urlscan.io logo urlscan.io
SecurityTrails logo

rollshame81.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-video...
Effective URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-video...
Submission: On August 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 26 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is rollshame81.xtgem.com.
This is the only time rollshame81.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
rollshame81.xtgem.com
1    2a02:26f0:6c00::210:baba (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.feednews.com
1    2a02:26f0:7100:18f::24e8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.ndtvimg.com
1    104.16.122.91 (United States)

ASN13335 (CLOUDFLARENET, US)
www.geo.tv
1    2a02:26f0:6c00:2a2::1ac0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
akm-img-a-in.tosshub.com
6    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
5.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtu.be
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2190:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:2190:1000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com rollshame81.xtgem.com
www.google.com
www.gstatic.com
3 xtgem.com rollshame81.xtgem.com
2 pixel.quantserve.com 1 redirects rollshame81.xtgem.com
2 rules.quantcount.com 1 redirects rollshame81.xtgem.com
1 fonts.gstatic.com www.google.com
1 www.youtube.com 1 redirects
1 youtu.be 1 redirects
1 cif.images.xtstatic.com rollshame81.xtgem.com
1 enif.images.xtstatic.com rollshame81.xtgem.com
1 edge.quantserve.com rollshame81.xtgem.com
1 5.thumbs.xtstatic.com rollshame81.xtgem.com
1 akm-img-a-in.tosshub.com rollshame81.xtgem.com
1 www.geo.tv rollshame81.xtgem.com
1 c.ndtvimg.com rollshame81.xtgem.com
1 res.feednews.com rollshame81.xtgem.com
1 rollshame81.xtgem.com
26 17

This site contains links to these domains. Also see Links.

Domain
youtu.be
xtgem.com
Subject Issuer Validity Valid
download.operachina.com
R3		 2021-08-12 -
2021-11-10		 3 months crt.sh
ndtv.com
DigiCert SHA2 Secure Server CA		 2021-02-22 -
2022-03-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-14 -
2022-07-13		 a year crt.sh
www.aajtaklite.com
GeoTrust RSA CA 2018		 2021-07-21 -
2021-12-26		 5 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.xtgem.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-18 -
2021-10-07		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Frame ID: FD6544AAE25225B54D68808F67333BCF
Requests: 11 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 7538F474F96BC2D215F90EF699EFAC05
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 82DB5B0F86AEB61352E0EDAFB12CADE1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
Frame ID: 72222FC399E5F1B249872F120F60C605
Requests: 3 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9yb2xsc2hhbWU4MS54dGdlbS5jb21cL19feHRfYmxvZ1wvX194dGJsb2dfZW50cnk/X194dGJsb2dfZW50cnk9MjI5MzI0NDImX194dGJsb2dfYmxvY2tfaWQ9MSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6InJvbGxzaGFtZTgxLnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: A0837AB7B01B18EF81962AB17A9AAF26
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
Frame ID: 46748F42389BE4B84B591B3A76F0EB6D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=990rhv5am73i
Frame ID: 83961DAA03A7FCB9B2E964145C9DD10E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Best Strategy To Use For Top 40 Viral Videos of All Time - Search Engine Journal - Blog

Page Statistics

26
Requests

73 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

14
IPs

4
Countries

659 kB
Transfer

1416 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://youtu.be/VROfT5BZIJc HTTP 303
  • https://www.youtube.com/watch?v=VROfT5BZIJc&feature=youtu.be HTTP 302
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
Request Chain 12
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 13
  • http://pixel.quantserve.com/pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-251889156-1630306017439;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1630306017439;tzo=-120;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-251889156-1630306017439;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1630306017439;tzo=-120;ogl=

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal
rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
93aceed56269a86e93bcd3ff2a9e6b689d7a7d846432e130cf6bc1f7cd4fc79d

Request headers

Host
rollshame81.xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 06:46:55 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=e55d7620bd21258a6d00edf2d259c01a; expires=Wed, 30-Aug-2023 06:46:56 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly _xta_vid=85d00fb6856e457448ac5585beb86371-1630306016; expires=Mon, 30-Aug-2021 07:16:56 GMT; Max-Age=1800; path=/; domain=.xtgem.com; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
7976
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
b53d9253c7cc7310089bdc330f68814c
res.feednews.com/assets/v2/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.feednews.com/assets/v2/b53d9253c7cc7310089bdc330f68814c?width=1280&height=720&quality=hq&category=us_News_Society
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Tengine /
Resource Hash
2a12e4ddcea06427e9d980c0ca3c6d03a0c7be4f6cfce1d36d440912eb252662

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:46:57 GMT
cache-control
max-age=604800
server
Tengine
cache-tag
20210830T06,20210830T,b53d9253c7cc7310089bdc330f68814c
content-type
image/jpeg
content-length
47841
expires
Mon, 06 Sep 2021 06:46:57 GMT
q1tsgh2o_viral-gymnastics-video_625x300_16_August_21.jpg
c.ndtvimg.com/2021-08/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2021-08/q1tsgh2o_viral-gymnastics-video_625x300_16_August_21.jpg
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18f::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4d769246d2025c17aaa659335b90f4a6d64527ca2af905706530d5e871e9a2b6

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:46:57 GMT
x-check-cacheable
YES
x-serial
813
etag
"d75be731c90321c292e7849cdcc52c27-1"
content-type
image/webp
cache-control
private, no-transform, max-age=1385307
last-modified
Mon, 16 Aug 2021 07:35:13 GMT
content-length
21028
server
Akamai Image Manager
expires
Wed, 15 Sep 2021 07:35:24 GMT
367549_3335925_updates.jpg
www.geo.tv/assets/uploads/updates/2021-08-28/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geo.tv/assets/uploads/updates/2021-08-28/367549_3335925_updates.jpg
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.122.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5429508a88d59abfc33628e4a586334357c404d0125d556ae021d1409d40be

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:46:57 GMT
via
1.1 varnish (Varnish/6.0)
cf-cache-status
HIT
age
158125
cf-polished
origSize=31490, status=webp_bigger
x-cache
MISS
content-type
image/jpeg
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
31167
last-modified
Sat, 28 Aug 2021 06:53:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
845937592
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 06:46:57 GMT
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
686c109ece240132-AMS
cf-bgj
imgq:85,h2pri
deeerty_1200x768.jpeg
akm-img-a-in.tosshub.com/indiatoday/images/story/202012/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akm-img-a-in.tosshub.com/indiatoday/images/story/202012/deeerty_1200x768.jpeg?4ZcsNW5QslbpnSEr_EBEf6yZQtv8l2mE&size=770:433
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
3558170b1164f274e0d7fb7d816a4910915255cc5a3035946022aaf2b2764b6e

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:46:59 GMT
last-modified
Fri, 04 Dec 2020 02:38:59 GMT
server
Akamai Image Server
etag
"1092c17c6942dcd6594e431aca53f695"
access-control-allow-methods
GET,POST,PUT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, private, max-age=300
content-length
42073
expires
Mon, 30 Aug 2021 06:51:59 GMT
disneyland-1972-love-the-old-s-92184.jpg
5.thumbs.xtstatic.com/100/50/-/5a863a045714f1131d9c0a62603ddf96/backtooldschool.xtgem.com/images/blog/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://5.thumbs.xtstatic.com/100/50/-/5a863a045714f1131d9c0a62603ddf96/backtooldschool.xtgem.com/images/blog/disneyland-1972-love-the-old-s-92184.jpg
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
b4c5e88c51a0bf8f35880acda55d57853738b0c066fd11608b57c71bca755e4b

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
X-Ngz
1
Last-Modified
Sun, 28 Oct 2018 05:53:10 GMT
Age
0
ETag
"6a9-0"
Sent-XS
0.000
X-Cache
MISS
Content-Type
image/jpeg
Expires
Wed, 01 Sep 2021 06:46:57 GMT
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Accept-Ranges
bytes
Content-Length
1705
X-Cache-Hits
0
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
Content-Encoding
gzip
Etag
"lp772EpWKwf8Kq7YKMhbuw=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Mon, 06 Sep 2021 06:46:57 GMT
tp.gif
enif.images.xtstatic.com/ Frame 7538 		42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rollshame81.xtgem.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rollshame81.xtgem.com/

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Wed, 29 Sep 2021 06:46:57 GMT
Content-Type
image/gif
Age
0
X-Cache
HIT
X-Cache-Hits
1
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame 82DB 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rollshame81.xtgem.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rollshame81.xtgem.com/

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Wed, 29 Sep 2021 06:46:57 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
index
www.google.com/sorry/ Frame 7222
Redirect Chain
  • https://youtu.be/VROfT5BZIJc
  • https://www.youtube.com/watch?v=VROfT5BZIJc&feature=youtu.be
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
86ee5c96d878e5640b6a3f39490eafc776024e815f4084f17d91a4ff2ea862c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rollshame81.xtgem.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rollshame81.xtgem.com/

Response headers

date
Mon, 30 Aug 2021 06:46:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
server
HTTP server (unknown)
content-length
2918
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
date
Mon, 30 Aug 2021 06:46:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
376
x-xss-protection
0
set-cookie
CONSENT=PENDING+015; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set __xt_authbar
xtgem.com/ Frame A083 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9yb2xsc2hhbWU4MS54dGdlbS5jb21cL19feHRfYmxvZ1wvX194dGJsb2dfZW50cnk/X194dGJsb2dfZW50cnk9MjI5MzI0NDImX194dGJsb2dfYmxvY2tfaWQ9MSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6InJvbGxzaGFtZTgxLnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
5c8d2f684d9b7d9bf27f24abf493ac53e3c3159d642100327e3736ef1418ef06

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://rollshame81.xtgem.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rollshame81.xtgem.com/

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w3~jbcdpb5i70accrub42hlfnod64; expires=Tue, 31-Aug-2021 06:46:57 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Wed, 29-Sep-2021 06:46:57 GMT; Max-Age=2592000; path=/ __lang=US; expires=Wed, 29-Sep-2021 06:46:57 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2935
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Origin
http://rollshame81.xtgem.com
Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
X-Cache-Hits
0
close2.png
xtgem.com/images/ 		564 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"234-59774aa04e000"
X-Cache
MISS
Content-Type
image/png
Expires
Wed, 29 Sep 2021 06:46:57 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
0
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 01:51:13 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
age
17788
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
odGnW76k0xqtgkZcjlNo9K1THqSaLYMPdHRg9OsErIPFG9AJaXxj7w==

