urlscan.io logo urlscan.io
SecurityTrails logo

stag-uploadntv.nationgroup.com Open in urlscan Pro
202.60.199.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://stag-uploadntv.nationgroup.com/
Effective URL: https://stag-uploadntv.nationgroup.com/login
Submission: On April 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 202.60.199.132, located in Ban Talat Bueng, Thailand and belongs to TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH. The main domain is stag-uploadntv.nationgroup.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 5th 2023. Valid for: a year.
This is the only time stag-uploadntv.nationgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 202.60.199.132 17887 (TCCT-AS-T...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 3
Apex Domain
Subdomains		 Transfer
8 nationgroup.com
stag-uploadntv.nationgroup.com
577 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
959 B
7 2
Domain Requested by
8 stag-uploadntv.nationgroup.com 2 redirects stag-uploadntv.nationgroup.com
1 fonts.googleapis.com stag-uploadntv.nationgroup.com
7 2

This site contains no links.

Subject Issuer Validity Valid
*.nationgroup.com
GeoTrust TLS RSA CA G1		 2023-07-05 -
2024-08-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://stag-uploadntv.nationgroup.com/login
Frame ID: 7A65443FDA04DEF92C2B202ACA375CA1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nationtv

Page URL History Show full URLs

  1. https://stag-uploadntv.nationgroup.com/ HTTP 302
    https://stag-uploadntv.nationgroup.com/dashboard HTTP 302
    https://stag-uploadntv.nationgroup.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

671 kB
Transfer

2107 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stag-uploadntv.nationgroup.com/ HTTP 302
    https://stag-uploadntv.nationgroup.com/dashboard HTTP 302
    https://stag-uploadntv.nationgroup.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
stag-uploadntv.nationgroup.com/
Redirect Chain
  • https://stag-uploadntv.nationgroup.com/
  • https://stag-uploadntv.nationgroup.com/dashboard
  • https://stag-uploadntv.nationgroup.com/login
56 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stag-uploadntv.nationgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.60.199.132 Ban Talat Bueng, Thailand, ASN17887 (TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
f30446c04e56555af9b1a93a4f411fc33a3a71d52a732a3b5ab430e8e40839fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Apr 2024 14:36:18 GMT
Server
nginx/1.23.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
expires
-1
pragma
no-cache

Redirect headers

Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Apr 2024 14:36:18 GMT
Location
https://stag-uploadntv.nationgroup.com/login
Server
nginx/1.23.1
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
expires
-1
pragma
no-cache
app.js
stag-uploadntv.nationgroup.com/js/ 		992 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stag-uploadntv.nationgroup.com/js/app.js
Requested by
Host: stag-uploadntv.nationgroup.com
URL: https://stag-uploadntv.nationgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.60.199.132 Ban Talat Bueng, Thailand, ASN17887 (TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
4bdeb44e3642a9a8eff0b8c022b68af43369ee121bf2a2a41a1d40544d93f5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stag-uploadntv.nationgroup.com/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 14:36:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 10:39:02 GMT
Server
nginx/1.23.1
ETag
W/"62dfc446-f7ed5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
css
fonts.googleapis.com/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: stag-uploadntv.nationgroup.com
URL: https://stag-uploadntv.nationgroup.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stag-uploadntv.nationgroup.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 14:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 14:13:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 14:36:19 GMT
app.css
stag-uploadntv.nationgroup.com/css/ 		360 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stag-uploadntv.nationgroup.com/css/app.css
Requested by
Host: stag-uploadntv.nationgroup.com
URL: https://stag-uploadntv.nationgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.60.199.132 Ban Talat Bueng, Thailand, ASN17887 (TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
6a8bf4a7128513af0959c90ad7c780c1f24c8f83618283f43526f48e73fb6cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stag-uploadntv.nationgroup.com/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 14:36:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 10:39:02 GMT
Server
nginx/1.23.1
ETag
W/"62dfc446-59fa5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
stylesheets
stag-uploadntv.nationgroup.com/_debugbar/assets/ 		237 KB
131 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stag-uploadntv.nationgroup.com/_debugbar/assets/stylesheets?v=1623680966&theme=auto
Requested by
Host: stag-uploadntv.nationgroup.com
URL: https://stag-uploadntv.nationgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.60.199.132 Ban Talat Bueng, Thailand, ASN17887 (TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
5bae6d8aef82aa60d6409766d141a46560decd6b777448f65885a52ef48b6667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stag-uploadntv.nationgroup.com/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 14:36:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.23.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public, s-maxage=31536000
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
Expires
Thu, 03 Apr 2025 14:36:19 GMT
javascript
stag-uploadntv.nationgroup.com/_debugbar/assets/ 		358 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stag-uploadntv.nationgroup.com/_debugbar/assets/javascript?v=1623680966
Requested by
Host: stag-uploadntv.nationgroup.com
URL: https://stag-uploadntv.nationgroup.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.60.199.132 Ban Talat Bueng, Thailand, ASN17887 (TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
124217055d51a8a6e4181b3a0898f49a4cc7f285ecdc215e32080415820a80b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stag-uploadntv.nationgroup.com/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 14:36:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.23.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public, s-maxage=31536000
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
Expires
Thu, 03 Apr 2025 14:36:20 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea641f4f3b0ebfb74e49c9b988de77864e34b78fae9f41f950d0f5263aafc6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		338 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
207e6108661380ec64884ef550a4ea1f0c113b4a4707aa6c95b5a801399f1b53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		264 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6922f4f407353cca436ad3f2e09c13cb6cbf98dafba5b43750abf353888a2e2d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b57e3bb6c43f478abc7db5fd359ad5e293564c0d75f8ab1500f51ec64101a02b

Request headers

Referer
Origin
https://stag-uploadntv.nationgroup.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		375 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbea519d466270c186b0cd12c7d070a02a4f33d47165aec769a191e33541ccc3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
stag-uploadntv.nationgroup.com/ 		0
554 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stag-uploadntv.nationgroup.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.60.199.132 Ban Talat Bueng, Thailand, ASN17887 (TCCT-AS-TH-AP T.C.C. Technology Co., Ltd., TH),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stag-uploadntv.nationgroup.com/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 14:36:21 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 10:39:02 GMT
Server
nginx/1.23.1
ETag
"62dfc446-0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,token
Content-Length
0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| hljs object| PhpDebugBar undefined| $ undefined| jQuery function| Sfdump object| phpdebugbar function| SearchState number| uidEvent function| _ function| axios function| setImmediate function| clearImmediate function| swal function| sweetAlert

2 Cookies

Domain/Path Name / Value
stag-uploadntv.nationgroup.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjA5Y0tlbmFWeWxOVlRuUEQ0d2pKSFE9PSIsInZhbHVlIjoiQWxqN3BNcFA3UjRxRWIxNjhPckxza042N0ZNUmlxRDRJWDBFcmIzcUdiZGtOUVhhTTNGQjlYRHo2OXJNV29jWnZGNlRVeXZ0dDhcL0h4aURkTjlGOXQ4TkdJZU9hWkZ2RFptdG5XMXlZTHdiRGRSXC9BV0hFTjRFVXNGSDhPQ2pYcyIsIm1hYyI6Ijk2NzkxNDE1Y2E4OTJmOGNjYTRkYzdmODU5MGRmYTJlMWJhNGYyN2FmYmI0ZjAxZjQ5NjlhOTkyZDU4YTkzNzYifQ%3D%3D
stag-uploadntv.nationgroup.com/ Name: nationtv_session
Value: eyJpdiI6InNGWUF6c0lkOXhJMCtmMDBCdlNLY3c9PSIsInZhbHVlIjoiK3daRklQZWJtUVZNNzFpQ08wQ1FHa3FEQitMbml3TlFVaWNPcFlxRTRaeG5hWlpZYXZ3cFNlZmp1UVpac3ZUUEYyU2tPMGpDN05FTWlKTTdMdmpickZjWmFvaFJ2NnNITWxMTjhkaHFaWnArMWhyZE0rbUFFN1l3alF4Y1wvdldDIiwibWFjIjoiN2NkMzg1NDg5MjkwNjk1ZTA4NjkyYjYzYmExZDhhYzI0NGQzOWIwMWRiZmVjYjc1MTJkMmQ3ZjMyNDQwZmUwNyJ9

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://stag-uploadntv.nationgroup.com/login
Message:
[DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN