zzen9201---rick-roller.web.app Open in urlscan Pro
151.101.1.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/mysecretcodez
Effective URL:
https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
Submission: On July 16 via manual (July 16th 2021, 5:42:10 am UTC) from AU

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 56 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is zzen9201---rick-roller.web.app.
TLS certificate: Issued by GTS CA 1D4 on May 19th 2021. Valid for: 3 months.

This is the only time zzen9201---rick-roller.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8b41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::ac43:a12f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:65::9	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
56	15

1 2606:4700:10::6814:8b41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

zzen9201---rick-roller.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:65::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	youtube.com www.youtube.com	714 KB
8	googlevideo.com r4---sn-4g5e6nz7.googlevideo.com	2 MB
7	googleapis.com www.googleapis.com firestore.googleapis.com	2 KB
6	web.app zzen9201---rick-roller.web.app	2 MB
5	gstatic.com www.gstatic.com fonts.gstatic.com	159 KB
5	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	101 KB
4	ytimg.com i.ytimg.com	84 KB
3	ggpht.com yt3.ggpht.com	27 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
1	google.com www.google.com	13 KB
1	tinyurl.com 1 redirects tinyurl.com	444 B
56	11

	Domain	Requested by
15	www.youtube.com	zzen9201---rick-roller.web.app www.youtube.com
8	r4---sn-4g5e6nz7.googlevideo.com	www.youtube.com
6	zzen9201---rick-roller.web.app	zzen9201---rick-roller.web.app
4	i.ytimg.com	www.youtube.com zzen9201---rick-roller.web.app
4	www.googleapis.com	www.gstatic.com
4	ka-f.fontawesome.com	kit.fontawesome.com zzen9201---rick-roller.web.app
4	www.gstatic.com	zzen9201---rick-roller.web.app www.youtube.com
3	firestore.googleapis.com	www.gstatic.com
3	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	kit.fontawesome.com	zzen9201---rick-roller.web.app
1	tinyurl.com	1 redirects
56	15

This site contains links to these domains. Also see Links.

Domain
github.com

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-06` - `2021-09-14`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
Frame ID: 7315E117ED47A445C94A3A8480D73F83
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
Frame ID: B4556CCC32899A6087EFA2975FC960CB
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tinyurl.com/mysecretcodez HTTP 301
https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2 Page URL

Detected technologies

Google App Engine (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Google Frontend/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Page Statistics

56
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

5034 kB
Transfer

7408 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/Angus-C-git
Title: Angus C

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/mysecretcodez HTTP 301
https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

56 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request rolled Show response
zzen9201---rick-roller.web.app/
Redirect Chain

https://tinyurl.com/mysecretcodez
https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

2 KB
1 KB

557ms
450ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: fa20a0ff540f8baedf793751aba81b1272aac13e7253c24018ff9add32cad578

Request headers

:method: GET
:authority: zzen9201---rick-roller.web.app
:scheme: https
:path: /rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"921-tpos3QpocqAMP+tbrZlWMQ2xlUg"
function-execution-id: crwch4l7fkhk
server: Google Frontend
x-cloud-trace-context: 8d9ef8ef6bcd2d32668b9542b9bcfd54;o=1
x-country-code: PL
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
date: Fri, 16 Jul 2021 05:41:46 GMT
x-served-by: cache-hhn4033-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1626414106.028505,VS0,VE405
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding

Redirect headers

date: Fri, 16 Jul 2021 05:41:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.26
location: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66f8e73ebc3fd6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 rolled.css
zzen9201---rick-roller.web.app/css/ 5 KB
1 KB 279ms
278ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/css/rolled.css

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

844d23af16c645c8b791bb74d9820be6502b4d887be88062efc18d1f68a7d53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:path: /css/rolled.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: zzen9201---rick-roller.web.app
referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1626414106.492083,VS0,VE225
etag: "a42a9b40319e93a927ef0f0c85679564315cbf439da7ce832e39e4f737cbf932-br"
x-served-by: cache-hhn4033-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Fri, 16 Jul 2021 05:41:46 GMT
accept-ranges: bytes
content-length: 1253
x-cache-hits: 0

GET
H2 200 5eb4842dc5.js Show response
kit.fontawesome.com/ 11 KB
4 KB 43ms
23ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/5eb4842dc5.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f40190da8eb8cd64639b1e575f8cd59c91bcdaf2fee2b10115910f19cb93fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://zzen9201---rick-roller.web.app
Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:46 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 58
strict-transport-security: max-age=31536000; preload
x-request-id: FpIuxfMYtBW8aj5aL8li
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 66f8e7458f0d4de2-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.17.1/ 19 KB
7 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.17.1/firebase-app.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa63341640c00753b093b1d60f1f6d42459a25ffcc2fc3d44901d7e83889367c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 21:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6605
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 05:16:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 21:11:19 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/7.17.1/ 170 KB
54 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.17.1/firebase-auth.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

