urlscan.io logo urlscan.io
SecurityTrails logo

turkeydecade76.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-...
Effective URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-...
Submission: On March 18 via manual from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 30 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is turkeydecade76.xtgem.com.
This is the only time turkeydecade76.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
turkeydecade76.xtgem.com
1    141.138.138.53 (Rotterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: vps.amsterdam-munten.nl
www.gdkm.de
1    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
lookaside.fbsbx.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)
f4.bcbits.com
1    2.16.107.11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-11.deploy.static.akamaitechnologies.com
s2.dmcdn.net
6    141.94.172.213 (France)

ASN16276 (OVH, FR)
9.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
9    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2600:9000:2182:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
731 KB
4 xtgem.com
turkeydecade76.xtgem.com
xtgem.com — Cisco Umbrella Rank: 276170
16 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 310
1 KB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 10170
pixel.quantserve.com — Cisco Umbrella Rank: 381
11 KB
3 xtstatic.com
9.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
2 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
18 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
865 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
21 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 214
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 dmcdn.net
s2.dmcdn.net — Cisco Umbrella Rank: 14713
151 KB
1 bcbits.com
f4.bcbits.com — Cisco Umbrella Rank: 54065
779 KB
1 fbsbx.com
lookaside.fbsbx.com — Cisco Umbrella Rank: 6190
3 KB
1 gdkm.de
www.gdkm.de
2 MB
30 15
Domain Requested by
9 www.youtube.com turkeydecade76.xtgem.com
www.youtube.com
3 xtgem.com turkeydecade76.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 pixel.quantserve.com 1 redirects turkeydecade76.xtgem.com
2 rules.quantcount.com 1 redirects turkeydecade76.xtgem.com
2 www.facebook.com 1 redirects turkeydecade76.xtgem.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 cif.images.xtstatic.com turkeydecade76.xtgem.com
1 enif.images.xtstatic.com turkeydecade76.xtgem.com
1 edge.quantserve.com turkeydecade76.xtgem.com
1 9.thumbs.xtstatic.com turkeydecade76.xtgem.com
1 s2.dmcdn.net turkeydecade76.xtgem.com
1 f4.bcbits.com turkeydecade76.xtgem.com
1 lookaside.fbsbx.com 1 redirects
1 www.gdkm.de turkeydecade76.xtgem.com
1 turkeydecade76.xtgem.com
30 21

This site contains links to these domains. Also see Links.

Domain
breum-egholm.blogbright.net
xtgem.com
Subject Issuer Validity Valid
gdkm.de
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
*.bcbits.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-25 -
2023-01-26		 a year crt.sh
api.dmcdn.net
R3		 2022-01-26 -
2022-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.xtgem.com
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Frame ID: 0D4B8A84B207E66E078A429352A1BABC
Requests: 11 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 67D4EFAEC3399087A27BBC82A03F5146
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: D3914196A5A9CDF305BFBDC70BD848DC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/r0UbIYDd1X4
Frame ID: 393DF52D10B72C1A65AF6CA04FB47EAB
Requests: 17 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC90dXJrZXlkZWNhZGU3Ni54dGdlbS5jb21cL19feHRfYmxvZ1wvX194dGJsb2dfZW50cnk/X194dGJsb2dfZW50cnk9MjU4Njc4MTUmX194dGJsb2dfYmxvY2tfaWQ9MSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6InR1cmtleWRlY2FkZTc2Lnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: A1687BC8390F3C2AA40A687AAC35A1FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Best Spring Equinox Rituals by Zodiac Sign - The Today - An Overview - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

30
Requests

63 %
HTTPS

78 %
IPv6

15
Domains

21
Subdomains

18
IPs

4
Countries

4082 kB
Transfer

6080 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=4785135474833916 HTTP 302
  • https://www.facebook.com/SoothingRelaxation/photos/a.1068816863132481/4785135474833916/?type=3&is_lookaside=1 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FSoothingRelaxation%2Fphotos%2Fa.1068816863132481%2F4785135474833916%2F%3Ftype%3D3%26is_lookaside%3D1
Request Chain 12
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 18
  • http://pixel.quantserve.com/pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-633095920-1647590382233;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1647590382233;tzo=0;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-633095920-1647590382233;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1647590382233;tzo=0;ogl=
Request Chain 19
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview
turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
9bcd3da2d2c986dfea14c57f391f95ffceedc4f1fde6d82b26c67ebcf4be5b62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
Vary
Host,Accept-Encoding
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
7744
Connection
close
Content-Type
text/html; charset=UTF-8
Cook-Islands-Lullaby.jpg
www.gdkm.de/images/product_images/original_images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdkm.de/images/product_images/original_images/Cook-Islands-Lullaby.jpg
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.138.138.53 Rotterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
vps.amsterdam-munten.nl
Software
Apache /
Resource Hash
1f29914a3479463831de66c27784c939c9ed9a978daae45d73fc4137fef353e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 07:59:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Aug 2019 07:09:15 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2390093
Expires
Sun, 17 Apr 2022 07:59:42 GMT
/
www.facebook.com/login/
Redirect Chain
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=4785135474833916
  • https://www.facebook.com/SoothingRelaxation/photos/a.1068816863132481/4785135474833916/?type=3&is_lookaside=1
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FSoothingRelaxation%2Fphotos%2Fa.1068816863132481%2F4785135474833916%2F%3Ftype%3D3%26is_lookaside%3D1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FSoothingRelaxation%2Fphotos%2Fa.1068816863132481%2F4785135474833916%2F%3Ftype%3D3%26is_lookaside%3D1
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
H3
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://api.mapbox.com https://*.tiles.mapbox.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://api.mapbox.com https://*.tiles.mapbox.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
mJFTD05Lsns3jGbrGdq3ruWSzY7R+REZV4rNJlR1Smo2DK0IZxCTBBYAEzrhN1oGPqdetXXu6Zn9wL5LBxAPxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 18 Mar 2022 07:59:42 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FSoothingRelaxation%2Fphotos%2Fa.1068816863132481%2F4785135474833916%2F%3Ftype%3D3%26is_lookaside%3D1
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
a2684844366_10.jpg
f4.bcbits.com/img/ 		779 KB
779 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f4.bcbits.com/img/a2684844366_10.jpg
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2bed2f501f25a0c082ae624f890a69c5c380be4acac4c6f92f699649ec4c98e

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:59:42 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 27 Jul 2021 00:16:42 GMT
age
65204
x-bc-host
boxycentral-3mk1
x-served-by
cache-mdw17321-MDW, cache-mad22034-MAD
x-cache
HIT, MISS
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1647590382.987394,VS0,VE160
content-length
797421
x-cache-hits
1, 0
x1080
s2.dmcdn.net/v/Q8bS51VarUCq38xhY/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/Q8bS51VarUCq38xhY/x1080
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-11.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
5453f6b05fcb4a62ff6dabd498e1c867bb05a06301a663f9a7205d232d7d257f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:59:42 GMT
last-modified
Fri, 18 Mar 2022 04:04:24 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=0, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
154277
expires
Sat, 19 Mar 2022 07:58:49 GMT
the-soda-pop-14984.jpg
9.thumbs.xtstatic.com/100/50/-/91a39b4cdfcd4a2c027f149ab2280554/backtooldschool.xtgem.com/images/blog/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://9.thumbs.xtstatic.com/100/50/-/91a39b4cdfcd4a2c027f149ab2280554/backtooldschool.xtgem.com/images/blog/the-soda-pop-14984.jpg
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
67a67cf4237b674289013cb8ed12409c1f02196c6976f8f965d3cb0cb66dd237

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
X-Ngz
1
Last-Modified
Mon, 19 Nov 2018 23:59:32 GMT
ETag
"4e3-0"
Sent-XS
0.000
Content-Type
image/jpeg
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Content-Length
1251
Expires
Sun, 20 Mar 2022 07:59:41 GMT
quant.js
edge.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
Content-Encoding
gzip
Etag
"u2JtyZzqnTXwzBUswy2r+w=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 25 Mar 2022 07:59:41 GMT
tp.gif
enif.images.xtstatic.com/ Frame 67D4 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Accept-Ranges
bytes
Content-Length
42
Cache-Control
max-age=2592000
Expires
Sun, 17 Apr 2022 07:59:41 GMT
Connection
close
Content-Type
image/gif
tp.gif
cif.images.xtstatic.com/ Frame D391 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Accept-Ranges
bytes
Content-Length
42
Cache-Control
max-age=2592000
Expires
Sun, 17 Apr 2022 07:59:41 GMT
Connection
close
Content-Type
image/gif
r0UbIYDd1X4
www.youtube.com/embed/ Frame 393D 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/r0UbIYDd1X4
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78b4ee3cb9caeff9734649339bedfb327f6e64b0a9c29639f25f1d669949d0ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Mar 2022 07:59:42 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=es for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
__xt_authbar
xtgem.com/ Frame A168 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC90dXJrZXlkZWNhZGU3Ni54dGdlbS5jb21cL19feHRfYmxvZ1wvX194dGJsb2dfZW50cnk/X194dGJsb2dfZW50cnk9MjU4Njc4MTUmX194dGJsb2dfYmxvY2tfaWQ9MSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6InR1cmtleWRlY2FkZTc2Lnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f5d264a0fd59a27fa67ae7f0284751dcdf6a4098c4142575fb32b51d5f4272ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/

Response headers

Date
Fri, 18 Mar 2022 07:59:42 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2940
Content-Type
text/html; charset=UTF-8
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://turkeydecade76.xtgem.com/
Origin
http://turkeydecade76.xtgem.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 07:59:41 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Sun, 17 Apr 2022 07:59:41 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
H2
Server
2600:9000:2182:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:09:43 GMT
via
1.1 77d8cf253666facea1bbe67902fcbbc0.cloudfront.net (CloudFront)
age
12434
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
d3Hl8OfFOHc-F95p6E_-Hzz4HH3y9P2Sazo0kj0ezUQ4nyKIwKkGVA==

Redirect headers

Date
Fri, 18 Mar 2022 07:59:42 GMT
Via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
zRsoTrQ3IaYfkeQUIzfmvVHrNQZ6uGT2lUevU30Dt6kD2wjsVMLFBQ==
www-player.css
www.youtube.com/s/player/577098c0/ Frame 393D 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/577098c0/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
56123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47168
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 00:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 16:24:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 393D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
226381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/577098c0/www-embed-player.vflset/ Frame 393D 		280 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cf91facad0c607b6df34456a7e72d02a93126bf216d85ebc02c7ac2ba917627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
56109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88175
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 00:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 16:24:33 GMT
base.js
www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/ Frame 393D 		2 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59cc483f2b379f080c32a03b3dd0c470cb9fb8469d1020ab9860ddf7e1d618a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
55458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
536692
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 00:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 16:35:24 GMT
fetch-polyfill.js
www.youtube.com/s/player/577098c0/fetch-polyfill.vflset/ Frame 393D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/577098c0/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
56109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 00:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 16:24:33 GMT
pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-ritu...
  • https://pixel.quantserve.com/pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-rit...
35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-633095920-1647590382233;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1647590382233;tzo=0;ogl=
Requested by
Host: turkeydecade76.xtgem.com
URL: http://turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview?__xtblog_block_id=1
Protocol
H2
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://turkeydecade76.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 07:59:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1937537732;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fturkeydecade76.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F25867815-the-best-spring-equinox-rituals-by-zodiac-sign-the-today-an-overview%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-633095920-1647590382233;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1647590382233;tzo=0;ogl=
Date
Fri, 18 Mar 2022 07:59:42 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Sat, 19 Mar 2022 07:59:42 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 393D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d14baab9ac1479deb42a789dc7ae45e58ba0813275d9e00d8407893b74d3d298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 07:59:42 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 393D 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:53:13 GMT
x-content-type-options
nosniff
age
389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 08:08:13 GMT
remote.js
www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/ Frame 393D 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4884cd972f1ced9441400c31e7d949607890147cf37bf38fe6c4fc3f157961d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
55002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37842
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 00:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 16:43:00 GMT
MKcwde2W9EpBjeUz-X8Qp_8IcWz9bCTkaBfeh4Am-J4.js
www.google.com/js/th/ Frame 393D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/MKcwde2W9EpBjeUz-X8Qp_8IcWz9bCTkaBfeh4Am-J4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a73075ed96f44a418de533f97f10a7ff08716cfd6c24e46817de878026f89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 18:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
49843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 12:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 18:08:59 GMT
embed.js
www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/ Frame 393D 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df53d59feadcde54667b3def0b210e3dd54f10ee8c224498fc6fc8b8db070b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
55457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8088
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 00:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 16:35:25 GMT
truncated
/ Frame 393D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
yVr3lrJZ7ZxNrDFP1vh852czk0fJ8OzUX4Gl7QcJ8A7-ueweBpADMwj9JoUF1LrocNlLbpOZ-g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 393D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/yVr3lrJZ7ZxNrDFP1vh852czk0fJ8OzUX4Gl7QcJ8A7-ueweBpADMwj9JoUF1LrocNlLbpOZ-g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b41a7259fd8aa246a783453260ba81d5400b82871e22c33070a1aa2cb74a4a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 06:37:35 GMT
x-content-type-options
nosniff
age
4927
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1959
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 05 Mar 2022 19:52:45 GMT
sddefault.jpg
i.ytimg.com/vi/r0UbIYDd1X4/ Frame 393D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/r0UbIYDd1X4/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9c9806c0902f4b0d15b106e12291377b5acde1a778890c8ac9e34704843ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:47:04 GMT
x-content-type-options
nosniff
age
758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21088
x-xss-protection
0
server
sffe
etag
"1637333228"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Mar 2022 09:47:04 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 393D 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 07:59:42 GMT
generate_204
www.youtube.com/ Frame 393D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ODNjbQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/r0UbIYDd1X4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:59:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame 393D 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/r0UbIYDd1X4
X-YouTube-Client-Version
1.20220316.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtMQjlMLWxFRWxvRSju99CRBg%3D%3D
X-YouTube-Ad-Signals
dt=1647590382435&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 18 Mar 2022 07:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 18 Mar 2022 07:59:44 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone object| oncontextlost object| oncontextrestored object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

7 Cookies

Domain/Path Name / Value
turkeydecade76.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: 38ed5e0e0eade882c5efc58ec4dee5de
.xtgem.com/ Name: _xta_vid
Value: 43b1fb1a71b29a4ebdb0e8e02bc10958-1647590381
.youtube.com/ Name: YSC
Value: gJEzN23xx_k
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: LB9L-lEEloE
.quantserve.com/ Name: mc
Value: 62343bee-82bb1-8e053-65f62
.xtgem.com/ Name: __qca
Value: P0-633095920-1647590382233

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9.thumbs.xtstatic.com
cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
f4.bcbits.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
lookaside.fbsbx.com
pixel.quantserve.com
rules.quantcount.com
s2.dmcdn.net
static.doubleclick.net
turkeydecade76.xtgem.com
www.facebook.com
www.gdkm.de
www.google.com
www.gstatic.com
www.youtube.com
xtgem.com
yt3.ggpht.com
141.138.138.53
141.94.172.213
2.16.107.11
2600:9000:2182:c800:6:44e3:f8c0:93a1
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2016
2a00:1450:4001:82f::2001
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::644
54.36.158.42
1f29914a3479463831de66c27784c939c9ed9a978daae45d73fc4137fef353e0
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
30a73075ed96f44a418de533f97f10a7ff08716cfd6c24e46817de878026f89e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4884cd972f1ced9441400c31e7d949607890147cf37bf38fe6c4fc3f157961d2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4cf91facad0c607b6df34456a7e72d02a93126bf216d85ebc02c7ac2ba917627
4df53d59feadcde54667b3def0b210e3dd54f10ee8c224498fc6fc8b8db070b1
5453f6b05fcb4a62ff6dabd498e1c867bb05a06301a663f9a7205d232d7d257f
59cc483f2b379f080c32a03b3dd0c470cb9fb8469d1020ab9860ddf7e1d618a1
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67a67cf4237b674289013cb8ed12409c1f02196c6976f8f965d3cb0cb66dd237
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
78b4ee3cb9caeff9734649339bedfb327f6e64b0a9c29639f25f1d669949d0ee
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
9bcd3da2d2c986dfea14c57f391f95ffceedc4f1fde6d82b26c67ebcf4be5b62
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b41a7259fd8aa246a783453260ba81d5400b82871e22c33070a1aa2cb74a4a6d
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
c9c9806c0902f4b0d15b106e12291377b5acde1a778890c8ac9e34704843ac14
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d14baab9ac1479deb42a789dc7ae45e58ba0813275d9e00d8407893b74d3d298
d2bed2f501f25a0c082ae624f890a69c5c380be4acac4c6f92f699649ec4c98e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d264a0fd59a27fa67ae7f0284751dcdf6a4098c4142575fb32b51d5f4272ae