urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:812::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.tspeed23.cloud/c235I239k5uo86q17pKK16t0Vn78P4b5eL19LgibhhIvfHD8vItEGsi8qRsomoRQ6iD10zu6HXcTYJ/creases-glacier
Effective URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAq...
Submission: On April 24 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 29 HTTP transactions. The main IP is 2a00:1450:4001:812::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1O1 on March 23rd 2021. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3031::6815:1549 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tspeed23.cloud
4    104.144.68.123 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
lagoondot.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:2156:2600:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.bouncepilot.com
2    13.32.21.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-80.fra56.r.cloudfront.net
static.traversedlp.com
2    52.86.198.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-198-209.compute-1.amazonaws.com
api.traversedlp.com
2    2606:4700:3035::ac43:c19a (United States)

ASN13335 (CLOUDFLARENET, US)
offer-notavailable.com
2    2606:4700:3034::ac43:cb26 (United States)

ASN13335 (CLOUDFLARENET, US)
rapid-cdn.com
1    216.189.51.90 (United States)

ASN6921 (ARACHNITEC, US)
go.yonyelinta.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtu.be
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com offer-notavailable.com
www.google.com
www.gstatic.com
4 lagoondot.com lagoondot.com
2 rapid-cdn.com 2 redirects
2 offer-notavailable.com lagoondot.com
offer-notavailable.com
2 api.traversedlp.com static.traversedlp.com
2 static.traversedlp.com www.googletagmanager.com
2 static.bouncepilot.com lagoondot.com
2 www.googletagmanager.com lagoondot.com
1 fonts.gstatic.com www.google.com
1 www.youtube.com 1 redirects
1 youtu.be 1 redirects
1 go.yonyelinta.com 1 redirects
1 www.tspeed23.cloud 1 redirects
29 14

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.bouncepilot.com
Amazon		 2020-07-21 -
2021-08-21		 a year crt.sh
*.traversedlp.com
Go Daddy Secure Certificate Authority - G2		 2020-12-29 -
2022-01-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
Frame ID: EFE698C38A00D6E203581E6DF5CE575B
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
Frame ID: 5F8728431EA85AEC87DDD95E0C3031CD
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=8mnth5ozaagw
Frame ID: DFC0F5C63C0E69FC769A7200FA8A8BBE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.tspeed23.cloud/c235I239k5uo86q17pKK16t0Vn78P4b5eL19LgibhhIvfHD8vItEGsi8qRsomoRQ6iD10zu6HXcT... HTTP 302
    http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4= Page URL
  2. http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_c... Page URL
  3. https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170 Page URL
  4. http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=201060&vert=&cid= HTTP 307
    http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=12227... HTTP 302
    http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
    https://youtu.be/dV2dhS38_Vc HTTP 303
    https://www.youtube.com/watch?v=dV2dhS38_Vc&feature=youtu.be HTTP 302
    https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26featu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

29
Requests

79 %
HTTPS

71 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

1335 kB
Transfer

1533 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tspeed23.cloud/c235I239k5uo86q17pKK16t0Vn78P4b5eL19LgibhhIvfHD8vItEGsi8qRsomoRQ6iD10zu6HXcTYJ/creases-glacier HTTP 302
    http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4= Page URL
  2. http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click= Page URL
  3. https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170 Page URL
  4. http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=201060&vert=&cid= HTTP 307
    http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1222799809631490551 HTTP 302
    http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
    https://youtu.be/dV2dhS38_Vc HTTP 303
    https://www.youtube.com/watch?v=dV2dhS38_Vc&feature=youtu.be HTTP 302
    https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.tspeed23.cloud/c235I239k5uo86q17pKK16t0Vn78P4b5eL19LgibhhIvfHD8vItEGsi8qRsomoRQ6iD10zu6HXcTYJ/creases-glacier HTTP 302
  • http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/
Redirect Chain
  • http://www.tspeed23.cloud/c235I239k5uo86q17pKK16t0Vn78P4b5eL19LgibhhIvfHD8vItEGsi8qRsomoRQ6iD10zu6HXcTYJ/creases-glacier
  • http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
104.144.68.123 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash
c022cae693e85ea9b0db4d28e18d13f5aad912f2d46a807faa666e9f65643c11