363eb2646ead03c2be97ecee385ca5c9782ccd328a815448427043883399621c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 03:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55477
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 05:16:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 03:32:51 GMT

GET
H2 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/7.17.2/ 279 KB
81 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c1593a81081bbb666ef40c5a356c3a8266f734a388af020bd631a369a897feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82593
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 20:30:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 00:20:16 GMT

GET
H2 200 utilz.js Show response
zzen9201---rick-roller.web.app/js/ 1 KB
641 B 239ms
238ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/js/utilz.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bdce34f15f15531fd68530772d5b54ccbe7bddbb1137f0741ac93802e970fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:path: /js/utilz.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: zzen9201---rick-roller.web.app
referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1626414106.492053,VS0,VE185
etag: "bb029e8fa8abdddfc9ec77204e93c2ae13a1c5e5aab37445600413dc1c29b851-br"
x-served-by: cache-hhn4033-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 16 Jul 2021 05:41:46 GMT
accept-ranges: bytes
content-length: 411
x-cache-hits: 0

GET
H2 200 rickRoll.gif
zzen9201---rick-roller.web.app/media/ 2 MB
2 MB 946ms
946ms Image
image/gif 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zzen9201---rick-roller.web.app/media/rickRoll.gif

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bf67bf5de3b31a0cf2c4b3d90af6041b3a6c2a1d4a3b0257fd1d6befb1dd7d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:path: /media/rickRoll.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: zzen9201---rick-roller.web.app
referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1626414107.783985,VS0,VE893
etag: "78bb49145f2f0b3eba92ad604341d63da0bc461a177ca220d0bbd1c265256f43"
x-served-by: cache-hhn4033-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/gif
cache-control: max-age=3600
date: Fri, 16 Jul 2021 05:41:47 GMT
accept-ranges: bytes
content-length: 2416075
x-cache-hits: 0

GET
H2 200 checkauth.js Show response
zzen9201---rick-roller.web.app/js/ 2 KB
735 B 272ms
272ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/js/checkauth.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e33065ea9ffed6c1231986ac4cd73d3a20c9f14755447118147b7f06ad35496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:path: /js/checkauth.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: zzen9201---rick-roller.web.app
referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1626414107.723767,VS0,VE227
etag: "9c87a1c2b1a1b6fae0d30f24ba6280f3fe093cd0eb3d5b3e11de5e16b431eed1-br"
x-served-by: cache-hhn4033-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 16 Jul 2021 05:41:46 GMT
accept-ranges: bytes
content-length: 624
x-cache-hits: 0

GET
H2 200 rolled.js Show response
zzen9201---rick-roller.web.app/js/ 407 B
338 B 323ms
322ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zzen9201---rick-roller.web.app/js/rolled.js

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ff8fad88dcba7ba8cf4180322efa960efff89c635c4fd5ac5183b2017111f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:path: /js/rolled.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: zzen9201---rick-roller.web.app
referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 03 Nov 2020 16:18:15 GMT
x-timer: S1626414107.763296,VS0,VE277
etag: "9bcb34bcefffb5f2d54a47d07c78d003001744c625d60b71ae7a2ae09cafbe42-br"
x-served-by: cache-hhn4033-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 16 Jul 2021 05:41:47 GMT
accept-ranges: bytes
content-length: 202
x-cache-hits: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 38ms
20ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=5eb4842dc5
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5eb4842dc5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:46 GMT
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 263
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7126XJPB8zARfaIovsoDXVdglV5qosVZ28P5GUa855lALmJoDOg4M%2FIN9NUfjgZmCYblVnY8qR%2BJgCEmO2Pt8weWb%2BMCU2FZ1WnVUhrx913A5HIu6mTyqodbkBZcKJR6yvFnGNBDCYe1QWLVONFWr8sqew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 66f8e7474e1e3140-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: N6KSET0RvwkM7L02bKVoKNyGqJ2AkAHSCdr451czJQRA3nyjGpjJKg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
5 KB 34ms
17ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=5eb4842dc5
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5eb4842dc5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:46 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 263
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoxtvAb5s0iBUHgNNpNXHW7Kb82aAPSlhrvoGPn8%2FKwlE%2F0mRk1vLR7jDeIwfULGB4h45MC3ua6BoKf7Jel7gmw9eWOjnHuB30WeoCfMRTAyNUe1yfL2DxHhm2UY3BKxY8QHmDy0siWiCyfSQndu6CiNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 66f8e7474e223140-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: rFUhyXxHLGNv-uCUa5a7l6B7h3ebEmWE5SkqFvltz_hTmDHcVbkVAw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
2 KB 33ms
16ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=5eb4842dc5
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5eb4842dc5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:46 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 263
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaOJ0avJgsdyPw2e28GoCv0EDEEWPdAkBnx0AawhZCNpLsKqVt69ZG7mqYpZMtokhrSDWZonOa%2BUq6Ee0aP2BHs8P%2FnAeWY85qxSabVCvgO4g5oS%2F%2FR%2BKyllICx36jFYUBSMc1iAljWjdUvZYcRNrlfXjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 66f8e7474e253140-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 69_8UUniXCIhQw4nK12jpwkhUsCZ0L5uscZ62wDCM8yCcbzo52I9Jg==