Redirect headers

Date
Mon, 30 Aug 2021 06:46:57 GMT
Via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZRH50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Nah9k2Zc1geLnhxy45MRZI4m4fyuYket7-Pi8S2y9DIrAmbFRPSM7w==
pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-tim...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-to...
  • https://pixel.quantserve.com/pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-t...
35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-251889156-1630306017439;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1630306017439;tzo=-120;ogl=
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://rollshame81.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 06:46:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1596749890;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Frollshame81.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-251889156-1630306017439;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=1;et=1630306017439;tzo=-120;ogl=
Date
Mon, 30 Aug 2021 06:46:57 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Tue, 31 Aug 2021 06:46:57 GMT
api.js
www.google.com/recaptcha/ Frame 7222 		850 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14b528df64c8af3d6b7c6d50ef153508fce0a1cb44843e9ca29d17656036c515
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Mon, 30 Aug 2021 06:46:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 7222 		340 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 19:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135330
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 04:03:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 19:24:15 GMT
anchor
www.google.com/recaptcha/api2/ Frame 4674 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a60e9290198f94be2debb3f69e37c4e9a322df388e333f21be514ed71f539367
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fDWwdOyt/XC0WAbLNrTarA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 30 Aug 2021 06:46:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-fDWwdOyt/XC0WAbLNrTarA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20951
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 4674 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 15:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 04:03:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 15:26:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 4674 		340 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 19:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135330
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 04:03:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 19:24:15 GMT
truncated
/ Frame 4674 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4674 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4674 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:00:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
215194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Fri, 03 Sep 2021 19:00:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4674 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 18:18:02 GMT
x-content-type-options
nosniff
age
476935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:18:02 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 4674 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR
Requested by
Host: rollshame81.xtgem.com
URL: http://rollshame81.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/22932442-the-best-strategy-to-use-for-top-40-viral-videos-of-all-time-search-engine-journal?__xtblog_block_id=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&s=pBcyn1PUtn96u7CHcYKU0nvH-FF5d30gZvxL_b9HVFp8VBPxEO5P1_qH40WaLaN41yYGpIytUFG-99blLzJ_xHYmXWCNJ8COOLoOIo6sNEfkZZJIidTkTzC3-HD9xkY-37ueOwM8JoXbs2mPk8oIGFON_CcLhbFIsIczEMm6L5ABKJvdREfkTQVN5Mpe9OrjGrHD5EMKhhbEZ72v-mMAtVvtvPHFIuUqXCXsuXU&cb=3hqll048npd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 30 Aug 2021 06:46:57 GMT
bframe
www.google.com/recaptcha/api2/ Frame 8396 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=990rhv5am73i
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2d20adce2c95ce5558acf4112cec33b95ba813078476234e5bb8faeeffcfdfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Mgk3/rWHdNpwnrt/t01AcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=990rhv5am73i
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/watch%3Fv%3DVROfT5BZIJc%26feature%3Dyoutu.be&q=EhAqAQT4ASETGgAAAAAAAAACGOH9sYkGIhABly-YhSiYMMb5bk7RzroyMgFy

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 30 Aug 2021 06:46:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-Mgk3/rWHdNpwnrt/t01AcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 8396 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=990rhv5am73i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 15:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 04:03:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 15:26:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 8396 		340 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=990rhv5am73i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 19:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135330
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 04:03:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 19:24:15 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| pubcidCookie

2 Cookies

Domain/Path Name / Value
.xtgem.com/ Name: __qca
Value: P0-251889156-1630306017439
.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name: _dlt
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5.thumbs.xtstatic.com
akm-img-a-in.tosshub.com
c.ndtvimg.com
cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
fonts.gstatic.com
pixel.quantserve.com
res.feednews.com
rollshame81.xtgem.com
rules.quantcount.com
www.geo.tv
www.google.com
www.gstatic.com
www.youtube.com
xtgem.com
youtu.be
104.16.122.91
178.33.123.218
2600:9000:2190:1000:6:44e3:f8c0:93a1
2600:9000:2190:5200:6:44e3:f8c0:93a1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a02:26f0:6c00:2a2::1ac0
2a02:26f0:6c00::210:baba
2a02:26f0:7100:18f::24e8
54.36.158.42
91.228.74.189
91.228.74.226
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
14b528df64c8af3d6b7c6d50ef153508fce0a1cb44843e9ca29d17656036c515
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2a12e4ddcea06427e9d980c0ca3c6d03a0c7be4f6cfce1d36d440912eb252662
3558170b1164f274e0d7fb7d816a4910915255cc5a3035946022aaf2b2764b6e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4d769246d2025c17aaa659335b90f4a6d64527ca2af905706530d5e871e9a2b6
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
5c8d2f684d9b7d9bf27f24abf493ac53e3c3159d642100327e3736ef1418ef06
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
86ee5c96d878e5640b6a3f39490eafc776024e815f4084f17d91a4ff2ea862c2
93aceed56269a86e93bcd3ff2a9e6b689d7a7d846432e130cf6bc1f7cd4fc79d
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a60e9290198f94be2debb3f69e37c4e9a322df388e333f21be514ed71f539367
ad5429508a88d59abfc33628e4a586334357c404d0125d556ae021d1409d40be
b4c5e88c51a0bf8f35880acda55d57853738b0c066fd11608b57c71bca755e4b
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d20adce2c95ce5558acf4112cec33b95ba813078476234e5bb8faeeffcfdfb