rollinrn.com Open in urlscan Pro
104.21.59.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.linkedin.com/slink?code=embGm7jm
Effective URL:
https://rollinrn.com/M
Submission: On August 08 via manual (August 8th 2023, 6:54:28 pm UTC) from CA — Scanned from CA

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 104.21.59.89, located in and belongs to CLOUDFLARENET, US. The main domain is rollinrn.com.
TLS certificate: Issued by GTS CA 1P5 on July 21st 2023. Valid for: 3 months.

This is the only time rollinrn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	198.49.67.162 198.49.67.162	33182 (DIMENOC) (DIMENOC)
12	104.21.59.89 104.21.59.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.49.67.162 (United States)

ASN33182 (DIMENOC, US)
PTR: standard.technobros.net.au

ybpetroleum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.21.59.89 (None, )

ASN13335 (CLOUDFLARENET, US)

rollinrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	rollinrn.com rollinrn.com	158 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6398	19 KB
1	ybpetroleum.com ybpetroleum.com	399 B
1	linkedin.com 1 redirects www.linkedin.com — Cisco Umbrella Rank: 539	3 KB
19	4

	Domain	Requested by
12	rollinrn.com	ybpetroleum.com rollinrn.com
4	challenges.cloudflare.com	rollinrn.com challenges.cloudflare.com
1	ybpetroleum.com
1	www.linkedin.com	1 redirects
19	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
ybpetroleum.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
rollinrn.com GTS CA 1P5	`2023-07-21` - `2023-10-19`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://rollinrn.com/M
Frame ID: 7E93E10CBFD8A4A1C0BE0B14A5F0687C
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/g3ysr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: BC8BB23A2EBC558DF70BA5A07D19E9A6
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/amdne/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 8123A6F3C82CCE6791E14FB08216B4A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://www.linkedin.com/slink?code=embGm7jm HTTP 301
https://ybpetroleum.com/wp-content/now/////////////// Page URL
https://rollinrn.com/M Page URL
https://rollinrn.com/M Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

19
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

178 kB
Transfer

441 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.linkedin.com/slink?code=embGm7jm HTTP 301
https://ybpetroleum.com/wp-content/now/////////////// Page URL
https://rollinrn.com/M Page URL
https://rollinrn.com/M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.linkedin.com/slink?code=embGm7jm HTTP 301
https://ybpetroleum.com/wp-content/now///////////////

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
ybpetroleum.com/wp-content/now///////////////
Redirect Chain

https://www.linkedin.com/slink?code=embGm7jm
https://ybpetroleum.com/wp-content/now///////////////

200 B
399 B

405ms
111ms

Document
text/html

198.49.67.162
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://ybpetroleum.com/wp-content/now///////////////
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.49.67.162 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: standard.technobros.net.au
Software: LiteSpeed / PHP/7.0.33
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 135
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 18:54:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.0.33

Redirect headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
date: Tue, 08 Aug 2023 18:54:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ybpetroleum.com/wp-content/now///////////////
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: sameorigin
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYCbeQ3l8+BBLeQgfNaLg==
x-msedge-ref: Ref A: B9E600E7D3FC4BF591274B2D700C1DA1 Ref B: YTO01EDGE0518 Ref C: 2023-08-08T18:54:23Z

GET
H2 403 M Show response
rollinrn.com/ 6 KB
5 KB 153ms
32ms Document
text/html 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rollinrn.com/M

Requested by

Host: ybpetroleum.com
URL: https://ybpetroleum.com/wp-content/now///////////////

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ed830076985cf6f6f70a1ffa6d6815b753a7e339ff95e6549bab2b100f7db3e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ybpetroleum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f39f7bad86636c2-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 08 Aug 2023 18:54:24 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMCnzyvrpPkF0PxXboH7MLvEjhyNcYiOMlrSXRvRduNvcw0YrBbORmrJ706qRZ6zhLc%2FhfdJrEo9XUXAVK5sicbeE5YkWyFTUCKAVwtuxxwoSRqplObS0BsWANriIAQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
rollinrn.com/cdn-cgi/styles/ 6 KB
3 KB 27ms
26ms Stylesheet
text/css 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rollinrn.com/cdn-cgi/styles/challenges.css

Requested by

Host: rollinrn.com
URL: https://rollinrn.com/M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Aug 2023 16:29:35 GMT
server: cloudflare
etag: W/"64cd276f-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7f39f7bb292f36c2-YYZ
expires: Tue, 08 Aug 2023 20:54:24 GMT

GET
H2 200 v1 Show response
rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 169 KB
58 KB 40ms
39ms Script
application/javascript 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7bad86636c2
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4408bc4f002ea8e656207c42cd63f1ce3a102f4ccbb6eb066f1e8646abc3329c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M?__cf_chl_rt_tk=8py5re.Qydmyz9rTBxB1qoRLjfXKWBNLRmTEvSWOrdk-1691520864-0-gaNycGzNC6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLuG3ikfSJNM3%2FenyuAGFxUdxxdPo%2FbqH4d%2FYd8TIvHVLNuwZODsj59kAzyODa1%2FaWeGeSDoxq1zFmcVcQp%2FjxIs069VBvwaW3VOXHdDRReD8P0NQ9BHPQxR5uhEBjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f39f7bb59cc36c2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/74ac0d47/ 27 KB
10 KB 123ms
69ms Script
application/javascript 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7bad86636c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376

Request headers

Referer
Origin: https://rollinrn.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:24 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f39f7bc4b3d39fb-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
rollinrn.com/ 6 KB
6 KB 32ms
31ms Image
text/html 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rollinrn.com/favicon.ico

Requested by

Host: rollinrn.com
URL: https://rollinrn.com/M

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abde6b1801ace1bbec590f8e76d99422bb9606bfab0dea3d7e0f10f6fa296ebb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUVnm1A9y1h9Yr3ik67U5zZcN1vY%2BfUmdy7P%2FFHze5fMxezkchr6peOH7W4xWfu%2BjzyBg%2BAoxZI0p%2BdcIWkke8%2BGAme2ZqbPfLXWtkzNWF5G8Eg5pwsmEUHe6DPdXUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7f39f7bbfe7836fb-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK d35b0ca7-80f3-47fc-952d-6997d03a3a98
https://rollinrn.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rollinrn.com/d35b0ca7-80f3-47fc-952d-6997d03a3a98
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/M
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 a46da010c441907 Show response
rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1325826736:1691519105:gQPepU9MxjHZbpIZQd52v3-nx7G-q9EsTjj5JV8zWJU/7f39f7bad86636c2/ 9 KB
8 KB 43ms
42ms XHR
text/plain 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1325826736:1691519105:gQPepU9MxjHZbpIZQd52v3-nx7G-q9EsTjj5JV8zWJU/7f39f7bad86636c2/a46da010c441907
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7bad86636c2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bceeb726634532e559feb1df93c8c99ea4ce7b58afa10b4ed2230295d915ce84

Request headers

Referer: https://rollinrn.com/M
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: a46da010c441907
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 18:54:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phsVI4Ab6rSk66r3F21UOhxbJ9n70Y1vS6pq9bpdG1IwLIPZi7jes1qz%2Bz4mwMBsIlC0tB6fUhtjlbZefzqeD3q4xWtQ3Qr%2FWQffvKBZD8zi1XOoVQKuA8rvhag6%2BZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f39f7bcaf6536fb-YYZ
alt-svc: h3=":443"; ma=86400
cf-chl-gen: AkDMvokFAJJuvRKdhW3X8Nn+IE5PsF3rbD0b5mPqyJaQFVdMPFIz+VuQspwC4507$10uZ6owSFvWzA0Z3y51Evw==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/g3ysr/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame BC8B 0
0 65ms
35ms Document
text/html 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/g3ysr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f39f7bd3cc05497-YYZ
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:54:24 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 a46da010c441907 Show response
rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1325826736:1691519105:gQPepU9MxjHZbpIZQd52v3-nx7G-q9EsTjj5JV8zWJU/7f39f7bad86636c2/ 2 KB
2 KB 40ms
40ms XHR
text/html 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1325826736:1691519105:gQPepU9MxjHZbpIZQd52v3-nx7G-q9EsTjj5JV8zWJU/7f39f7bad86636c2/a46da010c441907
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7bad86636c2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d27790f6b508301addc18d89228982af024f1180cf6cf6a429efee1c17a7183

Request headers

Referer: https://rollinrn.com/M
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: a46da010c441907
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: LLmlgTfdfFq5tSK0LiqzPh7bFr0I92hESXwQjZe4EXskJQMY/QOxTphqcxqI4N3FDwGOHHMtFQkW8nESD0uT3EmLY2lZNk4uWQWUJIxkC9I=$91BSZ8nJI7J4EpI7evHMHA==
cf-chl-out-s: jRHk1I7+Q242oAH+1OarNeAtKIX6rh67N8Pn2+6xEEOdCL0Qtpo/lQVxKReE1A1CB3uaZEAzOiYq2uD9b0P6UA==$Ih4L5mKSu9oQ0GQouBPUjg==
date: Tue, 08 Aug 2023 18:54:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNAkFt8o6aLig%2B1cZ91zkAnkm%2FlI0RrSUujXufXeZYgQZAotmDwEdRE5jE0H09X%2BRznXQKWhjfp1YCiJEIvTBcmg7i3uaY%2B%2BvaV0RCDz6NMCG9XSRCfoxBKgBLIUJEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7f39f7bf3c3336fb-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request M Show response
rollinrn.com/ 6 KB
4 KB 32ms
31ms Document
text/html 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rollinrn.com/M

Requested by

Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7bad86636c2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90021ecf576064e8214d9a6f2636bfc28b91fc9a1506c63c1425afe8d9349798

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://rollinrn.com/M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f39f7cebf0236fb-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 08 Aug 2023 18:54:27 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGY4ax%2FaJxFAXPjuaGMMbIFRfpMW0LLmCyMDi%2FYF8KNl6Dnw1YvzHrQ414GOZ38VaLbZTiVKEK0HQ3ITFYomE3gqfMQoEHtCVsu3gC%2FBnic2c1r6nJaU5XaD5AzQzsM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 challenges.css
rollinrn.com/cdn-cgi/styles/ 6 KB
3 KB 27ms
27ms Stylesheet
text/css 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rollinrn.com/cdn-cgi/styles/challenges.css

Requested by

Host: rollinrn.com
URL: https://rollinrn.com/M

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Aug 2023 16:29:35 GMT
server: cloudflare
etag: W/"64cd276f-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7f39f7ceff6036fb-YYZ
expires: Tue, 08 Aug 2023 20:54:27 GMT

GET
H3 200 v1 Show response
rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 157 KB
54 KB 34ms
34ms Script
application/javascript 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7cebf0236fb
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e1514e0b4acffebe6c7b9cee13356f9a2abc3c8b9c31d0e953caf1aaf482c9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M?__cf_chl_rt_tk=zoVluKeooDuVFQJxy9kIySqESt2nkjVbed8hcdx902k-1691520867-0-gaNycGzNCeU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pVR6UF4UPczRx%2FgXlwxtRB2gRlNCz3j8cis8ngPUO3yK2cA6BSLySi4oNQYFiPjiqQYJMBA2j4ksFzG9vmVe%2FV030CTHaLgyFQUf4tidJI6pAMYnCaCsHsoM6IhuOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f39f7cf2fb336fb-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/74ac0d47/ 27 KB
10 KB 53ms
52ms Script
application/javascript 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7cebf0236fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376

Request headers

Referer
Origin: https://rollinrn.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:27 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f39f7cfbf0f39fb-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
rollinrn.com/ 6 KB
6 KB 31ms
31ms Image
text/html 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rollinrn.com/favicon.ico

Requested by

Host: rollinrn.com
URL: https://rollinrn.com/M

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f31ed8163dd9b6fbd59a1d65841fc772c9191c500d4f433ba3b84db1a18b3126

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:54:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B955Smch7uUmF2fbJs4Y5eeTcEqZjbQCBFH321TzAgjFTBp%2Bt4yOkVWPs8AW%2BHp2H5bjPcBBtPShrTE%2BvMe3m05Wa4rEn4zjyIDk18Li6OMaNea10TzbvuRzRCDu8Rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7f39f7cfc89836fb-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 603e65b6-d366-4dea-ae5c-3ac3c741abad
https://rollinrn.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rollinrn.com/603e65b6-d366-4dea-ae5c-3ac3c741abad
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/M
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rollinrn.com/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 928ab5d38f4a8ab Show response
rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1803739613:1691519133:V0D19lajG2uGKpOzHcaiSvVfvfo8FonePR6VJXV84L4/7f39f7cebf0236fb/ 9 KB
8 KB 43ms
42ms XHR
text/plain 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1803739613:1691519133:V0D19lajG2uGKpOzHcaiSvVfvfo8FonePR6VJXV84L4/7f39f7cebf0236fb/928ab5d38f4a8ab
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7cebf0236fb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373e42c2d206ae032401fbb9543c5560ae0c60c5dfbef9e87921a1b2f0aa2f1b

Request headers

Referer: https://rollinrn.com/M
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: 928ab5d38f4a8ab
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 18:54:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeQCFElJxerRS%2F1ZtrMln%2BM6k9hb%2B94toPABnEHDkTD%2FZRhqdH7jBTiinjgH4O6Mj4DSoU%2BL4REIX3%2FrxJegOJ5%2BHHTGmxnKy%2FHy4QBfzvGBeSN9JUOZOKyrkbpFakA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f39f7d0698936fb-YYZ
alt-svc: h3=":443"; ma=86400
cf-chl-gen: gsuXm0eoXGQoj5LeAZyEuH3sSApbdxvWC8vAdWsGgBt/NOnMgYZWWrchJo2l1CJ+$6PSea/ZM2rg9P+MS6W8CVA==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/amdne/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 8123 0
0 41ms
41ms Document
text/html 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/amdne/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f39f7d0d9a45497-YYZ
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:54:27 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 928ab5d38f4a8ab Show response
rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1803739613:1691519133:V0D19lajG2uGKpOzHcaiSvVfvfo8FonePR6VJXV84L4/7f39f7cebf0236fb/ 2 KB
2 KB 40ms
39ms XHR
text/html 104.21.59.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1803739613:1691519133:V0D19lajG2uGKpOzHcaiSvVfvfo8FonePR6VJXV84L4/7f39f7cebf0236fb/928ab5d38f4a8ab
Requested by: Host: rollinrn.com
URL: https://rollinrn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f39f7cebf0236fb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaad34be285e6a8f11085f307784896b94b06b9bd0b0e298d989a2dd33f474e2

Request headers

Referer: https://rollinrn.com/M
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: 928ab5d38f4a8ab
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: PHEdOEFDoDhPE5I8onX/2CmP7NlwCp2f5iQBBbqjl40Gjajk1B05778dyKwNcRpFWfrLjmAhVUDQEWBTMpsXgTjyheOITwRSCVRPxrJanLc=$zkVY36JJOpgbmx2nDlDIBA==
cf-chl-out-s: zVjZqIn5W293KWatfncnlxRe1Xmkk30LLU8Bn8cCKYxoTv1dQkobJq/NkNWYvVdvf90YGrQT3eLdDvteqXcnnfpUoEcabyp/8Nv+hLiU5cJarZQI3MVCGso2Subuva6tUVQKAXYBFB3aUuIrj07tuj+ZpF5EUKx0UE5QANT3LMo=$zsTq1OnmIFcoGTTX98kpzQ==
date: Tue, 08 Aug 2023 18:54:28 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXDqQEdwrTMdTPlIDeYVOMC5bMgDkuWLynnBlPWrRyQm4XL91Wmr%2Bhi310hlkcB06nlFUUYG9g%2BD8V4GGONjqjXwE6Mn3jdch1XVfK1fyj%2FIbf6Ta98p0AeJ3Mn0sqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7f39f7d29e0a36fb-YYZ
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-20 22:37:36	Name: bcookie Value: "v=2&ad3cbfad-3f0b-4228-8a11-80e187744342"
.www.linkedin.com/	1970-01-20 22:37:36	Name: bscookie Value: "v=1&202308081854239ed24f6a-2552-42d2-8953-946ed11adc7cAQGvdaNCsaDJnqurhwqGZOt3Qcj_oeB0"
.linkedin.com/	1970-01-20 13:53:27	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3046:u=1:x=1:i=1691520863:t=1691607263:v=2:sig=AQHswW61cogTpGgpiPCrRIuoaN86lJq5"
rollinrn.com/	1970-01-20 13:52:04	Name: cf_chl_rc_m Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://rollinrn.com/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://rollinrn.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://rollinrn.com/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://rollinrn.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
rollinrn.com
www.linkedin.com
ybpetroleum.com
104.17.3.184
104.21.59.89
13.107.42.14
198.49.67.162
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
373e42c2d206ae032401fbb9543c5560ae0c60c5dfbef9e87921a1b2f0aa2f1b
4408bc4f002ea8e656207c42cd63f1ce3a102f4ccbb6eb066f1e8646abc3329c
4d27790f6b508301addc18d89228982af024f1180cf6cf6a429efee1c17a7183
7e1514e0b4acffebe6c7b9cee13356f9a2abc3c8b9c31d0e953caf1aaf482c9e
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8ed830076985cf6f6f70a1ffa6d6815b753a7e339ff95e6549bab2b100f7db3e
90021ecf576064e8214d9a6f2636bfc28b91fc9a1506c63c1425afe8d9349798
abde6b1801ace1bbec590f8e76d99422bb9606bfab0dea3d7e0f10f6fa296ebb
bceeb726634532e559feb1df93c8c99ea4ce7b58afa10b4ed2230295d915ce84
e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376
eaad34be285e6a8f11085f307784896b94b06b9bd0b0e298d989a2dd33f474e2
f31ed8163dd9b6fbd59a1d65841fc772c9191c500d4f433ba3b84db1a18b3126
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

rollinrn.com Open in urlscan Pro 104.21.59.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

178 kBTransfer

441 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

6 Console Messages

Indicators

rollinrn.com Open in urlscan Pro
104.21.59.89 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

178 kB
Transfer

441 kB
Size

4
Cookies

19 HTTP transactions
2 data transactions