urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:801::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://81.17.130.154/qs=r-acacaehikdijaeffkcfhiacdhkgabacdhkgabadhahcaccacbgdadbgcaigkfeacb
Effective URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAq...
Submission Tags: 7084251
Submission: On April 25 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 27 HTTP transactions. The main IP is 2a00:1450:4001:801::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1O1 on March 23rd 2021. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    81.17.130.154 (Ukraine)

ASN21500 (TNS-AS, UA)
PTR: scheme-non.pingknock.com
81.17.130.154
4    138.128.7.214 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
rocksolidfresh.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:2057:2400:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.bouncepilot.com
2    52.85.121.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-121-62.bud50.r.cloudfront.net
static.traversedlp.com
2    2606:4700:3035::ac43:c19a (United States)

ASN13335 (CLOUDFLARENET, US)
offer-notavailable.com
2    2606:4700:3034::ac43:cb26 (United States)

ASN13335 (CLOUDFLARENET, US)
rapid-cdn.com
1    216.189.51.90 (United States)

ASN6921 (ARACHNITEC, US)
go.yonyelinta.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtu.be
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com offer-notavailable.com
www.google.com
www.gstatic.com
4 rocksolidfresh.com rocksolidfresh.com
2 rapid-cdn.com 2 redirects
2 offer-notavailable.com rocksolidfresh.com
offer-notavailable.com
2 static.traversedlp.com www.googletagmanager.com
2 static.bouncepilot.com rocksolidfresh.com
2 www.googletagmanager.com rocksolidfresh.com
1 fonts.gstatic.com www.google.com
1 www.youtube.com 1 redirects
1 youtu.be 1 redirects
1 go.yonyelinta.com 1 redirects
0 api.traversedlp.com Failed static.traversedlp.com
27 13

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.bouncepilot.com
Amazon		 2020-07-21 -
2021-08-21		 a year crt.sh
*.traversedlp.com
Go Daddy Secure Certificate Authority - G2		 2020-12-29 -
2022-01-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
Frame ID: 97666CA7163108E79096B43A024C7809
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
Frame ID: 9692EEF0B1DE301778D297CE22E77BDA
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=rz710q8cecpz
Frame ID: 3B343550514E05D45EFC03729D9461F9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://81.17.130.154/qs=r-acacaehikdijaeffkcfhiacdhkgabacdhkgabadhahcaccacbgdadbgcaigkfeacb HTTP 302
    http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_367927... Page URL
  2. http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_1... Page URL
  3. https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127 Page URL
  4. http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
    http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=12235... HTTP 302
    http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
    https://youtu.be/dV2dhS38_Vc HTTP 303
    https://www.youtube.com/watch?v=dV2dhS38_Vc&feature=youtu.be HTTP 302
    https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26featu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<div[^>]+class="g-recaptcha"/i
  • script /\/recaptcha\/api\.js/i

Page Statistics

27
Requests

78 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

9
IPs

3
Countries

1334 kB
Transfer

1533 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://81.17.130.154/qs=r-acacaehikdijaeffkcfhiacdhkgabacdhkgabadhahcaccacbgdadbgcaigkfeacb HTTP 302
    http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26 Page URL
  2. http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click= Page URL
  3. https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127 Page URL
  4. http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
    http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1223546009356722947 HTTP 302
    http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
    https://youtu.be/dV2dhS38_Vc HTTP 303
    https://www.youtube.com/watch?v=dV2dhS38_Vc&feature=youtu.be HTTP 302
    https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://81.17.130.154/qs=r-acacaehikdijaeffkcfhiacdhkgabacdhkgabadhahcaccacbgdadbgcaigkfeacb HTTP 302
  • http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
clicks
rocksolidfresh.com/
Redirect Chain
  • http://81.17.130.154/qs=r-acacaehikdijaeffkcfhiacdhkgabacdhkgabadhahcaccacbgdadbgcaigkfeacb
  • http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Protocol
HTTP/1.1
Server
138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash
ac721d896f14a3bf20e54db02ec5ac734f2337b12a626acce9800a615a7b95a4

Request headers

Host
rocksolidfresh.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sun, 25 Apr 2021 14:00:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.26

Redirect headers

Date
Sun, 25 Apr 2021 13:53:07 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
location
http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fa23f9cfe026987b0d0fe3162c3fbcf2925207ce9a19365c20f48d797de7ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://rocksolidfresh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 13:53:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31431
x-xss-protection
0
last-modified
Sun, 25 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Apr 2021 13:53:08 GMT
fp.php
rocksolidfresh.com/ 		296 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rocksolidfresh.com/fp.php
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Protocol
HTTP/1.1
Server
138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma
no-cache
Origin
http://rocksolidfresh.com
Accept-Encoding
gzip, deflate
Host
rocksolidfresh.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Connection
keep-alive
Content-Length
861
Referer
http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 25 Apr 2021 14:00:47 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2400:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer
http://rocksolidfresh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 12:28:09 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 12:25:11 GMT
server
AmazonS3
age
84960
etag
"4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
33917
x-amz-cf-id
rhCn9lmn7Li0m1zWUyrjAWmtsYZF-LMqGGzxxoVFDxxKL3mvFUsY-g==
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.121.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-62.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer
http://rocksolidfresh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 19 Mar 2021 19:00:16 GMT
Server
AmazonS3
Age
4687
ETag
W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Sun, 25 Apr 2021 12:56:59 GMT
X-Amz-Cf-Pop
BUD50-C1
X-Amz-Cf-Id
liSgWN-PUyzJT_i81SpFqPSgEuvxnNimcizWHDFQyzzdXmYb2HwwkA==
cookie
api.traversedlp.com/retargeting/v1/ 		0
0
clicks
rocksolidfresh.com/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click=
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Protocol
HTTP/1.1
Server
138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash
3bf8b94d4751c182c646c92c07dbcc12daf282aa03b7ba88ab50b932b8da9c3a

