media1.tenor.com
2a00:1450:4001:827::200a  Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective URL Pivot
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
Submitted URL:
https://az361.xyz/etc/firewalld/ipsets/module/lib/terminfo/v/promise/usr/local/etc/ssl/certs/logging/lib/security/... 9mo old
Effective URL:
https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif 8yr old
Submission: On November 14 via manual (November 14th 2025, 2:14:35 pm UTC) from CH — Scanned from CH
Summary HTTP 8 Redirects Links 4  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 8 HTTP transactions. The main IP is 2a00:1450:4001:827::200a, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is media1.tenor.com. The Cisco Umbrella rank of the primary domain is 27407. 8yr old
TLS certificate: Issued by WE2 on October 27th 2025. Valid for: 3mo.
This is the only time media1.tenor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 178.156.198.130 178.156.198.130 213230 (HETZNER-C...) (HETZNER-CLOUD2-AS Hetzner Online GmbH)
1 2a00:1450:400... 2a00:1450:4001:827::200a 15169 (GOOGLE) (GOOGLE)
1 2a00:1450:400... 2a00:1450:4001:811::2008 15169 (GOOGLE) (GOOGLE)
4 2a00:1450:400... 2a00:1450:4001:80f::2003 15169 (GOOGLE) (GOOGLE)
1 2a00:1450:400... 2a00:1450:4001:828::2001 15169 (GOOGLE) (GOOGLE)
1 2001:4860:480... 2001:4860:4802:34::36 15169 (GOOGLE) (GOOGLE)
8 5
1    178.156.198.130 (Ashburn, United States) 1 redirects
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN213230 (HETZNER-CLOUD2-AS Hetzner Online GmbH, DE)
PTR: static.130.198.156.178.clients.your-server.de
az361.xyz 9mo old
VirusTotal SecurityTrails crt.sh Domaintools
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
media1.tenor.com 8yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
www.googletagmanager.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
www.gstatic.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
c.tenor.com 6yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2001:4860:4802:34::36 (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
region1.google-analytics.com 5yr old
VirusTotal SecurityTrails crt.sh Domaintools
Apex Domain
Subdomains		 Transfer
4 gstatic.com
www.gstatic.com 10yr old
6 KB
2 tenor.com
media1.tenor.com — Cisco Umbrella Rank: 27407 8yr old
c.tenor.com — Cisco Umbrella Rank: 32275 6yr old
6 MB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2827 5yr old
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 13yr old
146 KB
1 az361.xyz 1 redirects
az361.xyz 9mo old
335 B
8 5
Domain Requested by
4 www.gstatic.com media1.tenor.com
1 region1.google-analytics.com www.googletagmanager.com
1 c.tenor.com media1.tenor.com
1 www.googletagmanager.com media1.tenor.com
1 media1.tenor.com
1 az361.xyz 1 redirects
8 6

This site contains links to these domains. Also see Links.

Domain
tenor.com
itunes.apple.com
Subject Issuer Validity Valid
c.tenor.com
WE2		 2025-10-27 -
2026-01-19		 3mo crt.sh
*.google-analytics.com
WE2		 2025-10-27 -
2026-01-19		 3mo crt.sh
*.gstatic.com
WE2		 2025-10-27 -
2026-01-19		 3mo crt.sh

This page contains 1 frames:

Primary Page: https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Frame ID: 1297B66CF1F45EDE3A5972631AB654ED
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rickroll Never Gonna Give You Up GIF - Tenor GIF Keyboard - Bring Personality To Your Conversations | Say more with Tenor

Page URL History Show full URLs

  1. https://az361.xyz/etc/firewalld/ipsets/module/lib/terminfo/v/promise/usr/local/etc/ssl/certs/l... HTTP 308
    https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif Page URL

Detected technologies

(Analytics)
Overall confidence: 100%
Detected patterns
(Tag managers)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