GET
H2 200 dQw4w9WgXcQ Show response
www.youtube.com/embed/ Frame B455 54 KB
23 KB 102ms
81ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59b05e80a667a4ae04ad37942563561f5c8fb9c8f2a149933546af42e197372e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/dQw4w9WgXcQ?autoplay=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zzen9201---rick-roller.web.app/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://zzen9201---rick-roller.web.app/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Jul 2021 05:41:46 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=l8q9r-H8JYo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=7kPwSoEp6cg; Domain=.youtube.com; Expires=Wed, 12-Jan-2022 05:41:46 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+285; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 76 KB
77 KB 23ms
13ms Font
font/woff2 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2
Requested by: Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b

Request headers

Origin: https://zzen9201---rick-roller.web.app
Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:46 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 263
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78212
last-modified: Wed, 17 Mar 2021 02:28:18 GMT
server: cloudflare
etag: "4e463cfb29c596ba3bb8b0c2469914e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBFp4hLln4enlNYM%2FZCXM9WDo%2By4NecsV0YAzB1kdFCJDwztGOiITTJT%2BeJG7YpWgdgd17AJ59bH9ofKJOaXzlFRQu5CwKshFOWgfoC3cX1xs8h5P4sEa%2FJDwjE63odgOx8sF21EHkoDG%2FH%2B2U3uokisEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 66f8e7479decc2c2-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Too55D-4p6_5W5rH4oNEs0PLq3blKXHizRFSomigQwFWwsAmpQw1bg==

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/7ba2b998/ Frame B455 324 KB
45 KB 22ms
8ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d815775f36de7cf811a67054ef9b292cf0b7730c61faba018c5756fda850f136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 50245
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45807
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:44:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B455 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 288865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 21:27:21 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/7ba2b998/www-embed-player.vflset/ Frame B455 192 KB
64 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d630c73d427a4c659407fafb368d8f9e0872cc1248ef87582ffe5c609322904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 50169
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65169
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:45:37 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/ Frame B455 2 MB
488 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff15e08bd13f03b88f75a7c8bf91735886f522bcff0b6af8275d4af1303d07ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 50248
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500080
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:44:18 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/7ba2b998/fetch-polyfill.vflset/ Frame B455 8 KB
3 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 50169
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:45:37 GMT

OPTIONS
H2 200 signupNewUser
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 129ms
108ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyCgCtPAGLkWUpZaK1MiaqY1PaKt0fZe8ss

Protocol

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-client-version
Origin: https://zzen9201---rick-roller.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-client-version
access-control-max-age: 3600
date: Fri, 16 Jul 2021 05:41:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 signupNewUser Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 1 KB
1002 B 237ms
224ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyCgCtPAGLkWUpZaK1MiaqY1PaKt0fZe8ss

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.1/firebase-auth.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a7bab560b0c45578032747132122588af98165859c394e2fac5dd80f7ad0715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
X-Client-Version: Chrome/JsCore/7.17.1/FirebaseCore-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 977
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B455
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

29ms
15ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

816f3e61e61b1e0e9e9fa4457ca4de7378a708f2f022e1c82e8675132a38d670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Jul 2021 05:41:47 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B455 29 B
423 B 26ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:29:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 722
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 16 Jul 2021 05:44:45 GMT

GET
H2 200 rri_UWQ0J4KTeoiEc0uqeM0aau5ykYMkDZQXo2HoPhc.js Show response
www.google.com/js/th/ Frame B455 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/rri_UWQ0J4KTeoiEc0uqeM0aau5ykYMkDZQXo2HoPhc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8bf5164342782937a8884734baa78cd1a6aee729183240d9417a361e83e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 22:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 22:47:26 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/ Frame B455 25 KB
7 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31d2341ed1493d51ca078e80bd91e376f9a257fe0c8e1e0e295eaac89f61cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 49754
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7484
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:52:33 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame B455 99 KB
23 KB 89ms
88ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0cebf427d5cf38a555f6cd0eff3c1c6cc8d7c41181fec6af8ce8c31f9d9be76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210714.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: Cgs3a1B3U29FcDZjZyiauMSHBg%3D%3D
Content-Type: application/json

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23106
x-xss-protection: 0
expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
DATA 200
OK truncated
/ Frame B455 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame B455 2 KB
2 KB 30ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8db73b3829dd87209d28ce48fad36bacfa981abc83b0816d28426b07f3053a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 02:22:50 GMT
x-content-type-options: nosniff
age: 11937
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1907
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Jul 2021 20:35:15 GMT

GET
DATA 200
OK truncated
/ Frame B455 283 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10bbbb5c5ae22683c47f305bb0f2987078bf85ee76cb85e6d9bb36947e4fb3a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 generate_204
www.youtube.com/ Frame B455 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?tDcwiA
Requested by: Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 258 B
225 B 137ms
136ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyCgCtPAGLkWUpZaK1MiaqY1PaKt0fZe8ss

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.1/firebase-auth.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90e8312295b1593485240e0a3165b4de983a23c22446d7685f462c76a7034e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
X-Client-Version: Chrome/JsCore/7.17.1/FirebaseCore-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 200
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3-29 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 108ms
108ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyCgCtPAGLkWUpZaK1MiaqY1PaKt0fZe8ss

Protocol

H3-29

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-client-version
Origin: https://zzen9201---rick-roller.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-client-version
access-control-max-age: 3600
date: Fri, 16 Jul 2021 05:41:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame B455 0
19 B 14ms
14ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=396&afmt=251&cpn=OrjfTTK-kmU4BdJ7&ei=GxzxYP2yCYWp1gLDzJmQCg&el=embedded&docid=dQw4w9WgXcQ&ns=yt&fexp=23940238%2C23973490%2C23983296%2C24001037%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24023960%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060922%2C24062574%2C24068842&cl=384804146&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210714.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.324:N&ctmp=cc:t.285;useVodTrack&afs=0.324:251::i&vfs=0.324:396:396::r&view=0.324:560:315&bwe=0.324:130000&bat=0.324:1:1&vis=0.324:0&cmt=0.324:0.000&bh=0.324:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 05:41:47 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 81 KB
82 KB 29ms
13ms XHR
video/mp4 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1626435707&ei=GxzxYP2yCYWp1gLDzJmQCg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACpmu9Mm8bwqhrQ0kxhmOLhp3wY8lolvNvxxd7ML68Uc&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=7c&mm=31%2C29&mn=sn-4g5e6nz7%2Csn-4g5ednek&ms=au%2Crdu&mv=u&mvi=4&pl=52&vprv=1&mime=video%2Fmp4&ns=-148Pi8iFTfMI_qc8BM5dn8G&gir=yes&clen=6957752&dur=212.040&lmt=1624947999257981&mt=1626413737&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=QKiYGHyOB4C0RQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAJwphYBPglNWix2IAu7XK96O8SOTBQxCdT_t-tXVP2mNAiAjOaFeE2cdu8P71m0BTr1lDOq95grmGQ5CHa5XAevJ0Q%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAJRfa5IQB2eEWmUnbWZ4SKBvhtLKrdw1e737pVSvoVYAAiEA3UXQO1TTxMizKr4w19sJB4-Q7xZvTGwwoQYg3BaCh5A%3D&cpn=OrjfTTK-kmU4BdJ7&cver=1.20210714.1.0&range=0-83057&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a07117be9bdb77bf9fb6959a9f9c5fef5d22e87164f75bf7be837aa1a65aa270

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 05:41:47 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 83058
Last-Modified: Tue, 29 Jun 2021 06:26:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 65 KB
66 KB 29ms
13ms XHR
audio/webm 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1626435707&ei=GxzxYP2yCYWp1gLDzJmQCg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACpmu9Mm8bwqhrQ0kxhmOLhp3wY8lolvNvxxd7ML68Uc&itag=251&source=youtube&requiressl=yes&mh=7c&mm=31%2C29&mn=sn-4g5e6nz7%2Csn-4g5ednek&ms=au%2Crdu&mv=u&mvi=4&pl=52&vprv=1&mime=audio%2Fwebm&ns=-148Pi8iFTfMI_qc8BM5dn8G&gir=yes&clen=3437753&dur=212.061&lmt=1624945852795821&mt=1626413737&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=QKiYGHyOB4C0RQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJAN6F__NxJGlk_kZnqrbwkTTD32TbwFjuEr21azubAiEA8gEqMJVIvWGQoy9ow7DB2Nb_vb2QmG0fyyQ1KXh3jfM%3D&alr=yes&sig=AOq0QJ8wRQIgI7ZXY-DUga8fGzAXDCrGxTK-TaBobEPHLStekBoB_b4CIQDI2GFsM65jDxgMP7mBp0w54l1GEWYBYl0dK5lWCLcXgA%3D%3D&cpn=OrjfTTK-kmU4BdJ7&cver=1.20210714.1.0&range=0-66172&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2ee27e1a2e7a42d1bb3a74983471806cd02608805c54183f02d27bf4670fef3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 05:41:47 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66173
Last-Modified: Tue, 29 Jun 2021 05:50:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/ Frame B455 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1f2d06599ae068c5bab0e54a04cf667eb3c88bd1d7f5b3a7712c6fd1617f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 50246
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29784
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:44:21 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/ Frame B455 26 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845ecb4c46babbaeb2ba99fa275d51e2ba9b29c9d62a185cdbd9763174217cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 50247
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7191
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:44:20 GMT

GET
H3-29 200 annotations_module.js Show response
www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/ Frame B455 66 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f2667532d3fbb230c66c978bc79032f68a07c9b6845cf4152801c59fc03801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 15:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 00:47:14 GMT
server: sffe
age: 49579
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19699
x-xss-protection: 0
expires: Fri, 15 Jul 2022 15:55:28 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame B455 66 KB
6 KB 487ms
486ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11881eca66fc8b726b0fc057cb2638dad0ae30ee818659fa4217cc9856e04578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210714.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: Cgs3a1B3U29FcDZjZyiauMSHBg%3D%3D
Content-Type: application/json

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6041
x-xss-protection: 0
expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/dQw4w9WgXcQ/ Frame B455 15 KB
16 KB 37ms
6ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/dQw4w9WgXcQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c2e223e237e23805f6b7ef4e27f9f0c55ab363e13b2967874150aa6063082a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:22:28 GMT
x-content-type-options: nosniff
server: sffe
age: 1159
etag: "1551723936"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15544
x-xss-protection: 0
expires: Fri, 16 Jul 2021 07:22:28 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 122 KB
122 KB 40ms
12ms XHR
video/mp4 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

46247dbfecbb36db3d30b9fd86d531147660ab3d8a427cc428454f8f11ce39e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124581
client-protocol: quic
last-modified: Tue, 29 Jun 2021 06:26:39 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B455 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
DATA 200
OK truncated
/ Frame B455 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame B455 23 KB
23 KB 31ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s400-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7963759ea1df0cf913e61f303948976b9af8bf2df6c41f2aa2309d47650f28f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 04:20:22 GMT
x-content-type-options: nosniff
age: 4885
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23178
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 07:38:28 GMT

GET
H3-29 200 maxresdefault.webp
i.ytimg.com/vi_webp/m1k3Cpke4yU/ Frame B455 12 KB
12 KB 24ms
6ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/m1k3Cpke4yU/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4c9bf323db85e7ab5e0a815be6f9c547b7cdd33c7ec930b1b957ecfe7d5650a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 04:20:22 GMT
x-content-type-options: nosniff
server: sffe
age: 4885
etag: "1593429024"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
expires: Fri, 16 Jul 2021 06:20:22 GMT

GET
H3-29 200 maxresdefault.webp
i.ytimg.com/vi_webp/lU1EmTA4J60/ Frame B455 45 KB
45 KB 25ms
7ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/lU1EmTA4J60/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c125f98e0d89c6229f35e6ec94277a721f72ed25fdf20a0e6597c65769b64fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:40:45 GMT
x-content-type-options: nosniff
server: sffe
age: 62
etag: "1617811739"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46050
x-xss-protection: 0
expires: Fri, 16 Jul 2021 07:40:45 GMT

GET
DATA 200
OK truncated
/ Frame B455 229 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 featured_channel.jpg
i.ytimg.com/an/uAXFkgsw1L7xaCfnd5JJOw/ Frame B455 12 KB
12 KB 24ms
14ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/uAXFkgsw1L7xaCfnd5JJOw/featured_channel.jpg?v=5fd33f0b

Requested by

Host: zzen9201---rick-roller.web.app
URL: https://zzen9201---rick-roller.web.app/rolled?uid=Kocu0dZXodazVXyXddXupJVusLv2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a1d6635a29ad2f083839cdc62a5a29c5204b599b996ba575798a28579d1889f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:17:14 GMT
x-content-type-options: nosniff
server: sffe
age: 1473
etag: "1607679755"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11940
x-xss-protection: 0
expires: Fri, 16 Jul 2021 07:17:14 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 66 KB
66 KB 11ms
11ms XHR
audio/webm 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1626435707&ei=GxzxYP2yCYWp1gLDzJmQCg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACpmu9Mm8bwqhrQ0kxhmOLhp3wY8lolvNvxxd7ML68Uc&itag=251&source=youtube&requiressl=yes&mh=7c&mm=31%2C29&mn=sn-4g5e6nz7%2Csn-4g5ednek&ms=au%2Crdu&mv=u&mvi=4&pl=52&vprv=1&mime=audio%2Fwebm&ns=-148Pi8iFTfMI_qc8BM5dn8G&gir=yes&clen=3437753&dur=212.061&lmt=1624945852795821&mt=1626413737&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=QKiYGHyOB4C0RQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJAN6F__NxJGlk_kZnqrbwkTTD32TbwFjuEr21azubAiEA8gEqMJVIvWGQoy9ow7DB2Nb_vb2QmG0fyyQ1KXh3jfM%3D&alr=yes&sig=AOq0QJ8wRQIgI7ZXY-DUga8fGzAXDCrGxTK-TaBobEPHLStekBoB_b4CIQDI2GFsM65jDxgMP7mBp0w54l1GEWYBYl0dK5lWCLcXgA%3D%3D&cpn=OrjfTTK-kmU4BdJ7&cver=1.20210714.1.0&range=66173-134189&rn=4&rbuf=3973

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8c8639c867de44d7e60618bf22a26b28f661e64816b655b07bcf5bae32c53d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68017
client-protocol: quic
last-modified: Tue, 29 Jun 2021 05:50:52 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 280 KB
280 KB 43ms
43ms XHR
video/mp4 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bb7ff23bcac898c0bdef1ab0905e5d799dc427bec03f62044d4e1c0a798a80cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286729
client-protocol: quic
last-modified: Tue, 29 Jun 2021 06:26:39 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 16 Jul 2021 05:41:47 GMT

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 54 B
576 B 36ms
17ms XHR
text/plain 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Fzzen9201---rick-roller%2Fdatabases%2F(default)&VER=8&RID=51245&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.17.2%0D%0AContent-Type%3Atext%2Fplain%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6Ijc3MTBiMDE3ZmQ5YjcxMWUwMDljNmMzNmIwNzNiOGE2N2NiNjgyMTEiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS96emVuOTIwMS0tLXJpY2stcm9sbGVyIiwiYXVkIjoienplbjkyMDEtLS1yaWNrLXJvbGxlciIsImF1dGhfdGltZSI6MTYyNjQxNDEwNywidXNlcl9pZCI6IlhjOHZUWlFScEtaZEJIb2lkSXZkNHBpOFlINzIiLCJzdWIiOiJYYzh2VFpRUnBLWmRCSG9pZEl2ZDRwaThZSDcyIiwiaWF0IjoxNjI2NDE0MTA3LCJleHAiOjE2MjY0MTc3MDcsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.oI8oFXqJcEH5rGdvN28e2R7GTcraBc4Cni257z-endb23Ci9ZILa5kXV32bXl027NiNESQCr7jvu8IYY1XrGTBy28xUKLkJnqrDVCx55Oge6DooFkHM3KfPuPIV_PHIlaRVIgG2JXGKRZ_dao7Vde3IqlWRO_KB3KNaVzPYH_mQsqb70yvwZr99h1gshEoK5x7apVAMfrb7NUvIlPHptYW0P-Ya6nbFWQgMdf2do-mxDqD6d0zLJLrMGUS5bDHvh-_nCck_Bw7njCPrFxJGR83cr4IWJ9-g9z9LKOmZ2gXLVvv_0-zBXWNMuryd92XgyK_90E9_3ocAshn7kXOptOw%0D%0A&zx=lk4s1a8b62la&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecb6de0d5223ef9cd10721905501dcd06c16773257281857dd3c360c0054050a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: g7dXDne03-ew_b0421STivIaINGDGYF6drMR70RzEvE

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 135 KB
135 KB 13ms
12ms XHR
audio/webm 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1626435707&ei=GxzxYP2yCYWp1gLDzJmQCg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACpmu9Mm8bwqhrQ0kxhmOLhp3wY8lolvNvxxd7ML68Uc&itag=251&source=youtube&requiressl=yes&mh=7c&mm=31%2C29&mn=sn-4g5e6nz7%2Csn-4g5ednek&ms=au%2Crdu&mv=u&mvi=4&pl=52&vprv=1&mime=audio%2Fwebm&ns=-148Pi8iFTfMI_qc8BM5dn8G&gir=yes&clen=3437753&dur=212.061&lmt=1624945852795821&mt=1626413737&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=QKiYGHyOB4C0RQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJAN6F__NxJGlk_kZnqrbwkTTD32TbwFjuEr21azubAiEA8gEqMJVIvWGQoy9ow7DB2Nb_vb2QmG0fyyQ1KXh3jfM%3D&alr=yes&sig=AOq0QJ8wRQIgI7ZXY-DUga8fGzAXDCrGxTK-TaBobEPHLStekBoB_b4CIQDI2GFsM65jDxgMP7mBp0w54l1GEWYBYl0dK5lWCLcXgA%3D%3D&cpn=OrjfTTK-kmU4BdJ7&cver=1.20210714.1.0&range=134190-272798&rn=6&rbuf=8097

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

19d8532e4fb205e22b56eef73cdded6d77fa066b2f1127f9e6301a7102c3ee94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138609
client-protocol: quic
last-modified: Tue, 29 Jun 2021 05:50:52 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 16 Jul 2021 05:41:47 GMT

GET
H3-29 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 252 B
0 30ms
16ms XHR
text/plain 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Fzzen9201---rick-roller%2Fdatabases%2F(default)&gsessionid=g7dXDne03-ew_b0421STivIaINGDGYF6drMR70RzEvE&VER=8&RID=rpc&SID=TaCgY28OAP5mjmRDF5ReiQ&CI=0&AID=0&TYPE=xmlhttp&zx=q9pby1op5i9y&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

POST
H3-29 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 10 B
50 B 15ms
14ms XHR
text/plain 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.17.2/firebase-firestore.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zzen9201---rick-roller.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 16 Jul 2021 05:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://zzen9201---rick-roller.web.app
vary: origin
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30
x-xss-protection: 0

GET
H3-29 200 Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s88-c-k-c0x00ffffff-no-nd-rj
yt3.ggpht.com/ Frame B455 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s88-c-k-c0x00ffffff-no-nd-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66e216de58c2c15674446337563f2b40adcabfce5d4c4f20240d04e77c926739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 03:44:44 GMT
x-content-type-options: nosniff
age: 7023
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2570
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Jul 2021 23:06:56 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B455 28 B
54 B 25ms
24ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
X-YouTube-Client-Version: 1.20210714.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs3a1B3U29FcDZjZyiauMSHBg%3D%3D
X-YouTube-Ad-Signals: dt=1626414106917&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo2sN7vDEG9t90d-9vXUYlucM-M277o4qrmoc884DU31WeAR3m1I3jwk6QPd5ou7-U-eO49IZC8BmuTMAest_AOj1pDhw

Response headers

date: Fri, 16 Jul 2021 05:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 16 Jul 2021 05:41:49 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame B455 0
200 B 16ms
16ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=396&afmt=251&cpn=OrjfTTK-kmU4BdJ7&ei=GxzxYP2yCYWp1gLDzJmQCg&el=embedded&docid=dQw4w9WgXcQ&ns=yt&fexp=23940238%2C23973490%2C23983296%2C24001037%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24023960%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060922%2C24062574%2C24068842&cl=384804146&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210714.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&ctmp=dompaused:t.342;promise;m.NotAllowedError,mcrsp:t.361;itag.399;smooth.1;efficient.0;perf.8192&bwm=10.005:767167:0.278&bwe=10.005:1752192&bat=10.005:1:1&cmt=10.005:0.000&bh=10.005:15.360&df=10.005:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 05:41:57 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 595 KB
596 KB 93ms
93ms XHR
video/mp4 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ad1ded25ed530833d87f0c5cd55d11ff09a7787c3cf888ea47d6641e7ef32c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 05:41:57 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 609105
Last-Modified: Tue, 29 Jun 2021 06:26:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Fri, 16 Jul 2021 05:41:57 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nz7.googlevideo.com/ Frame B455 220 KB
220 KB 12ms
11ms XHR
audio/webm 2a00:1450:4001:65::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1626435707&ei=GxzxYP2yCYWp1gLDzJmQCg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACpmu9Mm8bwqhrQ0kxhmOLhp3wY8lolvNvxxd7ML68Uc&itag=251&source=youtube&requiressl=yes&mh=7c&mm=31%2C29&mn=sn-4g5e6nz7%2Csn-4g5ednek&ms=au%2Crdu&mv=u&mvi=4&pl=52&vprv=1&mime=audio%2Fwebm&ns=-148Pi8iFTfMI_qc8BM5dn8G&gir=yes&clen=3437753&dur=212.061&lmt=1624945852795821&mt=1626413737&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=QKiYGHyOB4C0RQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJAN6F__NxJGlk_kZnqrbwkTTD32TbwFjuEr21azubAiEA8gEqMJVIvWGQoy9ow7DB2Nb_vb2QmG0fyyQ1KXh3jfM%3D&alr=yes&sig=AOq0QJ8wRQIgI7ZXY-DUga8fGzAXDCrGxTK-TaBobEPHLStekBoB_b4CIQDI2GFsM65jDxgMP7mBp0w54l1GEWYBYl0dK5lWCLcXgA%3D%3D&cpn=OrjfTTK-kmU4BdJ7&cver=1.20210714.1.0&range=272799-498517&rn=8&rbuf=16541

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ba2b998/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7a1e000b3f5c3b05a54261cdd97f9fb7eff1f70f85477eae8d26adac9b879b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 05:41:57 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225719
client-protocol: quic
last-modified: Tue, 29 Jun 2021 05:50:52 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21290
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 16 Jul 2021 05:41:57 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1970-01-20 00:06:06	Name: VISITOR_INFO1_LIVE Value: 7kPwSoEp6cg
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: l8q9r-H8JYo