Request headers

Host
lagoondot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 24 Apr 2021 17:17:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.26

Redirect headers

Date
Sat, 24 Apr 2021 17:09:28 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1daf69332b0a2ed00e54af65ef5c4a8b1619284167; expires=Mon, 24-May-21 17:09:27 GMT; path=/; domain=.tspeed23.cloud; HttpOnly; SameSite=Lax
X-Powered-By
PHP/5.3.3
Location
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
CF-Cache-Status
DYNAMIC
cf-request-id
09a674a3e30000d6cded826000000001
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yR8hiMsIs4d7tS83XC%2B93olOC4XfKYcrKROeKP%2FfANb8juq%2Fx9woJ%2BKy4uCj0I8d0HY%2Bv2GJIqaaLxfpbas6nN5wSYNDcoE2sId5NzrcZe3xGHZrekbF%2B92ibKQzfmI%3D"}],"group":"cf-nel"}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
6450f07fd8f6d6cd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b46475810b49341f41c00a2605c9fd4587e1dc3aa4b92cf535d93699ed299200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31404
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 17:09:28 GMT
fp.php
lagoondot.com/ 		226 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://lagoondot.com/fp.php
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
104.144.68.123 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma
no-cache
Origin
http://lagoondot.com
Accept-Encoding
gzip, deflate
Host
lagoondot.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Connection
keep-alive
Content-Length
817
Referer
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 24 Apr 2021 17:17:06 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 12:26:59 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 12:25:11 GMT
server
AmazonS3
age
16966
etag
"4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
33917
x-amz-cf-id
ufBiMB5HOa6y9WYkooPHR8zHpB3yPAxDxxZk-rHRM77aFOUkfUdk8g==
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 19 Mar 2021 19:00:16 GMT
Server
AmazonS3
Age
2407
ETag
W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Sat, 24 Apr 2021 16:55:59 GMT
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
T43U1s8lOoecXRWKtBhcd2y8a8hLprfZ491BmU3ywT4n2H9Yyz-N1A==
cookie
api.traversedlp.com/retargeting/v1/ 		0
0
/
lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click=
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
104.144.68.123 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash
bfa66c531a777b921a6adb88662d48fe53ecd4cd4c039189dbfa18aadbeefab8

Request headers

Host
lagoondot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
clkcheck27338=6663c2411cd7a29c8595049c3cf2efa9_201060
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=

Response headers

Server
nginx
Date
Sat, 24 Apr 2021 17:17:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.26
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
391a8bef5b0c9d5173337e1105eeae35c237aaaed20d350184e9d976d57179c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31407
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 17:09:29 GMT
fp.php
lagoondot.com/ 		233 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://lagoondot.com/fp.php
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click=
Protocol
HTTP/1.1
Server
104.144.68.123 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma
no-cache
Origin
http://lagoondot.com
Accept-Encoding
gzip, deflate
Host
lagoondot.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click=
Cookie
clkcheck27338=6663c2411cd7a29c8595049c3cf2efa9_201060
Connection
keep-alive
Content-Length
848
Referer
http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 24 Apr 2021 17:17:06 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?sid1=&sid2=&sid3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:29 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 12:25:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
33917
x-amz-cf-id
sjmCvdvsiRmM2IL7vAKKHQIocj6rOiqhmtcOjR14eP9EJKwusRo4bA==
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 19 Mar 2021 19:00:16 GMT
Server
AmazonS3
Age
2408
ETag
W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Sat, 24 Apr 2021 16:55:59 GMT
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
xJpx4xNDqtR33yw7DWrj5KNdw6F-gC1Y4KU3rVntFggjJp9Oz9QVvQ==
cookie
api.traversedlp.com/retargeting/v1/ 		18 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargeting/v1/cookie
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-198-209.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://lagoondot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:29 GMT
server
nginx/1.18.0
etag
W/"12-86d81FY+WDtP4sdiTK7DKw"
vary
Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://lagoondot.com
access-control-expose-headers
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
18
/
offer-notavailable.com/bettercontent/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170
Requested by
Host: lagoondot.com
URL: http://lagoondot.com/ac2e3de2c5b394786a414d2e7748ccf0a/?newcid=4740&sid1=&sid2=&sid3=&sid4=&dev_click=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ec0dd8e8bf10cd5a7ee4fe6aa887775eed603d587097eb9cc1017c0d20b51c