8
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

5807 kB
Transfer

6114 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://az361.xyz/etc/firewalld/ipsets/module/lib/terminfo/v/promise/usr/local/etc/ssl/certs/logging/lib/security/pam_filter/linker/adware_dropper_tool.exe?attachment=exploit&id=e483a9c16f4e6b94&method=tamper&parameter=overflow&payload=%28function%28%29%7B+return+%5B1%2C2%2C3%5D%3B+%7D%29%28%29%3B&proxy=tamper&query=exploit&referer=spoof&useragent=track HTTP 308
    https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H2 		200
 Primary Request rickroll-roll.gif Show response
media1.tenor.com/m/x8v1oNUOmg4AAAAC/
Redirect Chain
  • https://az361.xyz/etc/firewalld/ipsets/module/lib/terminfo/v/promise/usr/local/etc/ssl/certs/logging/lib/security/pam_filter/linker/adware_dropper_tool.exe?attachment=exploit&id=e483a9c16f4e6b94&me...
  • https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
6 KB
2 KB 		88ms
32ms 		Document
text/html		 2a00:1450:4001:827::200a
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ab7a391422adad96f8e9c5763f307bcc783cb5e9749667e695236ab4216425e2
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-fq2Hsy_qYIMzdy48s3ey5w' 'unsafe-inline'; object-src 'none'; base-uri 'none';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-encoding
gzip
content-length
1819
content-security-policy
script-src 'nonce-fq2Hsy_qYIMzdy48s3ey5w' 'unsafe-inline'; object-src 'none'; base-uri 'none';
content-type
text/html; charset=UTF-8
date
Fri, 14 Nov 2025 14:14:36 GMT
server
scaffolding on HTTPServer2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Nov 2025 14:14:35 GMT
Keep-Alive
timeout=5, max=100
Location
https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Server
Apache/2.4.58 (Ubuntu)
Transfer-Encoding
chunked
GET
H2 		200
 js Show response
www.googletagmanager.com/gtag/ 		445 KB
146 KB 		94ms
49ms 		Script
application/javascript		 2a00:1450:4001:811::2008
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N1QZHNPPQ1
Requested by
Host: media1.tenor.com
URL: https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
655fa1d6e0056a1e80c2d20793e905ab79e6a9a5d67b87bf24483eea5cf86d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 14 Nov 2025 14:14:36 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149548
date
Fri, 14 Nov 2025 14:14:36 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
GET
H2 		200
 cdn-html.min.css
www.gstatic.com/tenor/wrapper/ 		8 KB
2 KB 		78ms
23ms 		Stylesheet
text/css		 2a00:1450:4001:80f::2003
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/tenor/wrapper/cdn-html.min.css
Requested by
Host: media1.tenor.com
URL: https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bacc43bde00a13ff9a8e7bfffab495df915a1346d513237f6a83788ad4e0077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

content-encoding
br
age
73192
report-to
{"group":"tenor","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/tenor"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 17:54:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 13 Nov 2025 17:54:44 GMT
last-modified
Fri, 22 Nov 2024 16:49:57 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="tenor"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/tenor
accept-ranges
bytes
content-length
1686
x-xss-protection
0
server
sffe
GET
H2 		200
 tenor-logo.svg
www.gstatic.com/tenor/img/ 		4 KB
2 KB 		70ms
23ms 		Image
image/svg+xml		 2a00:1450:4001:80f::2003
GOOGLE
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/tenor/img/tenor-logo.svg
Requested by
Host: media1.tenor.com
URL: https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffe526afb143e03a8db6d469cacc088b836156d164e2bb3e974b8310367a0e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

content-encoding
br
age
56166
report-to
{"group":"tenor","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/tenor"}]}
x-content-type-options
nosniff
expires
Fri, 13 Nov 2026 22:38:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 13 Nov 2025 22:38:30 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="tenor"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/tenor
accept-ranges
bytes
content-length
1735
x-xss-protection
0
server
sffe
GET
H2 		200
 tenor.gif
c.tenor.com/x8v1oNUOmg4AAAAC/ 		6 MB
6 MB 		198ms
123ms 		Image
image/gif		 2a00:1450:4001:828::2001
GOOGLE
General
Check archive.org
Download Go to Show image
Full URL
https://c.tenor.com/x8v1oNUOmg4AAAAC/tenor.gif
Requested by
Host: media1.tenor.com
URL: https://media1.tenor.com/m/x8v1oNUOmg4AAAAC/rickroll-roll.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08e2318b5fefed88c660f42ec527c20c27a4a3b9aa4982c4aa0cef1bacd25e1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 14:14:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 14 Nov 2025 14:14:36 GMT
content-type
image/gif
last-modified
Sat, 04 Sep 2021 09:47:13 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
content-length
5784892
x-xss-protection
0
server
sffe
POST
H2 		204
 collect
region1.google-analytics.com/g/ 		0
0 		96ms
37ms 		Fetch
text/plain		 2001:4860:4802:34::36
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N1QZHNPPQ1&gtm=45je5bc1v9178611715za200zd9178611715&_p=1763129676065&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=2003937942.1763129676&ul=de-ch&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115583767~115938465~115938469~116217636~116217638&sid=1763129676&sct=1&seg=0&dl=https%3A%2F%2Fmedia1.tenor.com%2Fm%2Fx8v1oNUOmg4AAAAC%2Frickroll-roll.gif&dt=Rickroll%20Never%20Gonna%20Give%20You%20Up%20GIF%20-%20Tenor%20GIF%20Keyboard%20-%20Bring%20Personality%20To%20Your%20Conversations%20%7C%20Say%20more%20with%20Tenor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=650
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N1QZHNPPQ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to
{"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://media1.tenor.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:106:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 14 Nov 2025 14:14:36 GMT
content-type
text/plain
server
Golfe2
GET
H2 		200
 favicon.ico
www.gstatic.com/tenor/img/favicon/ 		1 KB
745 B 		20ms
19ms 		Other
image/x-icon		 2a00:1450:4001:80f::2003
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/tenor/img/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e0898515e7c2ce3ce2a19488a2fc57a5aa7be8051e4c7d7a4e35dace072509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

content-encoding
br
age
66558
report-to
{"group":"tenor","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/tenor"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 19:45:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 13 Nov 2025 19:45:18 GMT
last-modified
Fri, 22 Nov 2024 16:49:57 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin; report-to="tenor"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/tenor
accept-ranges
bytes
content-length
624
x-xss-protection
0
server
sffe
GET
H2 		200
 favicon-32x32.png
www.gstatic.com/tenor/img/favicon/ 		969 B
1 KB 		20ms
19ms 		Other
image/png		 2a00:1450:4001:80f::2003
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/tenor/img/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a285dec70eceb75eeead979c4f482b8c78e0e2c7bb4be3b78bc0b3cc2725616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://media1.tenor.com/

Response headers

age
98852
report-to
{"group":"tenor","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/tenor"}]}
x-content-type-options
nosniff
expires
Fri, 13 Nov 2026 10:47:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 13 Nov 2025 10:47:04 GMT
last-modified
Wed, 15 Apr 2020 19:45:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="tenor"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/tenor
accept-ranges
bytes
content-length
969
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| registerEvent function| handleLinkClick object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path Expires Name / Value
.tenor.com/ 1970-01-21
19:21:29 		Name: _ga
Value: GA1.1.2003937942.1763129676
.tenor.com/ 1970-01-21
19:21:29 		Name: _ga_N1QZHNPPQ1
Value: GS2.1.s1763129676$o1$g0$t1763129676$j60$l0$h0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'nonce-fq2Hsy_qYIMzdy48s3ey5w' 'unsafe-inline'; object-src 'none'; base-uri 'none';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0