urlscan.io logo urlscan.io
SecurityTrails logo

italysmoke2.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id...
Effective URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Submission: On November 13 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 28 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is italysmoke2.xtgem.com.
This is the only time italysmoke2.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
italysmoke2.xtgem.com
2    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2606:4700:20::6818:9904 (United States)

ASN13335 (CLOUDFLARENET, US)
esteshary.com
1    68.65.121.195 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium94-4.web-hosting.com
www.skincare98.com
1    185.151.30.132 (United Kingdom)

ASN48254 (TWENTYI, GB)
PTR: 185-151-30-132.ptr4.stackcp.net
drsamersurgery.com
6    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
9    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
9 www.youtube.com italysmoke2.xtgem.com
www.youtube.com
4 xtgem.com italysmoke2.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 i.ytimg.com italysmoke2.xtgem.com
www.youtube.com
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 cif.images.xtstatic.com italysmoke2.xtgem.com
1 enif.images.xtstatic.com italysmoke2.xtgem.com
1 drsamersurgery.com italysmoke2.xtgem.com
1 www.skincare98.com italysmoke2.xtgem.com
1 esteshary.com italysmoke2.xtgem.com
1 italysmoke2.xtgem.com
0 edge.quantserve.com Failed italysmoke2.xtgem.com
28 16

This site contains links to these domains. Also see Links.

Domain
diigo.com
xtgem.com
Subject Issuer Validity Valid
edgestatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-27 -
2022-06-26		 a year crt.sh
skincare98.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-01 -
2022-05-01		 a year crt.sh
*.drsamersurgery.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.xtgem.com
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Frame ID: A12D854A986C2176525482A008C4E65F
Requests: 9 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: D6AC9D0B89D8CC7A48277DB4B4DE7094
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 669B2468FAC8CD6498131F006A850A02
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HHM5XEA0WHs
Frame ID: 42E35CB78FE5D2019E35D61E5205976E
Requests: 17 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9pdGFseXNtb2tlMi54dGdlbS5jb21cL19feHRfYmxvZ1wvX194dGJsb2dfZW50cnk/X194dGJsb2dfZW50cnk9MjM5MDY2NjEmX194dGJsb2dfYmxvY2tfaWQ9MSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6Iml0YWx5c21va2UyLnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: 6E020A61AA1DE5E61723D3EFC7E4512E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Of Gynecomastia - Wikipedia - Blog

Page Statistics

28
Requests

71 %
HTTPS

69 %
IPv6

12
Domains

16
Subdomains

14
IPs

4
Countries

886 kB
Transfer

2773 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 23906661-the-of-gynecomastia-wikipedia
italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
c50c436e1b2b14d582133cd4b7dd9f87385b7e72512a9000a2ed571cfb922600

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

Date
Sat, 13 Nov 2021 01:00:38 GMT
Vary
Host,Accept-Encoding
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
7327
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
hqdefault.jpg
i.ytimg.com/vi/XXYYYMqccFk/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/XXYYYMqccFk/hqdefault.jpg
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e52f937645bed384c4eea72e9f6be3aeeb64299cf5bd567d3b1c7730ba9de79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19955
x-xss-protection
0
server
sffe
etag
"1445799373"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Nov 2021 03:00:39 GMT
%D8%B9%D9%84%D8%A7%D8%AC_%D8%AA%D8%AB%D8%AF%D9%8A_%D8%A7%D9%84%D8%B1%D8%AC%D8%A7%D9%84.jpg
esteshary.com/mwfiles/thumbs/fit630x300/6588/1586044702/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esteshary.com/mwfiles/thumbs/fit630x300/6588/1586044702/%D8%B9%D9%84%D8%A7%D8%AC_%D8%AA%D8%AB%D8%AF%D9%8A_%D8%A7%D9%84%D8%B1%D8%AC%D8%A7%D9%84.jpg
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd024f9505e112a3c8adf017ba58b1b251eed4d1ed93d74776d1f7e3a2672e1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1218716
cf-ray
6ad41078aae65a3d-MXP
x-cache
MISS, HIT
x-cache-hits
0, 1
content-length
18639
x-amz-id-2
sulyGL/0HUo0QEWtGcbVcP/H8JVNn8JcGXSAZih0ZO3VxyJmAhRAVuEy6gt0P6pFq+SJnml6qlY=
x-served-by
cache-lcy19227-LCY, cache-mxp6981-MXP
last-modified
Sat, 04 Apr 2020 23:58:23 GMT
server
cloudflare
x-timer
S1636765239.151109,VS0,VE1
etag
"3aa9dc4f60f069f62a1f19927d7739b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVt%2FYM5BWJzVrXdpx5s2tGiuRGGXrIgp0ZLkHcaBNqDXJ686Pqaa%2B8XyA%2Fd%2B02m9MH%2F6axKg6VC9TR6vcxoDbPKOXLyP%2B9RrdzuzKI9k6blK7Wwg%2BJrfDE86myRSjaOB%2F1zegpJ2Yq9Y0Tw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1V3BH1X94SSNTYB3
cache-control
s-maxage=31536000, must-revalidate, max-age=31536000, stale-while-revalidate=9999999, stale-if-error=9999999
accept-ranges
bytes
content-type
image/jpeg
expires
Mon, 24 Oct 2022 22:28:43 GMT
%D8%A7%D8%B3%D8%B9%D8%A7%D8%B1-%D8%A7%D9%84%D8%AA%D8%AB%D8%AF%D9%8A-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%B1%D8%AC%D8%A7%D9%84.jpg
www.skincare98.com/wp-content/uploads/2019/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skincare98.com/wp-content/uploads/2019/01/%D8%A7%D8%B3%D8%B9%D8%A7%D8%B1-%D8%A7%D9%84%D8%AA%D8%AB%D8%AF%D9%8A-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%B1%D8%AC%D8%A7%D9%84.jpg
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.195 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium94-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5d541cbe6d4dbba137a018c59c420be14d9dff700acd936628b9562f8ed9472e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
last-modified
Sat, 01 May 2021 22:43:57 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5126
expires
Sun, 13 Mar 2022 01:00:39 GMT
kuer_c070f001.jpg
drsamersurgery.com/wp-content/uploads/2018/05/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drsamersurgery.com/wp-content/uploads/2018/05/kuer_c070f001.jpg
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.151.30.132 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
185-151-30-132.ptr4.stackcp.net
Software
Apache /
Resource Hash
1101010dc215095afe6c9fd3b1f73d87119cdd5d4c64eb8ea016b0b80cdc6fb0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:33 GMT
last-modified
Fri, 26 Mar 2021 01:58:04 GMT
server
Apache
etag
"f6c3-5be66dcce4300"
content-type
image/jpeg
x-cdn-cache-status
REVALIDATED
x-provided-by
StackCDN
x-origin-cache-status
MISS
accept-ranges
bytes
x-backend-server
web53.hosting.stackcp.net
content-length
63171
x-via
FRA1
x-service-level
standard
xtgem-forums.jpg
xtgem.com/images/forum/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/forum/xtgem-forums.jpg
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 01:00:34 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
4
ETag
"20c8-59774aa04e000"
X-Cache
HIT
Content-Type
image/jpeg
Expires
Mon, 13 Dec 2021 01:00:34 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
8392
X-Cache-Hits
2
quant.js
edge.quantserve.com/ 		0
0
tp.gif
enif.images.xtstatic.com/ Frame D6AC 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/

Response headers

Date
Sat, 13 Nov 2021 01:00:39 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Mon, 13 Dec 2021 01:00:39 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame 669B 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/

Response headers

Date
Sat, 13 Nov 2021 01:00:39 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Mon, 13 Dec 2021 01:00:39 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
HHM5XEA0WHs
www.youtube.com/embed/ Frame 42E3 		61 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/HHM5XEA0WHs
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9ee2dfe4d33a329c2f11c40578d31a15ca396b2b523048a35a8f7a0fa25124e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 13 Nov 2021 01:00:39 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
clear
__xt_authbar
xtgem.com/ Frame 6E02 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9pdGFseXNtb2tlMi54dGdlbS5jb21cL19feHRfYmxvZ1wvX194dGJsb2dfZW50cnk/X194dGJsb2dfZW50cnk9MjM5MDY2NjEmX194dGJsb2dfYmxvY2tfaWQ9MSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6Iml0YWx5c21va2UyLnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
0725ecfb223f8bfc44fa18fa3056d8cf759cd30c854a4eb2913800cf28636f63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/

Response headers

Date
Sat, 13 Nov 2021 01:00:39 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2935
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://italysmoke2.xtgem.com/
Origin
http://italysmoke2.xtgem.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 01:00:39 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
X-Cache-Hits
0
close2.png
xtgem.com/images/ 		564 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: italysmoke2.xtgem.com
URL: http://italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23906661-the-of-gynecomastia-wikipedia?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
http://italysmoke2.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 01:00:34 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
4
ETag
"234-59774aa04e000"
X-Cache
HIT
Content-Type
image/png
Expires
Mon, 13 Dec 2021 01:00:34 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
8
www-player-webp.css
www.youtube.com/s/player/8d287e4d/ Frame 42E3 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
75164
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
47155
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 42E3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 06:41:55 GMT
x-content-type-options
nosniff
age
152324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 06:41:55 GMT
www-embed-player.js
www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/ Frame 42E3 		207 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:34:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
73555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
69543
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:34:44 GMT
base.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/ Frame 42E3 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b212f8c919e5fd63646ffe3a401c6dd2cd33d26a85f49eecb4936e3b3611ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
74107
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
528415
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:25:32 GMT
fetch-polyfill.js
www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/ Frame 42E3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
77049
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2830
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 03:36:30 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 42E3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb5b175986f95915064af5cf0a61041e0b8820ed26e3295f25cc140e648ddda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 01:00:39 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 42E3 		29 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 00:58:00 GMT
x-content-type-options
nosniff
age
159
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Nov 2021 01:13:00 GMT
remote.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/ Frame 42E3 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37aa9c8b83eeab3c01d35dbe0eabd35ead07af91d9f02339f8cd5fd4015cf87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71500
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29807
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 05:08:59 GMT
xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js
www.google.com/js/th/ Frame 42E3 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
41137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13555
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 13:35:02 GMT
embed.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/ Frame 42E3 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a83886359fecfcc4ef9f909405825298106311a1f75bf2155473f9a177ef92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
74106
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7350
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:25:33 GMT
truncated
/ Frame 42E3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQnRSqkWmOENOUOyEVGa--dDlmT9XOsl29eGis2LA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 42E3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQnRSqkWmOENOUOyEVGa--dDlmT9XOsl29eGis2LA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bd568261ee804fcd4a62a4233759a51502abc09c37f481050032180a5328d734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 22:57:42 GMT
x-content-type-options
nosniff
age
7377
content-disposition
inline;filename="unnamed.jpg"
alt-svc
clear
content-length
2613
x-xss-protection
0
server
fife
etag
"v100"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 04:10:36 GMT
sddefault.webp
i.ytimg.com/vi_webp/HHM5XEA0WHs/ Frame 42E3 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/HHM5XEA0WHs/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a79eee01999c2a6c084809acf039f0e149afdd6dafea763b39f70a52032a992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
22638
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Nov 2021 03:00:39 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 42E3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Nov 2021 01:00:39 GMT
generate_204
www.youtube.com/ Frame 42E3 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?lg_fIg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HHM5XEA0WHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 01:00:39 GMT
alt-svc
clear
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame 42E3 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/HHM5XEA0WHs
X-YouTube-Client-Version
1.20211110.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtFMWdpcEZPaFI4RSi3nLyMBg%3D%3D
X-YouTube-Ad-Signals
dt=1636765239323&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 13 Nov 2021 01:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
31
x-xss-protection
0
expires
Sat, 13 Nov 2021 01:00:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.quantserve.com
URL
http://edge.quantserve.com/quant.js

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _qevents boolean| cookies number| len

5 Cookies

Domain/Path Name / Value
italysmoke2.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: 7e22d5550c7c1c4f98dfd011e7e3d560
.xtgem.com/ Name: _xta_vid
Value: 84f3dc61e3cadde6891afdd2d83a9dcd-1636765238
.youtube.com/ Name: YSC
Value: nOxKAW6oGK8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: E1gipFOhR8E

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cif.images.xtstatic.com
drsamersurgery.com
edge.quantserve.com
enif.images.xtstatic.com
esteshary.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
italysmoke2.xtgem.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.skincare98.com
www.youtube.com
xtgem.com
yt3.ggpht.com
edge.quantserve.com
178.33.123.218
185.151.30.132
2606:4700:20::6818:9904
2a00:1450:4001:803::200e
2a00:1450:4001:812::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2016
54.36.158.42
68.65.121.195
0725ecfb223f8bfc44fa18fa3056d8cf759cd30c854a4eb2913800cf28636f63
1101010dc215095afe6c9fd3b1f73d87119cdd5d4c64eb8ea016b0b80cdc6fb0
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
37aa9c8b83eeab3c01d35dbe0eabd35ead07af91d9f02339f8cd5fd4015cf87f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5d541cbe6d4dbba137a018c59c420be14d9dff700acd936628b9562f8ed9472e
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
8b212f8c919e5fd63646ffe3a401c6dd2cd33d26a85f49eecb4936e3b3611ea8
8e52f937645bed384c4eea72e9f6be3aeeb64299cf5bd567d3b1c7730ba9de79
9a79eee01999c2a6c084809acf039f0e149afdd6dafea763b39f70a52032a992
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
bd568261ee804fcd4a62a4233759a51502abc09c37f481050032180a5328d734
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
c50c436e1b2b14d582133cd4b7dd9f87385b7e72512a9000a2ed571cfb922600
c7a83886359fecfcc4ef9f909405825298106311a1f75bf2155473f9a177ef92
cdd024f9505e112a3c8adf017ba58b1b251eed4d1ed93d74776d1f7e3a2672e1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9ee2dfe4d33a329c2f11c40578d31a15ca396b2b523048a35a8f7a0fa25124e
fb5b175986f95915064af5cf0a61041e0b8820ed26e3295f25cc140e648ddda8