Request headers

Host
rocksolidfresh.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
clkcheck22037=111f0ba54347c2f0a41a29fec3543910_107546
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26

Response headers

Server
nginx
Date
Sun, 25 Apr 2021 14:00:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.26
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fa23f9cfe026987b0d0fe3162c3fbcf2925207ce9a19365c20f48d797de7ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://rocksolidfresh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 13:53:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31431
x-xss-protection
0
last-modified
Sun, 25 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Apr 2021 13:53:09 GMT
fp.php
rocksolidfresh.com/ 		233 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rocksolidfresh.com/fp.php
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click=
Protocol
HTTP/1.1
Server
138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma
no-cache
Origin
http://rocksolidfresh.com
Accept-Encoding
gzip, deflate
Host
rocksolidfresh.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click=
Cookie
clkcheck22037=111f0ba54347c2f0a41a29fec3543910_107546
Connection
keep-alive
Content-Length
903
Referer
http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 25 Apr 2021 14:00:47 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=22037&pub=107546&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2400:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer
http://rocksolidfresh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 12:28:09 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 12:25:11 GMT
server
AmazonS3
age
84961
etag
"4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
33917
x-amz-cf-id
DSmv9oFksFHe3lh7EpTl4am6YmoXJvbNZOoaWZAE2sJiD6JWNXtAXA==
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.121.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-62.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer
http://rocksolidfresh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 19 Mar 2021 19:00:16 GMT
Server
AmazonS3
Age
4688
ETag
W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Sun, 25 Apr 2021 12:56:59 GMT
X-Amz-Cf-Pop
BUD50-C1
X-Amz-Cf-Id
5w89FXzN7j2ghkuZvflR_F47jZf-20-xVJ0ksEp6WxAMKPMtFnJ14w==
cookie
api.traversedlp.com/retargeting/v1/ 		0
0
/
offer-notavailable.com/bettercontent/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127
Requested by
Host: rocksolidfresh.com
URL: http://rocksolidfresh.com/clicks?cid=4740&pub=107546&prevcid=22037&sid1=12695_34491467_11&sid2=1_1_0_12695_0_3679278_26_2051_75943_34491467_10_1052&sid3=26&sid4=&dev_click=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dba8f52818ae72e3b7cadd92c26250056cbcc1f3224b59c9b7716994bcecc4d

Request headers

:method
GET
:authority
offer-notavailable.com
:scheme
https
:path
/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://rocksolidfresh.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rocksolidfresh.com/

Response headers

date
Sun, 25 Apr 2021 13:53:09 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9c1bd364e94765529022638404cc6ac61619358789; expires=Tue, 25-May-21 13:53:09 GMT; path=/; domain=.offer-notavailable.com; HttpOnly; SameSite=Lax; Secure
cf-cache-status
DYNAMIC
cf-request-id
09aae747390000d6d576ad0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y9tq0EKP4PS0pTVyYwhzMAe5ggwfgbuTp6TPYR2lJgjJnsyh9C71UIEW%2FBLZ5vWrMAc4zekF5NflgnQJASbEgYx%2F0PaiZx%2FiAVkbyU1heIMXtDVtBC1fKo3JgJHoFzt7rn2M"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
64580e51fca0d6d5-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
desktop.png
offer-notavailable.com/bettercontent/images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by
Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

:path
/bettercontent/images/desktop.png
pragma
no-cache
cookie
__cfduid=d9c1bd364e94765529022638404cc6ac61619358789
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
offer-notavailable.com
referer
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 13:53:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
203241
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94237
cf-request-id
09aae7485100004eb6971bf000000001
last-modified
Wed, 06 Nov 2019 23:26:55 GMT
server
cloudflare
etag
"5dc356bf-1701d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gwlAZxn3b%2F%2BY9B7gtKI1CTJdf6PSV6%2FxrgMbsmIt0WCfdDJ6BY6MI8ytecMN6qcPOU67NeuZR0e8qJsEm2R1oNy5me2aIMXXnGPacqwOArM4ycyFaL7fL0GGN1jpn2wG3n53"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64580e53ba334eb6-FRA
expires
Sun, 23 May 2021 05:25:48 GMT
Primary Request index
www.google.com/sorry/
Redirect Chain
  • http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid=
  • http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1223546009356722947
  • http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89
  • https://youtu.be/dV2dhS38_Vc
  • https://www.youtube.com/watch?v=dV2dhS38_Vc&feature=youtu.be
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
Requested by
Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
b0995c880028db1ecd1061dc0256fe9da0e4784cd7e1a0b6e62bcdfa7cd109ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=239&utm_content=127

Response headers

date
Sun, 25 Apr 2021 13:53:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
server
HTTP server (unknown)
content-length
2946
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
date
Sun, 25 Apr 2021 13:53:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
388
x-xss-protection
0
set-cookie
CONSENT=PENDING+613; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.js
www.google.com/recaptcha/ 		850 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.google.com
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 13:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sun, 25 Apr 2021 13:53:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
166618
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sat, 23 Apr 2022 15:36:16 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9692 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4eb964d7e952a4e6104ae787eedd47d16d89d4aad03825a961dec39adf006f21
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c9mCVWYL6qcBUHXH24wEKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 25 Apr 2021 13:53:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-c9mCVWYL6qcBUHXH24wEKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11010
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 9692 		51 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 13:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
88978
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Sun, 24 Apr 2022 13:10:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 9692 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
166618
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sat, 23 Apr 2022 15:36:16 GMT
truncated
/ Frame 9692 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9692 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9692 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
253065
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Thu, 29 Apr 2021 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9692 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 06:54:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
111550
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 24 Apr 2022 06:54:04 GMT
JXRfJF9kyDc4fFyGVy77wzRRT2iFLsFZ8moTTM1SROU.js
www.google.com/js/bg/ Frame 9692 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/JXRfJF9kyDc4fFyGVy77wzRRT2iFLsFZ8moTTM1SROU.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25745f245f64c837387c5c86572efbc334514f68852ec159f26a134ccd5244e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/bg/JXRfJF9kyDc4fFyGVy77wzRRT2iFLsFZ8moTTM1SROU.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.google.com
referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 13:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:30:00 GMT
server
sffe
age
174903
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5802
x-xss-protection
0
expires
Sat, 23 Apr 2022 13:18:11 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9692 		102 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
same-origin
accept
*/*
cache-control
no-cache
sec-fetch-dest
worker
:authority
www.google.com
referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=OXaEwS4jJ5jizrVKP-j8E0TklM-3wqFhzmWbEZTllI_mdp8B7M40dJD1-p-mcHM_k9HGc8Xx7RETDTTT6nZ6yAUS83Zfx-teywqmiU1ReikUPoyYELhbyG4qiPg-dEEzS-D9ojgch-Rv71JuLZElHDxkLkcPGkk0US_xypKLiFRoEpaE55sxCowZ1xE-R4pUY86UF04rTLPnYOBM3bFb6XEW_XhOoa3mcv0e2AMHeDovYbVXDyVEO5o&cb=zftmwxy1pks5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 13:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Sun, 25 Apr 2021 13:53:14 GMT
bframe
www.google.com/recaptcha/api2/ Frame 3B34 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=rz710q8cecpz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa9e97b9dbf58e4feb99405bcd4dca94c7fe401aadd6d3b62e8eba7d2a7b0fcf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-abakngJgK/Tmg8OU6FqHKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=rz710q8cecpz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGMnolYQGIhkA8aeDS4GkQn4pZ29u16PDd_itjAWM3O7IMgFy

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 25 Apr 2021 13:53:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-abakngJgK/Tmg8OU6FqHKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1114
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 3B34 		51 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=rz710q8cecpz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 13:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
88978
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Sun, 24 Apr 2022 13:10:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 3B34 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=rz710q8cecpz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
166618
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sat, 23 Apr 2022 15:36:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargeting/v1/cookie
Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargeting/v1/cookie

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| submitCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_974532 object| e

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
fonts.gstatic.com
go.yonyelinta.com
offer-notavailable.com
rapid-cdn.com
rocksolidfresh.com
static.bouncepilot.com
static.traversedlp.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
youtu.be
api.traversedlp.com
138.128.7.214
216.189.51.90
2600:9000:2057:2400:10:b308:84c0:93a1
2606:4700:3034::ac43:cb26
2606:4700:3035::ac43:c19a
2a00:1450:4001:801::2004
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
52.85.121.62
81.17.130.154
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fa23f9cfe026987b0d0fe3162c3fbcf2925207ce9a19365c20f48d797de7ce6
25745f245f64c837387c5c86572efbc334514f68852ec159f26a134ccd5244e5
3bf8b94d4751c182c646c92c07dbcc12daf282aa03b7ba88ab50b932b8da9c3a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4eb964d7e952a4e6104ae787eedd47d16d89d4aad03825a961dec39adf006f21
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1
7dba8f52818ae72e3b7cadd92c26250056cbcc1f3224b59c9b7716994bcecc4d
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c
ac721d896f14a3bf20e54db02ec5ac734f2337b12a626acce9800a615a7b95a4
b0995c880028db1ecd1061dc0256fe9da0e4784cd7e1a0b6e62bcdfa7cd109ee
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
fa9e97b9dbf58e4feb99405bcd4dca94c7fe401aadd6d3b62e8eba7d2a7b0fcf