Request headers

:method
GET
:authority
offer-notavailable.com
:scheme
https
:path
/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://lagoondot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://lagoondot.com/

Response headers

date
Sat, 24 Apr 2021 17:09:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d52180ad2fc452912f366a424a91754bb1619284169; expires=Mon, 24-May-21 17:09:29 GMT; path=/; domain=.offer-notavailable.com; HttpOnly; SameSite=Lax; Secure
cf-cache-status
DYNAMIC
cf-request-id
09a674aaeb0000d6cdbea57000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fbzA2%2FVefw9AEWP5UQ7bbwDXjOcHkekDOjMA0g1iNvxJZ8LzAb929djyp2LOWA5y1jPsBeT20P1vKYTpD0OfZF2iqF6%2Fju%2F88poYCQYtr6skiAmd117kDEs7bVs85%2BAr0AIs"}],"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6450f08b0a32d6cd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
enqueue
api.traversedlp.com/retargetinginclusion/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol
H2
Server
52.86.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-198-209.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://lagoondot.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 24 Apr 2021 17:09:29 GMT
content-type
text/html; charset=utf-8
content-length
228
server
nginx/1.18.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://lagoondot.com
access-control-allow-credentials
true
access-control-expose-headers
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers
content-type,authorization
allow
ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag
W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary
Accept-Encoding
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
0
desktop.png
offer-notavailable.com/bettercontent/images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by
Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

:path
/bettercontent/images/desktop.png
pragma
no-cache
cookie
__cfduid=d52180ad2fc452912f366a424a91754bb1619284169
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
offer-notavailable.com
referer
https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:29 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
128621
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94237
cf-request-id
09a674ac2800004ebccd0b2000000001
last-modified
Wed, 06 Nov 2019 23:26:55 GMT
server
cloudflare
etag
"5dc356bf-1701d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K7yG2M4LkInlqH4WpTSy%2FqXHSTJRnCx%2FSaJVwC2EJv6hoIXWYoN8WfmL9blMGGcH%2FMVwaPrxiZNEtDdVEkRQBhECY8RZlXV6nD3fJVgncxAqjDytjpkCgV88uf34%2F%2BXRmxCb"}],"max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6450f08d09e34ebc-FRA
expires
Sun, 23 May 2021 05:25:48 GMT
Primary Request index
www.google.com/sorry/
Redirect Chain
  • http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=201060&vert=&cid=
  • http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1222799809631490551
  • http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89
  • https://youtu.be/dV2dhS38_Vc
  • https://www.youtube.com/watch?v=dV2dhS38_Vc&feature=youtu.be
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
Requested by
Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
3ee91c055856201ba5db8648846768658ad750bb87c27927e9ee299d063955ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://offer-notavailable.com/bettercontent/?utm_source=201060&utm_medium=27&utm_campaign=248&utm_content=170

Response headers

date
Sat, 24 Apr 2021 17:09:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
server
HTTP server (unknown)
content-length
2946
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
date
Sat, 24 Apr 2021 17:09:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
388
x-xss-protection
0
set-cookie
CONSENT=PENDING+604; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.js
www.google.com/recaptcha/ 		850 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.google.com
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 24 Apr 2021 17:09:34 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
91998
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sat, 23 Apr 2022 15:36:16 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5F87 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fba136d69a28f009598c0e1c22e4b06d96bc19d77f3a8f2519f5b25f1a720a37
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mmUYT2L8Hx1t008eoOMkog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 24 Apr 2021 17:09:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-mmUYT2L8Hx1t008eoOMkog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11261
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 5F87 		51 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 13:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
14358
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Sun, 24 Apr 2022 13:10:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 5F87 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
91998
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sat, 23 Apr 2022 15:36:16 GMT
truncated
/ Frame 5F87 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5F87 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5F87 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
178445
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Thu, 29 Apr 2021 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F87 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 21:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
329014
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 20 Apr 2022 21:46:00 GMT
8wW9xOovFvb1Y4sOkj-W2AMqRzmlVgy1e6zY8RG7G1I.js
www.google.com/js/bg/ Frame 5F87 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/8wW9xOovFvb1Y4sOkj-W2AMqRzmlVgy1e6zY8RG7G1I.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f305bdc4ea2f16f6f5638b0e923f96d8032a4739a5560cb57bacd8f111bb1b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/bg/8wW9xOovFvb1Y4sOkj-W2AMqRzmlVgy1e6zY8RG7G1I.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.google.com
referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 09:47:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:30:00 GMT
server
sffe
age
199303
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5734
x-xss-protection
0
expires
Fri, 22 Apr 2022 09:47:51 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5F87 		102 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
same-origin
accept
*/*
cache-control
no-cache
sec-fetch-dest
worker
:authority
www.google.com
referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&s=1sSWmuk0LZDQXpKtWTa89T4qJ4bIBVS2eazxVkCowFKqoPZ8x7E0DYCaBP19GIgvFKbIf07CNyTT0yKxnhxjrw7lcG0QptAoS7_gNaCo71ENyGoJvhh_68PxYESYQE6TxSq-7cZvgVn2QE9tTwUZQEWcIBJ7OMMbzXzgXpm4mpKLXha4GZVD-ZGUaSdT3NDwzrDlCXEdVbua-aLo9vteoWaxqyZjXW8GBXYXCQGwRxs2N8yLxE_L9KI&cb=6k9r4hwwqbyt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Sat, 24 Apr 2021 17:09:34 GMT
bframe
www.google.com/recaptcha/api2/ Frame DFC0 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=8mnth5ozaagw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23d3e4ac0015d2761b0ed3f4fe6e2e337223ea847a8cbc7c27d2aa7551d3dfa6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DRE5UGwhlj98a2jQcoFUbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=8mnth5ozaagw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DdV2dhS38_Vc%26feature%3Dyoutu.be&q=EhAqAQT4AZJUFAAAAAAAAAACGM2hkYQGIhkA8aeDSy40YrXxLi16yXoyODB-3NSfd_b2MgFy

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 24 Apr 2021 17:09:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-DRE5UGwhlj98a2jQcoFUbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame DFC0 		51 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=8mnth5ozaagw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 13:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
14358
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Sun, 24 Apr 2022 13:10:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame DFC0 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=8mnth5ozaagw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
91998
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sat, 23 Apr 2022 15:36:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargeting/v1/cookie
Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargetinginclusion/enqueue

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| submitCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_505633 object| e

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
fonts.gstatic.com
go.yonyelinta.com
lagoondot.com
offer-notavailable.com
rapid-cdn.com
static.bouncepilot.com
static.traversedlp.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.tspeed23.cloud
www.youtube.com
youtu.be
api.traversedlp.com
104.144.68.123
13.32.21.80
216.189.51.90
2600:9000:2156:2600:10:b308:84c0:93a1
2606:4700:3031::6815:1549
2606:4700:3034::ac43:cb26
2606:4700:3035::ac43:c19a
2a00:1450:4001:802::200e
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2008
2a00:1450:4001:829::2003
52.86.198.209
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23d3e4ac0015d2761b0ed3f4fe6e2e337223ea847a8cbc7c27d2aa7551d3dfa6
391a8bef5b0c9d5173337e1105eeae35c237aaaed20d350184e9d976d57179c0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee91c055856201ba5db8648846768658ad750bb87c27927e9ee299d063955ad
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c
b46475810b49341f41c00a2605c9fd4587e1dc3aa4b92cf535d93699ed299200
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
bfa66c531a777b921a6adb88662d48fe53ecd4cd4c039189dbfa18aadbeefab8
c022cae693e85ea9b0db4d28e18d13f5aad912f2d46a807faa666e9f65643c11
e3ec0dd8e8bf10cd5a7ee4fe6aa887775eed603d587097eb9cc1017c0d20b51c
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
f305bdc4ea2f16f6f5638b0e923f96d8032a4739a5560cb57bacd8f111bb1b52
fba136d69a28f009598c0e1c22e4b06d96bc19d77f3a8f2519f5b25f1a720a37