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://zzen9201---rick-roller.web.app/js/checkauth.js(Line 38) Message: Not logged in
console-api	log	URL: https://zzen9201---rick-roller.web.app/js/rolled.js(Line 8) Message: Wrote => undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firestore.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ka-f.fontawesome.com
kit.fontawesome.com
r4---sn-4g5e6nz7.googlevideo.com
static.doubleclick.net
tinyurl.com
www.google.com
www.googleapis.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
zzen9201---rick-roller.web.app
151.101.1.195
2606:4700:10::6814:8b41
2606:4700:3037::ac43:a12f
2606:4700::6812:1734
2a00:1450:4001:65::9
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:808::2006
2a00:1450:4001:809::2003
2a00:1450:4001:809::2016
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:831::200a
065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b
0ff8fad88dcba7ba8cf4180322efa960efff89c635c4fd5ac5183b2017111f50
10bbbb5c5ae22683c47f305bb0f2987078bf85ee76cb85e6d9bb36947e4fb3a9
11881eca66fc8b726b0fc057cb2638dad0ae30ee818659fa4217cc9856e04578
19d8532e4fb205e22b56eef73cdded6d77fa066b2f1127f9e6301a7102c3ee94
1a7bab560b0c45578032747132122588af98165859c394e2fac5dd80f7ad0715
1d630c73d427a4c659407fafb368d8f9e0872cc1248ef87582ffe5c609322904
2b1f2d06599ae068c5bab0e54a04cf667eb3c88bd1d7f5b3a7712c6fd1617f73
2c1593a81081bbb666ef40c5a356c3a8266f734a388af020bd631a369a897feb
2ee27e1a2e7a42d1bb3a74983471806cd02608805c54183f02d27bf4670fef3c
339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
363eb2646ead03c2be97ecee385ca5c9782ccd328a815448427043883399621c
3bdce34f15f15531fd68530772d5b54ccbe7bddbb1137f0741ac93802e970fcf
3c2e223e237e23805f6b7ef4e27f9f0c55ab363e13b2967874150aa6063082a2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f40190da8eb8cd64639b1e575f8cd59c91bcdaf2fee2b10115910f19cb93fd
46247dbfecbb36db3d30b9fd86d531147660ab3d8a427cc428454f8f11ce39e0
50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140
59b05e80a667a4ae04ad37942563561f5c8fb9c8f2a149933546af42e197372e
5a1d6635a29ad2f083839cdc62a5a29c5204b599b996ba575798a28579d1889f
5c125f98e0d89c6229f35e6ec94277a721f72ed25fdf20a0e6597c65769b64fb
66e216de58c2c15674446337563f2b40adcabfce5d4c4f20240d04e77c926739
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e33065ea9ffed6c1231986ac4cd73d3a20c9f14755447118147b7f06ad35496
75f2667532d3fbb230c66c978bc79032f68a07c9b6845cf4152801c59fc03801
7963759ea1df0cf913e61f303948976b9af8bf2df6c41f2aa2309d47650f28f8
7a1e000b3f5c3b05a54261cdd97f9fb7eff1f70f85477eae8d26adac9b879b7e
816f3e61e61b1e0e9e9fa4457ca4de7378a708f2f022e1c82e8675132a38d670
844d23af16c645c8b791bb74d9820be6502b4d887be88062efc18d1f68a7d53f
845ecb4c46babbaeb2ba99fa275d51e2ba9b29c9d62a185cdbd9763174217cbf
8c8639c867de44d7e60618bf22a26b28f661e64816b655b07bcf5bae32c53d03
8db73b3829dd87209d28ce48fad36bacfa981abc83b0816d28426b07f3053a9b
90e8312295b1593485240e0a3165b4de983a23c22446d7685f462c76a7034e26
a07117be9bdb77bf9fb6959a9f9c5fef5d22e87164f75bf7be837aa1a65aa270
a31d2341ed1493d51ca078e80bd91e376f9a257fe0c8e1e0e295eaac89f61cb0
aa63341640c00753b093b1d60f1f6d42459a25ffcc2fc3d44901d7e83889367c
ad1ded25ed530833d87f0c5cd55d11ff09a7787c3cf888ea47d6641e7ef32c53
aeb8bf5164342782937a8884734baa78cd1a6aee729183240d9417a361e83e17
b0cebf427d5cf38a555f6cd0eff3c1c6cc8d7c41181fec6af8ce8c31f9d9be76
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
bb7ff23bcac898c0bdef1ab0905e5d799dc427bec03f62044d4e1c0a798a80cd
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
bf67bf5de3b31a0cf2c4b3d90af6041b3a6c2a1d4a3b0257fd1d6befb1dd7d7c
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d815775f36de7cf811a67054ef9b292cf0b7730c61faba018c5756fda850f136
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c9bf323db85e7ab5e0a815be6f9c547b7cdd33c7ec930b1b957ecfe7d5650a
ecb6de0d5223ef9cd10721905501dcd06c16773257281857dd3c360c0054050a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fa20a0ff540f8baedf793751aba81b1272aac13e7253c24018ff9add32cad578
ff15e08bd13f03b88f75a7c8bf91735886f522bcff0b6af8275d4af1303d07ef

zzen9201---rick-roller.web.app Open in urlscan Pro 151.101.1.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

93 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

5034 kBTransfer

7408 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zzen9201---rick-roller.web.app Open in urlscan Pro
151.101.1.195 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

5034 kB
Transfer

7408 kB
Size

2
Cookies

56 HTTP transactions
4 data transactions