458196527aedbdbde5c3ae64bd8
5b8989d02a35a28ac9e1f16f86885b11354a5cf7d9a25868136b08044104914d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cba3c79b123521ee8314ba63823bed29aa88d93df282596f1feb60a1b076f61
627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
7947c696cb1740c717f760da2c340b30218fdeb33ef1d72f7d65934920d7575b
82cadea5baaedc87def1641949a268fa187dc558ab3704cce993abbf41ed7672
8b5e6feafc604d8bbce17734e2acf80c6dda8957f9ad9a2002208205b2b5be63
8c1a6a8781a8e61be8f266d2ac89686efee3109dd1877e38aec173f3a9f9c299
8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442
910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
a1a158a9cbe6178caba51f4567c57684933795e769f02d00073ed7f9a3ea2804
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b045e74e5fc1251b858458c98f7c298ae24619fc54aea54424ff00110cae4ff3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b676abf5df6ebde8353af1dd67e158c7dda619a5a7e40a6c85879340bdc84433
b9de082a25e27a6d8e9a7265150b78201071a2206924abb38a374db118a15cb4
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
bf68424ddac709c40c15412cb5cdae3c95f7ddf7ed720b4874e1ffc5e81dfeee
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ca3043e21ab00fc0d5c2ce543b5c49d40cd8c07e6a26373dc54fc0a7fffb00eb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d574be1557f9fd461e6fccef27e5bb97622031363b2d8adfed696439927b2384
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1e69cc775a18d34eeb16ade98fd6e374a048e93510f6653135045af4213379e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb567d9bafc7064a86cd894d15a4a43073fe20789bafc64a47ac5efcf7a78285
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3726823e4a7868f250cff015dfec934036b45e1402fe6201484460c1a1c0538
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

www.xonsale.com Open in urlscan Pro 198.71.233.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

60 Requests

93 %HTTPS

77 %IPv6

12 Domains

15 Subdomains

14 IPs

2 Countries

1653 kBTransfer

4346 kBSize

4 Cookies

10 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.xonsale.com Open in urlscan Pro
198.71.233.44 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

93 %
HTTPS

77 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

1653 kB
Transfer

4346 kB
Size

4
Cookies

60 HTTP transactions
1 data transactions