zzen9201---rick-roller.web.app Open in urlscan Pro
151.101.1.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.linkedin.patow15.com/
Effective URL:
https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
Submission: On January 19 via automatic, source certstream-suspicious (January 19th 2021, 7:15:47 am UTC)

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is zzen9201---rick-roller.web.app.
TLS certificate: Issued by GTS CA 1O1 on April 15th 2020. Valid for: a year.

This is the only time zzen9201---rick-roller.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.34.157.60 64.34.157.60	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
6	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
24	9

1 64.34.157.60 (Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)
PTR: hp120.hostpapa.com

www.linkedin.patow15.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

zzen9201.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

zzen9201---rick-roller.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	web.app zzen9201---rick-roller.web.app	2 MB
6	gstatic.com www.gstatic.com	211 KB
5	googleapis.com www.googleapis.com firestore.googleapis.com	472 B
5	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	101 KB
2	page.link 1 redirects zzen9201.page.link	11 KB
1	youtube.com www.youtube.com
1	patow15.com 1 redirects www.linkedin.patow15.com	265 B
24	7

	Domain	Requested by
6	zzen9201---rick-roller.web.app	www.gstatic.com zzen9201---rick-roller.web.app
6	www.gstatic.com	zzen9201.page.link www.gstatic.com zzen9201---rick-roller.web.app
4	ka-f.fontawesome.com	kit.fontawesome.com zzen9201---rick-roller.web.app
3	firestore.googleapis.com	www.gstatic.com
2	www.googleapis.com	www.gstatic.com
2	zzen9201.page.link	1 redirects
1	www.youtube.com	zzen9201---rick-roller.web.app
1	kit.fontawesome.com	zzen9201---rick-roller.web.app
1	www.linkedin.patow15.com	1 redirects
24	9

This site contains links to these domains. Also see Links.

Domain
github.com

Subject Issuer	Validity	Valid
*.page.link GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
edgecert.googleapis.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
Frame ID: E3FE69C5D9DE4B21E8D1FB403895C249
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
Frame ID: A69E139714B2EEE946B0CA87EBE84714
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.linkedin.patow15.com/ HTTP 301
https://zzen9201.page.link/oyNsWCTabVwG58mV9 Page URL
https://zzen9201.page.link/oyNsWCTabVwG58mV9?_imcp=1 HTTP 302
https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

2689 kB
Transfer

3248 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/Angus-C-git
Title: Angus C

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.linkedin.patow15.com/ HTTP 301
https://zzen9201.page.link/oyNsWCTabVwG58mV9 Page URL
https://zzen9201.page.link/oyNsWCTabVwG58mV9?_imcp=1 HTTP 302
https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.linkedin.patow15.com/ HTTP 301
https://zzen9201.page.link/oyNsWCTabVwG58mV9

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

oyNsWCTabVwG58mV9 Show response
zzen9201.page.link/
Redirect Chain

https://www.linkedin.patow15.com/
https://zzen9201.page.link/oyNsWCTabVwG58mV9

34 KB
10 KB

35ms
35ms

Document
text/html

2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201.page.link/oyNsWCTabVwG58mV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c249787a97494550622cfd25c64d9b1b644f27a303c405945f18a0e05ced3bb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tv5EAetcyq1ym653SUg4FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-Tv5EAetcyq1ym653SUg4FQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: zzen9201.page.link
:scheme: https
:path: /oyNsWCTabVwG58mV9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 19 Jan 2021 07:15:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-Tv5EAetcyq1ym653SUg4FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-Tv5EAetcyq1ym653SUg4FQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Date: Tue, 19 Jan 2021 07:15:21 GMT
Server: Apache
Location: https://zzen9201.page.link/oyNsWCTabVwG58mV9
Content-Length: 252
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/ 147 KB
52 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp

Requested by

Host: zzen9201.page.link
URL: https://zzen9201.page.link/oyNsWCTabVwG58mV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb490f0e64b77b80cdca9994c7b44e2f0abd805ab1ca31458361c71fd8b2fabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566834
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52780
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 23:29:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jan 2022 17:48:07 GMT

GET
H3-Q050 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.VDVlfWISeig.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.VDVlfWISeig.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP689mksJICY3QFOcmoSgY8Pq3gIag/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64ea344452b25817ddf1bff008e132131f290e6085a4f1aa8560fb5d2642eb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566521
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12973
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 21:30:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jan 2022 17:53:20 GMT

GET
H3-Q050 200 m=KjEEgd Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.VDVlfWISeig.L.B1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsj... 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.VDVlfWISeig.L.B1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP689mksJICY3QFOcmoSgY8Pq3gIag/m=KjEEgd

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d350c7d35d5c5651fc37168ce67bb5461187d38ffe5fb890ad10519938c5d5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566521
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 21:30:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jan 2022 17:53:20 GMT

GET
H2

200

Primary Request rolled Show response
zzen9201---rick-roller.web.app/
Redirect Chain

https://zzen9201.page.link/oyNsWCTabVwG58mV9?_imcp=1
https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

2 KB
1 KB

701ms
701ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: d236a9a2002eb8c71bc42ea31224b8f8088ae1b43654c0e30ec4df55b36408b7

Request headers

:method: GET
:authority: zzen9201---rick-roller.web.app
:scheme: https
:path: /rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://zzen9201.page.link/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zzen9201.page.link/oyNsWCTabVwG58mV9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"92a-YNyQFnAaSpo+n/Tv1/FfHGZPTi8"
function-execution-id: 6e0naqxgp1w7
server: Google Frontend
x-cloud-trace-context: 0af972924aed75f4021215808071585e
x-country-code: BE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
date: Tue, 19 Jan 2021 07:15:22 GMT
x-served-by: cache-ams21058-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1611040521.359013,VS0,VE682
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 19 Jan 2021 07:15:21 GMT
location: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
content-security-policy: script-src 'report-sample' 'nonce-x1sHw5Mj6e9ttGEn1V9O/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-x1sHw5Mj6e9ttGEn1V9O/w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rolled.css
zzen9201---rick-roller.web.app/css/ 5 KB
1 KB 27ms
25ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/css/rolled.css

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

844d23af16c645c8b791bb74d9820be6502b4d887be88062efc18d1f68a7d53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1611040522.306672,VS0,VE0
etag: "a42a9b40319e93a927ef0f0c85679564315cbf439da7ce832e39e4f737cbf932-br"
x-served-by: cache-ams21058-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Tue, 19 Jan 2021 07:15:22 GMT
accept-ranges: bytes
content-length: 1253
x-cache-hits: 1

GET
H2 200 5eb4842dc5.js Show response
kit.fontawesome.com/ 11 KB
4 KB 25ms
23ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/5eb4842dc5.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a408817398a04d63f7fd9dc7613b26564886b80a10cd6ec22f8769b7d4a6df68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://zzen9201---rick-roller.web.app
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 07:15:22 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 19
strict-transport-security: max-age=31536000; preload
cf-request-id: 07bb18983c0000c2e560081000000001
x-request-id: FluQzU7VWIM5zksWNrTh
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 613ec3a05e25c2e5-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H3-Q050 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.17.1/ 19 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.17.1/firebase-app.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa63341640c00753b093b1d60f1f6d42459a25ffcc2fc3d44901d7e83889367c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jul 2020 05:16:38 GMT
server: sffe
age: 399503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6605
x-xss-protection: 0
expires: Fri, 14 Jan 2022 16:16:59 GMT

GET
H3-Q050 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/7.17.1/ 170 KB
54 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.17.1/firebase-auth.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

363eb2646ead03c2be97ecee385ca5c9782ccd328a815448427043883399621c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 09:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jul 2020 05:16:40 GMT
server: sffe
age: 425135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55477
x-xss-protection: 0
expires: Fri, 14 Jan 2022 09:09:47 GMT

GET
H3-Q050 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/7.17.2/ 279 KB
81 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c1593a81081bbb666ef40c5a356c3a8266f734a388af020bd631a369a897feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Aug 2020 20:30:24 GMT
server: sffe
age: 396134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82593
x-xss-protection: 0
expires: Fri, 14 Jan 2022 17:13:08 GMT

GET
H2 200 utilz.js Show response
zzen9201---rick-roller.web.app/js/ 1 KB
544 B 27ms
26ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/js/utilz.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bdce34f15f15531fd68530772d5b54ccbe7bddbb1137f0741ac93802e970fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1611040522.306647,VS0,VE0
etag: "bb029e8fa8abdddfc9ec77204e93c2ae13a1c5e5aab37445600413dc1c29b851-br"
x-served-by: cache-ams21058-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Tue, 19 Jan 2021 07:15:22 GMT
accept-ranges: bytes
content-length: 411
x-cache-hits: 1

GET
H2 200 rickRoll.gif
zzen9201---rick-roller.web.app/media/ 2 MB
2 MB 24ms
24ms Image
image/gif 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zzen9201---rick-roller.web.app/media/rickRoll.gif

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bf67bf5de3b31a0cf2c4b3d90af6041b3a6c2a1d4a3b0257fd1d6befb1dd7d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1611040522.368340,VS0,VE0
etag: "78bb49145f2f0b3eba92ad604341d63da0bc461a177ca220d0bbd1c265256f43"
x-served-by: cache-ams21058-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/gif
cache-control: max-age=3600
date: Tue, 19 Jan 2021 07:15:22 GMT
accept-ranges: bytes
content-length: 2416075
x-cache-hits: 1

GET
H2 200 checkauth.js Show response
zzen9201---rick-roller.web.app/js/ 2 KB
734 B 18ms
18ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/js/checkauth.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e33065ea9ffed6c1231986ac4cd73d3a20c9f14755447118147b7f06ad35496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1611040522.332578,VS0,VE0
etag: "9c87a1c2b1a1b6fae0d30f24ba6280f3fe093cd0eb3d5b3e11de5e16b431eed1-br"
x-served-by: cache-ams21058-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Tue, 19 Jan 2021 07:15:22 GMT
accept-ranges: bytes
content-length: 624
x-cache-hits: 1

GET
H2 200 rolled.js Show response
zzen9201---rick-roller.web.app/js/ 407 B
313 B 28ms
27ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/js/rolled.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ff8fad88dcba7ba8cf4180322efa960efff89c635c4fd5ac5183b2017111f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1611040522.368299,VS0,VE0
etag: "9bcb34bcefffb5f2d54a47d07c78d003001744c625d60b71ae7a2ae09cafbe42-br"
x-served-by: cache-ams21058-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Tue, 19 Jan 2021 07:15:22 GMT
accept-ranges: bytes
content-length: 202
x-cache-hits: 1

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 48ms
47ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=5eb4842dc5
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5eb4842dc5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 07:15:22 GMT
via: 1.1 4c7862a49cd83c3f3532e46f49fb0cf7.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07bb18985c00000625e5051000000001
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lbHMXAQYQgvY%2BeTtmn82HsE59AuDpV5aaWkp%2FGk2LNqufsTFTowyfWAVN%2F1V6qzBnb0iWkSdpBbY%2FA29Ky7zpahChS42srTfkkOsYdZVug8OScLC4MnP3mdy%2BhWm4fXtjw%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 613ec3a099130625-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 7XI-2ys9djr5y50emViXwhiIZArygrs2mmMS_yxghKPFnhuoZrbagA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
4 KB 70ms
69ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=5eb4842dc5
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5eb4842dc5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 07:15:22 GMT
via: 1.1 1a3a682cf8d843fe52f3224f60584fad.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07bb18985d00000625cf29d000000001
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zl6WQeNkKXMOqi%2FwlLc6YJdtPegqdIC%2Fk9ENj6uDFE0lKYKM4IwpBqE%2BgckZRQSzIlVoGRugMBm2cYI%2BSbv5t4%2BDmBUucXPHvFtKczCAK43MGCYMorX2QnJT30tFHcaTKg%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 613ec3a099150625-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: TgfH5JThL78UZ1rePDigpWuvF8iQLM4w8pERm7CyoOrdxKLE-CjEfA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 3 KB
2 KB 23ms
23ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=5eb4842dc5
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5eb4842dc5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 07:15:22 GMT
via: 1.1 1b96443527f684c809162d975cdd968f.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07bb18985d000006258d36c000000001
last-modified: Wed, 13 Jan 2021 18:32:16 GMT
server: cloudflare
etag: W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CP4OxCJxB%2BXuyBsUIAX9ani%2BGrwYpxcMx2n3kukHU8qM%2F%2FATTYaXrbNm%2BmopRk4x8vFm0l1INDEgP86zPBes%2FSevXGGGAF2SAZHEhGXROB27%2FO5Ru2RNCArA4tGkrRgvUw%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 613ec3a099160625-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 5dM2bDlYOeW736ZftxdgliX24qRZ02-zzguMeTGcR9x7C6oLW4sE_g==

GET
H2 200 dQw4w9WgXcQ
www.youtube.com/embed/ Frame A69E 0
0 136ms
136ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/dQw4w9WgXcQ?autoplay=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2

Response headers

strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
cache-control: no-cache
content-length: 21095
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
date: Tue, 19 Jan 2021 07:15:22 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=v3FZaFcFowE; path=/; domain=.youtube.com; secure; expires=Sun, 18-Jul-2021 07:15:22 GMT; httponly; samesite=None YSC=PC-fOPjTkrw; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=v3FZaFcFowE; path=/; domain=.youtube.com; secure; expires=Sun, 18-Jul-2021 07:15:22 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 19-Jan-2021 07:45:22 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.2/webfonts/ 78 KB
79 KB 17ms
11ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454

Request headers

Origin: https://zzen9201---rick-roller.web.app
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 07:15:22 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 80272
cf-request-id: 07bb18993c00000625a43b5000000001
last-modified: Wed, 13 Jan 2021 18:39:13 GMT
server: cloudflare
etag: "a156119daf157b8244f7c816f85638cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fi6qhnfSItDulxGug8Teu0XnRig3aJKKVv7bu%2Bzli5%2BxZO6JQWPZngz1pJy5MAPUruQrkdfQfsuTYYMFZnPfgrsnU4mPPxIeR8xyamSv3K9wpqYy%2BHy%2BhnItNbx1JgMYHQ%3D%3D"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 613ec3a1fc4f0625-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -vNfGH4thTasBKI7sS7f8P6nO6Bkf0rfHXDQ7rHG-USQJJ2FswOqqA==

OPTIONS
H2 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 95ms
95ms Other
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyCgCtPAGLkWUpZaK1MiaqY1PaKt0fZe8ss

Protocol

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-client-version
Origin: https://zzen9201---rick-roller.web.app
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-client-version
access-control-max-age: 3600
date: Tue, 19 Jan 2021 07:15:22 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 258 B
252 B 129ms
129ms XHR
application/json 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyCgCtPAGLkWUpZaK1MiaqY1PaKt0fZe8ss

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.1/firebase-auth.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7253b3cdb75c7edaddc7ab56a3d3f3c09e563ac9ec259e0aba7122f767379d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
X-Client-Version: Chrome/JsCore/7.17.1/FirebaseCore-web
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 19 Jan 2021 07:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 202
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 54 B
167 B 7ms
7ms XHR
text/plain 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Fzzen9201---rick-roller%2Fdatabases%2F(default)&VER=8&RID=17289&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.17.2%0D%0AContent-Type%3Atext%2Fplain%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6ImEyYjkxODJiMWI0NmNiN2ZjN2MzMTFlZTgwMjFhZDY1MmVlMjc2MjIiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS96emVuOTIwMS0tLXJpY2stcm9sbGVyIiwiYXVkIjoienplbjkyMDEtLS1yaWNrLXJvbGxlciIsImF1dGhfdGltZSI6MTYxMTA0MDUwNCwidXNlcl9pZCI6Im94ZlhXdkd2TEVlTlRxN3hFTFhveElCQkRkODIiLCJzdWIiOiJveGZYV3ZHdkxFZU5UcTd4RUxYb3hJQkJEZDgyIiwiaWF0IjoxNjExMDQwNTA0LCJleHAiOjE2MTEwNDQxMDQsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.JJ9D0YlJWSQO940Qa5FBZMMQQ7sfXvNtMS_czWFtqjWFIzpY8t50oh2_aTKX95kOLblnAwU4_7FlR5HPbElYo1rFWtb9J0KEPAFvqHLLTsF7i_8_OqVgmxMaEUz9N6zp0IPdD_Smz5VeosfelE6_oBSpUGrkhfi0vgTYU89kD9PlVr-UvMYc9sUJ7Z9ChMhb392iqXosNX108kcNaOO5LI7RdvvJwKcwlZ-dhwjjwv8LgAdhuPdtNiXUEefYYDjfQqKWekXRNsLnVL3zAPe6JtJS4625FvHT8VYDCgfuqB5dCGqBcT1q3s-oOlsKZ35JsZL6yULrqao9-s6z4IePbA%0D%0A&zx=oketog7hl6dn&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f780eac877afb034c48cd526fad9c47da5485d3678bf6c5fe6df1b482e8b5d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jan 2021 07:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: YE4eNsR72V4-Fc0AYezvSBlC0j_dnPFy

GET
H3-Q050 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 252 B
0 11ms
11ms XHR
text/plain 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Fzzen9201---rick-roller%2Fdatabases%2F(default)&gsessionid=YE4eNsR72V4-Fc0AYezvSBlC0j_dnPFy&VER=8&RID=rpc&SID=gYyQp5kiyzy_DmJoh0EQIA&CI=0&AID=0&TYPE=xmlhttp&zx=g9e6yr4z45kw&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 07:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

POST
H3-Q050 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 10 B
53 B 7ms
7ms XHR
text/plain 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/rolled?uid=08m6BrvWGBXhkLeazE8nFhxPWlr2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jan 2021 07:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin
cache-control: private
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: PC-fOPjTkrw
			.youtube.com/	1970-01-19 19:49:52	Name: VISITOR_INFO1_LIVE Value: v3FZaFcFowE

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp(Line 425) Message: %c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api	log	URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp(Line 425) Message: %c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.
console-api	log	URL: https://zzen9201---rick-roller.web.app/js/rolled.js(Line 8) Message: Wrote => undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tv5EAetcyq1ym653SUg4FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-Tv5EAetcyq1ym653SUg4FQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firestore.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
www.googleapis.com
www.gstatic.com
www.linkedin.patow15.com
www.youtube.com
zzen9201---rick-roller.web.app
zzen9201.page.link
151.101.1.195
2606:4700::6812:1734
2606:4700:e6::ac40:cb1c
2a00:1450:4001:802::200e
2a00:1450:4001:803::200a
2a00:1450:4001:816::200a
2a00:1450:4001:817::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::200e
64.34.157.60
0ff8fad88dcba7ba8cf4180322efa960efff89c635c4fd5ac5183b2017111f50
2c1593a81081bbb666ef40c5a356c3a8266f734a388af020bd631a369a897feb
363eb2646ead03c2be97ecee385ca5c9782ccd328a815448427043883399621c
3bdce34f15f15531fd68530772d5b54ccbe7bddbb1137f0741ac93802e970fcf
50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140
64ea344452b25817ddf1bff008e132131f290e6085a4f1aa8560fb5d2642eb11
6e33065ea9ffed6c1231986ac4cd73d3a20c9f14755447118147b7f06ad35496
7253b3cdb75c7edaddc7ab56a3d3f3c09e563ac9ec259e0aba7122f767379d3c
844d23af16c645c8b791bb74d9820be6502b4d887be88062efc18d1f68a7d53f
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
9f780eac877afb034c48cd526fad9c47da5485d3678bf6c5fe6df1b482e8b5d3
a408817398a04d63f7fd9dc7613b26564886b80a10cd6ec22f8769b7d4a6df68
aa63341640c00753b093b1d60f1f6d42459a25ffcc2fc3d44901d7e83889367c
b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454
bf67bf5de3b31a0cf2c4b3d90af6041b3a6c2a1d4a3b0257fd1d6befb1dd7d7c
c249787a97494550622cfd25c64d9b1b644f27a303c405945f18a0e05ced3bb5
d236a9a2002eb8c71bc42ea31224b8f8088ae1b43654c0e30ec4df55b36408b7
d350c7d35d5c5651fc37168ce67bb5461187d38ffe5fb890ad10519938c5d5fe
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
fb490f0e64b77b80cdca9994c7b44e2f0abd805ab1ca31458361c71fd8b2fabf

zzen9201---rick-roller.web.app Open in urlscan Pro 151.101.1.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

80 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

2689 kBTransfer

3248 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

zzen9201---rick-roller.web.app Open in urlscan Pro
151.101.1.195 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

80 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

2689 kB
Transfer

3248 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions