noticiasg1portal.online Open in urlscan Pro
2600:1901:0:84ef:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.noticiasg1portal.online/
Effective URL:
https://noticiasg1portal.online/
Submission: On October 07 via api (October 7th 2023, 1:15:22 pm UTC) from GB — Scanned from GB

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 77 HTTP transactions. The main IP is 2600:1901:0:84ef::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is noticiasg1portal.online.
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.

This is the only time noticiasg1portal.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2600:1901:0:8... 2600:1901:0:84ef::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:440... 2606:4700:4400::ac40:9a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:1c::7	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400e:2::a	15169 (GOOGLE) (GOOGLE)
77	11

19 2600:1901:0:84ef:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.noticiasg1portal.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
noticiasg1portal.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:4400::ac40:9a64 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.zyrosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:1c::7 (London, United Kingdom)

ASN15169 (GOOGLE, US)

rr2---sn-aigzrnz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:2::a (Ireland)

ASN15169 (GOOGLE, US)

rr5---sn-5hnekn7k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	zyrosite.com cdn.zyrosite.com — Cisco Umbrella Rank: 215604 assets.zyrosite.com — Cisco Umbrella Rank: 223212	174 KB
19	noticiasg1portal.online 1 redirects www.noticiasg1portal.online noticiasg1portal.online	439 KB
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 85 Failed	1 MB
9	googlevideo.com rr2---sn-aigzrnz7.googlevideo.com — Cisco Umbrella Rank: 44935 rr5---sn-5hnekn7k.googlevideo.com — Cisco Umbrella Rank: 59648	2 MB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304	1 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	32 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
77	8

	Domain	Requested by
15	www.youtube.com	www.noticiasg1portal.online noticiasg1portal.online www.youtube.com
14	assets.zyrosite.com	www.noticiasg1portal.online noticiasg1portal.online
10	cdn.zyrosite.com	www.noticiasg1portal.online cdn.zyrosite.com noticiasg1portal.online
10	www.noticiasg1portal.online	1 redirects www.noticiasg1portal.online
9	noticiasg1portal.online	www.noticiasg1portal.online noticiasg1portal.online
7	rr5---sn-5hnekn7k.googlevideo.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
2	rr2---sn-aigzrnz7.googlevideo.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
77	12

This site contains no links.

Subject Issuer	Validity	Valid
www.noticiasg1portal.online R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.zyrosite.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh
noticiasg1portal.online R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-03` - `2023-12-12`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://noticiasg1portal.online/
Frame ID: D41BEE976F7FF1E7EBD7A7CD979DB120
Requests: 42 HTTP requests in this frame

Frame: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
Frame ID: D6709E6F854AA11A9630BD5D4DF516A8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
Frame ID: 48767823133B4CDA6B2D8FB943688A49
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal de Notícias Exclusivas | portalnoticia

Page URL History Show full URLs

http://www.noticiasg1portal.online/ HTTP 301
https://www.noticiasg1portal.online/ Page URL
https://noticiasg1portal.online/ Page URL

Page Statistics

77
Requests

96 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

3363 kB
Transfer

7349 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.noticiasg1portal.online/ HTTP 301
https://www.noticiasg1portal.online/ Page URL
https://noticiasg1portal.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.noticiasg1portal.online/ HTTP 301
https://www.noticiasg1portal.online/

Request Chain 46

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 73

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

77 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.noticiasg1portal.online/
Redirect Chain

http://www.noticiasg1portal.online/
https://www.noticiasg1portal.online/

123 KB
16 KB

597ms
71ms

Document
text/html

2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

a9b671b639d257bb577526d47fa53690b120efc179fd7ae2b44118049fda69c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

age: 45571
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-cache-status: HIT
cf-ray: 81266974e982017d-CDG
content-encoding: gzip
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
content-type: text/html
date: Sat, 07 Oct 2023 13:15:16 GMT
etag: W/"f11b3f675626c0e9860b7029bd99c6b7"
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
server: openresty
strict-transport-security: max-age=63072000; includeSubDomains; preload;
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-hostinger-datacenter: gcp-europe-west1
x-hostinger-node: gcp-eu-west1-edge6
x-powered-by: Zyro.com
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, must-revalidate
Content-Length: 166
Content-Security-Policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Content-Type: text/html
Date: Sat, 07 Oct 2023 13:15:16 GMT
Link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
Location: https://www.noticiasg1portal.online/
Server: openresty
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;
Via: 1.1 google
X-Content-Type-Options: nosniff
X-Hostinger-Datacenter: gcp-us-central1
X-Hostinger-Node: gcp-us-central1-edge1
X-Powered-By: Zyro.com
X-XSS-Protection: 1; mode=block
platform: hostinger

GET
H2 200 font-faces
cdn.zyrosite.com/u1/google-fonts/ 15 KB
1 KB 138ms
56ms Stylesheet
text/css 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a118d57ef804d5f4155930b2bbc18a5a78906e9acdc2436d23f82145cfdd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 47721
cross-origin-resource-policy: cross-origin
x-hostinger-datacenter: gcp
x-xss-protection: 1; mode=block
x-request-id: e554f009d1083b16ab9f322a2702e57c
last-modified: Fri, 06 Oct 2023 21:33:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"3c38-Ii7P4MQD4NtQ53UyfH3vGbNd9Qk"
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-ratelimit-reset: 1696628045
x-ratelimit-limit: 20
cf-ray: 81266975df9f6556-LHR
timing-allow-origin: *
x-ratelimit-remaining: 19
expires: Sun, 08 Oct 2023 13:15:16 GMT

GET
H2 200 _...slug_.c0386cae.css
www.noticiasg1portal.online/_astro/ 192 KB
25 KB 67ms
66ms Stylesheet
text/css 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/_...slug_.c0386cae.css

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

c0386cae22f24d520aeb2e6693ea4364bce0c989748649ef81015dfb999a5b56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 44272
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"508e3dbf60f9d90fcb173d35d05764b4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 81266975593f22b0-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 page.d79c7bc6.js Show response
www.noticiasg1portal.online/_astro/ 2 KB
2 KB 165ms
164ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/page.d79c7bc6.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

69fa9c2995b71ee7bbd863cb6cb2cf5151893ce205fbffbffbb64f52439f6879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"1dc3981faf8ed27d04e7ab38dfb5dbb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 812669755cde047f-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 astro-traffic.txt
cdn.zyrosite.com/cdn-builder-placeholders/ 0
212 B 116ms
51ms Other
text/plain 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zyrosite.com/cdn-builder-placeholders/astro-traffic.txt
Requested by: Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 13:20:08 GMT
server: cloudflare
age: 121612
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 81266975dfa26556-LHR
content-length: 0
expires: Sun, 08 Oct 2023 13:15:16 GMT

GET
H2 200 logos-canais_brancos_g1-YX41r6x9npiqpK6a.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=165,h=110,fit=crop/dWxerWaqXLIeGO7X/ 1 KB
2 KB 230ms
149ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=165,h=110,fit=crop/dWxerWaqXLIeGO7X/logos-canais_brancos_g1-YX41r6x9npiqpK6a.png

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd5ac2a5ba06b976a747ed9628c81907b9377cd9dfa0994cd01dc016d0d7b0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:00:34 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf5H_lNcDT8EGOXbeoZhQYf14ZFV8nc23YSBzlArWWDQ:cba6777f7848cc78a4fbf7cb2f29e6d8"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 81266975ed17889e-LHR
content-length: 1473
cf-resized: internal=ok/h q=0 n=16+0 c=47+123 v=2023.9.8 l=1473

GET
H2 200 logos-canais_brancos_g1-YX41r6x9npiqpK6a.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=360,h=346,fit=crop/dWxerWaqXLIeGO7X/ 3 KB
3 KB 227ms
146ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=360,h=346,fit=crop/dWxerWaqXLIeGO7X/logos-canais_brancos_g1-YX41r6x9npiqpK6a.png

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2999a98ae5a8be375f8e8711a8af6649dc112d203d04bbecc70f419f0f659438

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:00:35 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfzGs4v57iUMrUvOtUgR1wVoPOJUOat5iqRXQ5Ae_hDQ:5ece2ccc8fd54d52c4987eea2f6ca9bb"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 81266975ed19889e-LHR
content-length: 3133
cf-resized: internal=ok/h q=0 n=26+196 c=21+142 v=2023.9.8 l=3133

GET
H2 200 ClientHead.7078ca88.js Show response
www.noticiasg1portal.online/_astro/ 1 KB
1 KB 168ms
168ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/ClientHead.7078ca88.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

407a2cdd2ccc183ee0b93db3302b7ba9bb33bcb80cf87f3b903f098d1cae314c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:36 GMT
server: openresty
etag: W/"a0ce80ada0d75da990cb3698e6c2e2ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 81266976499e2a67-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 client.1275e040.js Show response
www.noticiasg1portal.online/_astro/ 2 KB
2 KB 178ms
177ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/client.1275e040.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

415c3acc3d308609a9c5c64a0de947b3a02b6f6838098841f02a9cd9da9a60e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"6fcb4f12515ad83dd97de763c7ad0726"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 812669764f022a82-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 Page.e63ac184.js Show response
www.noticiasg1portal.online/_astro/ 500 KB
131 KB 182ms
181ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/Page.e63ac184.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

8885222d36887cf061ea0b744d30612a33d2534132a3feed43f5262256515ba6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:36 GMT
server: openresty
etag: W/"5f70eafa0370e3979a872b8834445478"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 8126697649d700d0-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 11 KB
11 KB 233ms
165ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Roboto:wght@400&subset=latin&display=swap

Requested by

Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
x-hostinger-datacenter: gcp
content-length: 11028
x-xss-protection: 1; mode=block
x-request-id: a27b68671ea7d01ef99c8e5ba5e4e15d
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"2b14-J58wDKLLvfn1A27y9Dhgf783fao"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 81266976aa0edc83-LHR
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:15:17 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 21 KB
21 KB 279ms
211ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Inter:wght@400&subset=latin&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67af51dc9c8d2df83c17d6142952c895e1c44ab86208b591fc1a4356f53eb7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiJ-Ek-_EeA.woff2
x-hostinger-datacenter: gcp
content-length: 21624
x-xss-protection: 1; mode=block
x-request-id: c05bb3e528677654f7e96b1877366008
last-modified: Thu, 14 Sep 2023 01:12:31 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"5478-pJ1Re77lU6dKYWHtVzOlPNbcCx4"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 81266976aa12dc83-LHR
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:15:17 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 22 KB
23 KB 231ms
164ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Inter:wght@700&subset=latin&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f48bdfc2ad60e47e97cddec5550a1d568d96ff35592300b62b400d3d728ced4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiJ-Ek-_EeA.woff2
x-hostinger-datacenter: gcp
content-length: 22936
x-xss-protection: 1; mode=block
x-request-id: 95dea9808f1fada5b6120db40fa21b48
last-modified: Wed, 13 Sep 2023 23:47:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"5998-f/ANH3NpKyTVM1Jt238OWBjJYLY"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 81266976aa10dc83-LHR
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:15:17 GMT

GET
H2 200 vermelho-YX41r6aB3gFoo0yY.jpg
assets.zyrosite.com/cdn-cgi/image/format=auto,w=1224,h=104,fit=crop/dWxerWaqXLIeGO7X/ 645 B
833 B 150ms
149ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=1224,h=104,fit=crop/dWxerWaqXLIeGO7X/vermelho-YX41r6aB3gFoo0yY.jpg

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aae89222da88d01b34607bf995bcb8264a62ba5c486ed8df997fb7fff641c1f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 19:58:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfdOk9e86kuCbNaFz0MPT3pYCa6Z5T9BKZlBipGdRcDQ:066ea2d52d58cb49551a7c5be2b92d58"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 812669764daf889e-LHR
content-length: 645
cf-resized: internal=ok/h q=0 n=36+109 c=2+52 v=2023.9.8 l=645

GET
H2 200 screenshot_4-mjEPr3gazzcyMo74.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=881,h=220,fit=crop/dWxerWaqXLIeGO7X/ 8 KB
9 KB 144ms
143ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=881,h=220,fit=crop/dWxerWaqXLIeGO7X/screenshot_4-mjEPr3gazzcyMo74.png

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdb12ba3feabe454fbb90ef5028f23a3ca881478d03ca52a8541fa71e304651

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:08:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfnpa1SSf8Pd3pp0HuKLM3WP5YiEFgQrMiVSAp2GaRDQ:0479b1ba0cae45705a353b961f258210"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 812669764db6889e-LHR
content-length: 8666
cf-resized: internal=ok/h q=0 n=14+467 c=0+0 v=2023.9.8 l=8666

GET
H2 200 screenshot_5-YBglzPX3NKirWekV.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=108,h=26,fit=crop/dWxerWaqXLIeGO7X/ 770 B
955 B 158ms
158ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=108,h=26,fit=crop/dWxerWaqXLIeGO7X/screenshot_5-YBglzPX3NKirWekV.png

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1124efe7dc5a7ab82f449b5245b2eae26089e01f7057f9fa41dfc918f1ce005b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:10:15 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfBz41Cd8BfhirGjW_cYgV22WJeAPiiK0R3Q0CfgriDQ:c9389bec72a1091f62870fd9c6a360a4"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 812669764db7889e-LHR
content-length: 770
cf-resized: internal=ok/h q=0 n=14+0 c=0+8 v=2023.9.8 l=770

GET
H2 200 screenshot_6-Y4LOZqwlwwTE6Nlw.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=792,h=44,fit=crop/dWxerWaqXLIeGO7X/ 1 KB
1 KB 143ms
142ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=792,h=44,fit=crop/dWxerWaqXLIeGO7X/screenshot_6-Y4LOZqwlwwTE6Nlw.png

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3800b6d255953fc3109b76f9996425d62f2aaced2e0cacc1d84f0adb8ff2d00f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:12:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfqUIzE3p7jPOKRN1OT3o6D2Wh1oqupsz6XdGW44j4DQ:0c59b1a3aeb78ae68a73fc906505cf99"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 812669764db9889e-LHR
content-length: 1300
cf-resized: internal=ok/h q=0 n=29+0 c=0+39 v=2023.9.8 l=1300

GET
H2 200 screenshot_8-dOqlKLKKeghj0zbv.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=770,h=513,fit=crop/dWxerWaqXLIeGO7X/ 14 KB
14 KB 156ms
156ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=770,h=513,fit=crop/dWxerWaqXLIeGO7X/screenshot_8-dOqlKLKKeghj0zbv.png

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e865edcf88083a23700d74d519cc8b1ca68bb75983814f87d8f9fe327eb881

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:21:23 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0vS_JTyK1KZ3CX9G_WSYPPiJUeoXAKAeOU_wc-TKDQ:8fbe313b5237bffe0af8fbf2da61758c"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 812669764dba889e-LHR
content-length: 14343
cf-resized: internal=ok/h q=0 n=31+149 c=0+0 v=2023.9.8 l=14343

GET
H2 200 index.7e3cc507.js Show response
www.noticiasg1portal.online/_astro/ 65 KB
26 KB 174ms
174ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/index.7e3cc507.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

5db257bd3603377cc54d7b13e3b6e73242c69936d9b9feafe9f524f783f8aaf3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/_astro/ClientHead.7078ca88.js
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"685e8e9a3bf0d0d17aa7b61bf648f237"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 812669775a1a0369-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 addDocumentElements.b1320649.js Show response
www.noticiasg1portal.online/_astro/ 5 KB
3 KB 184ms
184ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/addDocumentElements.b1320649.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

5eb29b03937a151bcf9ab897b9d99ceb7b83b398740264571b3d40fe0914ff19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/_astro/ClientHead.7078ca88.js
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:36 GMT
server: openresty
etag: W/"41f45736a0802dd6e953b9ab4c760624"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 812669775ad4d696-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 index.288fae11.js Show response
www.noticiasg1portal.online/_astro/ 35 KB
14 KB 199ms
199ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noticiasg1portal.online/_astro/index.288fae11.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

7119b52c11c37c8cb405b58be9024071e4fa6f7f060bcb22eecd7e20a36e99df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/_astro/client.1275e040.js
Origin: https://www.noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"0b6c6869c7fd6acf1f0ac9fb8bce5852"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge6
cf-ray: 812669776e810196-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET I2tP0CqgEYA
www.youtube.com/embed/ Frame D670 0
0

GET
H2 200 Primary Request / Show response
noticiasg1portal.online/ 123 KB
16 KB 226ms
68ms Document
text/html 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/_astro/addDocumentElements.b1320649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

a9b671b639d257bb577526d47fa53690b120efc179fd7ae2b44118049fda69c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noticiasg1portal.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

age: 45578
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-cache-status: HIT
cf-ray: 8126697a2b8b0365-CDG
content-encoding: gzip
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
content-type: text/html
date: Sat, 07 Oct 2023 13:15:17 GMT
etag: W/"f11b3f675626c0e9860b7029bd99c6b7"
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger
server: openresty
strict-transport-security: max-age=63072000; includeSubDomains; preload;
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-hostinger-datacenter: gcp-europe-west1
x-hostinger-node: gcp-eu-west1-edge4
x-powered-by: Zyro.com
x-xss-protection: 1; mode=block

GET
H2 200 font-faces
cdn.zyrosite.com/u1/google-fonts/ 15 KB
1 KB 49ms
48ms Stylesheet
text/css 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a118d57ef804d5f4155930b2bbc18a5a78906e9acdc2436d23f82145cfdd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 47722
cross-origin-resource-policy: cross-origin
x-hostinger-datacenter: gcp
x-xss-protection: 1; mode=block
x-request-id: e554f009d1083b16ab9f322a2702e57c
last-modified: Fri, 06 Oct 2023 21:33:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"3c38-Ii7P4MQD4NtQ53UyfH3vGbNd9Qk"
vary: Origin, Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-ratelimit-reset: 1696628045
x-ratelimit-limit: 20
cf-ray: 8126697a9dfc6556-LHR
timing-allow-origin: *
x-ratelimit-remaining: 19
expires: Sun, 08 Oct 2023 13:15:17 GMT

GET
H2 200 _...slug_.c0386cae.css
noticiasg1portal.online/_astro/ 192 KB
25 KB 80ms
80ms Stylesheet
text/css 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/_...slug_.c0386cae.css

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

c0386cae22f24d520aeb2e6693ea4364bce0c989748649ef81015dfb999a5b56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 43994
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"508e3dbf60f9d90fcb173d35d05764b4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697aace32173-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 page.d79c7bc6.js Show response
noticiasg1portal.online/_astro/ 2 KB
2 KB 69ms
68ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/page.d79c7bc6.js

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

69fa9c2995b71ee7bbd863cb6cb2cf5151893ce205fbffbffbb64f52439f6879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 45432
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"1dc3981faf8ed27d04e7ab38dfb5dbb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697aad9e2a6e-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 astro-traffic.txt
cdn.zyrosite.com/cdn-builder-placeholders/ 0
45 B 64ms
64ms Other
text/plain 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zyrosite.com/cdn-builder-placeholders/astro-traffic.txt
Requested by: Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 13:20:08 GMT
server: cloudflare
age: 121613
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 8126697aae136556-LHR
content-length: 0
expires: Sun, 08 Oct 2023 13:15:17 GMT

GET
H2 200 logos-canais_brancos_g1-YX41r6x9npiqpK6a.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=165,h=110,fit=crop/dWxerWaqXLIeGO7X/ 1 KB
1 KB 47ms
46ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=165,h=110,fit=crop/dWxerWaqXLIeGO7X/logos-canais_brancos_g1-YX41r6x9npiqpK6a.png

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd5ac2a5ba06b976a747ed9628c81907b9377cd9dfa0994cd01dc016d0d7b0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:00:34 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf5H_lNcDT8EGOXbeoZhQYf14ZFV8nc23YSBzlArWWDQ:cba6777f7848cc78a4fbf7cb2f29e6d8"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697aabe1889e-LHR
content-length: 1473
cf-resized: internal=ok/h q=0 n=16+0 c=47+123 v=2023.9.8 l=1473

GET
H2 200 logos-canais_brancos_g1-YX41r6x9npiqpK6a.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=360,h=346,fit=crop/dWxerWaqXLIeGO7X/ 3 KB
3 KB 45ms
45ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=360,h=346,fit=crop/dWxerWaqXLIeGO7X/logos-canais_brancos_g1-YX41r6x9npiqpK6a.png

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2999a98ae5a8be375f8e8711a8af6649dc112d203d04bbecc70f419f0f659438

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:00:35 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfzGs4v57iUMrUvOtUgR1wVoPOJUOat5iqRXQ5Ae_hDQ:5ece2ccc8fd54d52c4987eea2f6ca9bb"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697aabe3889e-LHR
content-length: 3133
cf-resized: internal=ok/h q=0 n=26+196 c=21+142 v=2023.9.8 l=3133

GET
H2 200 ClientHead.7078ca88.js Show response
noticiasg1portal.online/_astro/ 1 KB
1 KB 71ms
71ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/ClientHead.7078ca88.js

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

407a2cdd2ccc183ee0b93db3302b7ba9bb33bcb80cf87f3b903f098d1cae314c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 45431
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:36 GMT
server: openresty
etag: W/"a0ce80ada0d75da990cb3698e6c2e2ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697b4bce2a3d-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 client.1275e040.js Show response
noticiasg1portal.online/_astro/ 2 KB
2 KB 70ms
70ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/client.1275e040.js

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

415c3acc3d308609a9c5c64a0de947b3a02b6f6838098841f02a9cd9da9a60e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 44969
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"6fcb4f12515ad83dd97de763c7ad0726"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697b4f962a2e-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 Page.e63ac184.js Show response
noticiasg1portal.online/_astro/ 500 KB
131 KB 73ms
73ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/Page.e63ac184.js

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

8885222d36887cf061ea0b744d30612a33d2534132a3feed43f5262256515ba6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 43999
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:36 GMT
server: openresty
etag: W/"5f70eafa0370e3979a872b8834445478"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697b4d0e2a4f-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 11 KB
11 KB 153ms
152ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Roboto:wght@400&subset=latin&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
x-hostinger-datacenter: gcp
content-length: 11028
x-xss-protection: 1; mode=block
x-request-id: 506c59ebe47484654ce61f568fc530c3
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"2b14-J58wDKLLvfn1A27y9Dhgf783fao"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8126697b3f94dc83-LHR
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:15:17 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 21 KB
21 KB 163ms
163ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Inter:wght@400&subset=latin&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67af51dc9c8d2df83c17d6142952c895e1c44ab86208b591fc1a4356f53eb7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiJ-Ek-_EeA.woff2
x-hostinger-datacenter: gcp
content-length: 21624
x-xss-protection: 1; mode=block
x-request-id: 2f9a348d40001001cbaa1901a351ef57
last-modified: Thu, 14 Sep 2023 01:12:31 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"5478-pJ1Re77lU6dKYWHtVzOlPNbcCx4"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8126697b4f95dc83-LHR
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:15:17 GMT

GET
H2 200 font-file
cdn.zyrosite.com/u1/google-fonts/ 22 KB
23 KB 148ms
148ms Font
font/woff2 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Inter:wght@700&subset=latin&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f48bdfc2ad60e47e97cddec5550a1d568d96ff35592300b62b400d3d728ced4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Inter:wght@400;600;700&family=Poppins:wght@400;500&family=Roboto:wght@400&family=Open+Sans:wght@400&display=swap
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename=UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiJ-Ek-_EeA.woff2
x-hostinger-datacenter: gcp
content-length: 22936
x-xss-protection: 1; mode=block
x-request-id: 8814012c3ca5b504a89a007c37c6e807
last-modified: Wed, 13 Sep 2023 23:47:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
etag: W/"5998-f/ANH3NpKyTVM1Jt238OWBjJYLY"
vary: Origin, Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-hostinger-node: us-central1
x-frame-options: sameorigin
accept-ranges: bytes
cf-ray: 8126697b4f98dc83-LHR
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:15:17 GMT

GET
H2 200 vermelho-YX41r6aB3gFoo0yY.jpg
assets.zyrosite.com/cdn-cgi/image/format=auto,w=1224,h=104,fit=crop/dWxerWaqXLIeGO7X/ 645 B
704 B 57ms
54ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=1224,h=104,fit=crop/dWxerWaqXLIeGO7X/vermelho-YX41r6aB3gFoo0yY.jpg

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aae89222da88d01b34607bf995bcb8264a62ba5c486ed8df997fb7fff641c1f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 19:58:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfdOk9e86kuCbNaFz0MPT3pYCa6Z5T9BKZlBipGdRcDQ:066ea2d52d58cb49551a7c5be2b92d58"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697b4ce1889e-LHR
content-length: 645
cf-resized: internal=ok/h q=0 n=36+109 c=2+52 v=2023.9.8 l=645

GET
H2 200 screenshot_4-mjEPr3gazzcyMo74.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=881,h=220,fit=crop/dWxerWaqXLIeGO7X/ 8 KB
9 KB 59ms
56ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=881,h=220,fit=crop/dWxerWaqXLIeGO7X/screenshot_4-mjEPr3gazzcyMo74.png

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdb12ba3feabe454fbb90ef5028f23a3ca881478d03ca52a8541fa71e304651

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:08:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfnpa1SSf8Pd3pp0HuKLM3WP5YiEFgQrMiVSAp2GaRDQ:0479b1ba0cae45705a353b961f258210"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697b4ce4889e-LHR
content-length: 8666
cf-resized: internal=ok/h q=0 n=14+467 c=0+0 v=2023.9.8 l=8666

GET
H2 200 screenshot_5-YBglzPX3NKirWekV.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=108,h=26,fit=crop/dWxerWaqXLIeGO7X/ 770 B
829 B 53ms
50ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=108,h=26,fit=crop/dWxerWaqXLIeGO7X/screenshot_5-YBglzPX3NKirWekV.png

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1124efe7dc5a7ab82f449b5245b2eae26089e01f7057f9fa41dfc918f1ce005b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:10:15 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfBz41Cd8BfhirGjW_cYgV22WJeAPiiK0R3Q0CfgriDQ:c9389bec72a1091f62870fd9c6a360a4"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697b4ce6889e-LHR
content-length: 770
cf-resized: internal=ok/h q=0 n=14+0 c=0+8 v=2023.9.8 l=770

GET
H2 200 screenshot_6-Y4LOZqwlwwTE6Nlw.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=792,h=44,fit=crop/dWxerWaqXLIeGO7X/ 1 KB
1 KB 56ms
56ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=792,h=44,fit=crop/dWxerWaqXLIeGO7X/screenshot_6-Y4LOZqwlwwTE6Nlw.png

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3800b6d255953fc3109b76f9996425d62f2aaced2e0cacc1d84f0adb8ff2d00f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:12:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfqUIzE3p7jPOKRN1OT3o6D2Wh1oqupsz6XdGW44j4DQ:0c59b1a3aeb78ae68a73fc906505cf99"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697b4ce7889e-LHR
content-length: 1300
cf-resized: internal=ok/h q=0 n=29+0 c=0+39 v=2023.9.8 l=1300

GET
H2 200 screenshot_8-dOqlKLKKeghj0zbv.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=770,h=513,fit=crop/dWxerWaqXLIeGO7X/ 14 KB
14 KB 60ms
60ms Image
image/avif 2606:4700:4400::ac40:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=770,h=513,fit=crop/dWxerWaqXLIeGO7X/screenshot_8-dOqlKLKKeghj0zbv.png

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e865edcf88083a23700d74d519cc8b1ca68bb75983814f87d8f9fe327eb881

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://noticiasg1portal.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:21:23 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0vS_JTyK1KZ3CX9G_WSYPPiJUeoXAKAeOU_wc-TKDQ:8fbe313b5237bffe0af8fbf2da61758c"
vary: Accept, Accept-Encoding
content-type: image/avif
accept-ranges: bytes
cf-ray: 8126697b4cea889e-LHR
content-length: 14343
cf-resized: internal=ok/h q=0 n=31+149 c=0+0 v=2023.9.8 l=14343

GET
H2 200 index.288fae11.js Show response
noticiasg1portal.online/_astro/ 35 KB
14 KB 187ms
186ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/index.288fae11.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

7119b52c11c37c8cb405b58be9024071e4fa6f7f060bcb22eecd7e20a36e99df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/_astro/client.1275e040.js
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"0b6c6869c7fd6acf1f0ac9fb8bce5852"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697bb9702a37-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 index.7e3cc507.js Show response
noticiasg1portal.online/_astro/ 65 KB
26 KB 83ms
82ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/index.7e3cc507.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

5db257bd3603377cc54d7b13e3b6e73242c69936d9b9feafe9f524f783f8aaf3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/_astro/client.1275e040.js
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 44969
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:37 GMT
server: openresty
etag: W/"685e8e9a3bf0d0d17aa7b61bf648f237"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697bb85a035a-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 addDocumentElements.b1320649.js Show response
noticiasg1portal.online/_astro/ 5 KB
3 KB 80ms
80ms Script
application/javascript 2600:1901:0:84ef::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://noticiasg1portal.online/_astro/addDocumentElements.b1320649.js

Requested by

Host: www.noticiasg1portal.online
URL: https://www.noticiasg1portal.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty / Zyro.com

Resource Hash

5eb29b03937a151bcf9ab897b9d99ceb7b83b398740264571b3d40fe0914ff19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noticiasg1portal.online/_astro/ClientHead.7078ca88.js
Origin: https://noticiasg1portal.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
age: 45430
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-powered-by: Zyro.com
x-hostinger-datacenter: gcp-europe-west1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Oct 2023 00:35:36 GMT
server: openresty
etag: W/"41f45736a0802dd6e953b9ab4c760624"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, must-revalidate
x-hostinger-node: gcp-eu-west1-edge4
cf-ray: 8126697bb8bdd6e6-CDG
link: <https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform: hostinger

GET
H2 200 I2tP0CqgEYA Show response
www.youtube.com/embed/ Frame 4876 91 KB
38 KB 115ms
115ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Requested by

Host: noticiasg1portal.online
URL: https://noticiasg1portal.online/_astro/index.288fae11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79697fc18bc169b2c99c4fd6ce577e7d53c676a8f8812ec1aeff2ab6393dd8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticiasg1portal.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 13:15:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/4a66ccde/ Frame 4876 378 KB
48 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 10:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48950
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Oct 2024 10:58:37 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/ Frame 4876 316 KB
95 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 12:44:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96853
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Oct 2024 12:44:02 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/ Frame 4876 2 MB
786 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29692ce3dc0ca0cac50006c645664a322e78d953d5cca1439e079ac1802f6df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804056
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Oct 2024 13:14:59 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4876
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

53ms
52ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfecf91014597eac69e26c16c136df9a7816b7eaec54c7a636c10d9010eb95c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Oct 2023 13:15:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4876 29 B
495 B 140ms
44ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:00:32 GMT
x-content-type-options: nosniff
age: 886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 13:15:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 162ms
52ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 07 Oct 2023 13:15:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4876 68 KB
32 KB 61ms
61ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff3bae8b1c952a429f946dac23978f1ad96c10e58973133a04af7e656080efe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json+protobuf

Response headers

date: Sat, 07 Oct 2023 13:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32102
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 4876 57 KB
27 KB 139ms
138ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e14625853561386b2e01de38a25087b388598be436387a71fa39680a65335716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231003.01.00
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D

Response headers

date: Sat, 07 Oct 2023 13:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27793
x-xss-protection: 0
expires: Sat, 07 Oct 2023 13:15:18 GMT

GET
H2 200 hyjqM3uJoJVgRGa_t1SNEJccC07842YH31Ed8mhP4sw.js Show response
www.google.com/js/th/ Frame 4876 37 KB
15 KB 141ms
44ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/hyjqM3uJoJVgRGa_t1SNEJccC07842YH31Ed8mhP4sw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8728ea337b89a095604466bfb7548d10971c0b4efce36607df511df2684fe2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Wed, 04 Oct 2023 05:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 288558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14734
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 05:06:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/ Frame 4876 54 KB
17 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1291c9d190fb9d3fe93d97cfc948c24d26bbe85b2fbeb347188dd43093487050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 06 Oct 2023 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16960
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 05 Oct 2024 23:51:41 GMT

GET
DATA 200
OK truncated
/ Frame 4876 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
H2 200 APkrFKZFQEXV5kAB5H9gRDCg8QnBOyhrg0cN333HKlvbuEGtOyx67rghBfTQoUHjXQbX=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4876 628 B
921 B 143ms
44ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKZFQEXV5kAB5H9gRDCg8QnBOyhrg0cN333HKlvbuEGtOyx67rghBfTQoUHjXQbX=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2d52c539a131fd46c1bdefc7a9bcfddac0335afe315bb3587b10722a132dc54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 10:35:03 GMT
x-content-type-options: nosniff
server: fife
age: 9615
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 628
x-xss-protection: 0
expires: Sun, 08 Oct 2023 10:35:03 GMT

GET
DATA 200
OK truncated
/ Frame 4876 341 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5676c5a361e3b50bc34dc5eb29d0e553a6db5d1b2ba61e0883f6b8c90ebd3fd2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
H3 204 generate_204
www.youtube.com/ Frame 4876 0
10 B 46ms
46ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?SLo2IA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 4876 0
19 B 53ms
53ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&cpn=nXFecUlnNF80t0xq&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C280980%2C23071%2C84737%2C35229%2C1089%2C3782%2C2489%2C249%2C2951%2C26436294%2C3518%2C536%2C1253%2C75%2C602%2C1031%2C13742%2C1333%2C2040%2C564&cl=570533885&seq=1&docid=I2tP0CqgEYA&ei=5lkhZe63HYqs6dsPvby9sAg&event=streamingstats&plid=AAYHICYFsrLKBG1N&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI2tP0CqgEYA%3Fh%3Dnull%26playlist%3DI2tP0CqgEYA%26autoplay%3D1%26controls%3D1%26loop%3D0%26autopause%3D0%26playsinline%3D1%26mute%3D1&qclc=ChBuWEZlY1Vsbk5GODB0MHhxEAE&embargoed=0&cbrand=samsung&cbr=Chrome%20Mobile&cbrver=116.0.5845.114&c=WEB_EMBEDDED_PLAYER&cver=1.20231003.01.00&cplayer=UNIPLAYER&cmodel=sm-a205u&cos=Android&cosver=10&cplatform=MOBILE&vps=0.000:N,0.011:B,0.227:B,0.227:B&cat=streaming&cmt=0.011:0.000,0.227:0.000&vfs=0.227:134:134::r&view=0.227:833:469&bwe=0.227:130000&bat=0.227:1:1&vis=0.227:0&bh=0.227:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1696684518352&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C833%2C469&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 13:15:18 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-aigzrnz7.googlevideo.com/ Frame 4876 1 KB
2 KB 127ms
33ms Fetch
application/vnd.yt-ump 2a00:1450:4009:1c::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-aigzrnz7.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=134&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=i7&mm=31%2C29&mn=sn-aigzrnz7%2Csn-aigl6nzl&ms=au%2Crdu&mv=m&mvi=2&pl=48&initcwndbps=567500&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=3129128&dur=58.057&lmt=1696623281204115&mt=1696684152&fvip=3&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhALGExqg7WVMGnqNYaNmlcnMVbQvw9klZ0O4MEeRpW8bTAiBmK6keN6Ev5pDvxiyUa-qHKwdIcnJzSL5m9-2NVa4PXQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRgIhAP8bh3vZgxhJCB1HwRJwIYFMS2W6E82G9Okx8ikl9bDqAiEA8ZrYMfFh3sNlCutlfiVFuYUsuG7Vpv9G9p3NDI3O_bs%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&range=0-152927&rn=1&rbuf=0&pot=IjKc_Jz_-d3FGt-b78_NzKmwyZL7hf-R0q_FhfaQ78jLjN6W1bXfm9a0zZTVv9ub3dmvuA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:1c::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

323594d80175c971974d242e974fc27df24d421a5ce02ba4ea81ba6c90279691

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Sat, 07 Oct 2023 13:15:18 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 07 Oct 2023 13:15:18 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-aigzrnz7.googlevideo.com/ Frame 4876 1 KB
2 KB 129ms
35ms Fetch
application/vnd.yt-ump 2a00:1450:4009:1c::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-aigzrnz7.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=251&source=youtube&requiressl=yes&mh=i7&mm=31%2C29&mn=sn-aigzrnz7%2Csn-aigl6nzl&ms=au%2Crdu&mv=m&mvi=2&pl=48&initcwndbps=567500&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=1015210&dur=58.201&lmt=1696623287623557&mt=1696684152&fvip=3&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPP_QeucUJUJS01e3oXEDelnw1nVqXvQtAEffmO6Ue_pAiBBPYhxaDqLhZlOimH-zcjE5QHjm483noVWmkYvlLweaA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRgIhAP8bh3vZgxhJCB1HwRJwIYFMS2W6E82G9Okx8ikl9bDqAiEA8ZrYMfFh3sNlCutlfiVFuYUsuG7Vpv9G9p3NDI3O_bs%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&range=0-65893&rn=2&rbuf=0&pot=IjLeGN4buzmH_p1_rSuPKOtUi3a5Yb11kEuHYbR0rSyJaJxyl1Gdf5RQj3CXW5l_nz3tXA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:1c::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c6400470028d0bea30ddb293e35233ba2eb4ef5dabb5d7d42aa5e10649b0f995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Sat, 07 Oct 2023 13:15:18 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 07 Oct 2023 13:15:18 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/ Frame 4876 71 KB
24 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b80fdb856fd311368683d0a1939cb4ebc1bb94dddc43ad53f76a226192f38010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Wed, 04 Oct 2023 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24356
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 09:07:43 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/ Frame 4876 32 KB
8 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68cc35d7422008fd13a10a8eaf4223b4da1041fd34fdab3802a7a5eeead789a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Wed, 04 Oct 2023 09:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8177
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 09:06:22 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 4876 35 KB
6 KB 395ms
395ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f108bbdbd6901bb5c06bc59d01725ee99242fd7197c28a8d1afd6b4e4cb4a5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231003.01.00
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D

Response headers

date: Sat, 07 Oct 2023 13:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6158
x-xss-protection: 0
expires: Sat, 07 Oct 2023 13:15:19 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4876 28 B
54 B 68ms
58ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
X-Goog-Request-Time: 1696684518693
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1696684518212&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C833%2C469&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 07 Oct 2023 13:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 07 Oct 2023 13:15:18 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
52ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 07 Oct 2023 13:15:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4876 90 B
134 B 56ms
55ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6de082428388fa63dfd1a4e0fac8ab2518c28d33b46aec4b031010cdc7eee2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json+protobuf

Response headers

date: Sat, 07 Oct 2023 13:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 149 KB
149 KB 162ms
85ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=134&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=3129128&dur=58.057&lmt=1696623281204115&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhALGExqg7WVMGnqNYaNmlcnMVbQvw9klZ0O4MEeRpW8bTAiBmK6keN6Ev5pDvxiyUa-qHKwdIcnJzSL5m9-2NVa4PXQ%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAPK3PPlPhzeOQcRvLYnttzsPRzXbbMBzIjWIKZuD2QMeAiAx69dgmq8yx-YhvyRxrAewv12QszNfjHRepdOsM1aamA%3D%3D&range=0-152927&rn=3&rbuf=0&pot=IjL8f_x5mV6lmb8Yj0ytT8kzqRGbBp8SsiylBpYTj0urD74VtTa_GLY3rRe1PLsYvVrPOw==&ump=1&srfvp=1&altitags=160

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4ba5bab3868d6a11dddb5884e4381453910cc37e0bbf114187d02e8c3d800064

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Sat, 07 Oct 2023 13:15:18 GMT
date: Sat, 07 Oct 2023 13:15:18 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 06 Oct 2023 20:14:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 64 KB
64 KB 196ms
123ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=251&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=1015210&dur=58.201&lmt=1696623287623557&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPP_QeucUJUJS01e3oXEDelnw1nVqXvQtAEffmO6Ue_pAiBBPYhxaDqLhZlOimH-zcjE5QHjm483noVWmkYvlLweaA%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAKxL4IKwn0bF2ENsDwSkkHlqGVAyf1c8aZlLNlCQwQJOAiAc6CfenHar1WTJWpYwBQpmcrC-gysi71SxrizKBCE5zQ%3D%3D&range=0-65893&rn=4&rbuf=0&pot=IjKaP5o5_x7D2dlY6QzLD69zz1H9RvlS1GzDRvBT6QvNT9hV03bZWNB3y1fTfN1Y2xqpew==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1cebe17fcbed13afbae32c2cbb98e13d214086724717f2164d2bf26c18017364

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

client-protocol: quic
date: Sat, 07 Oct 2023 13:15:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2023 20:14:47 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 07 Oct 2023 13:15:18 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 74 KB
74 KB 42ms
42ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=251&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=1015210&dur=58.201&lmt=1696623287623557&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPP_QeucUJUJS01e3oXEDelnw1nVqXvQtAEffmO6Ue_pAiBBPYhxaDqLhZlOimH-zcjE5QHjm483noVWmkYvlLweaA%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAKxL4IKwn0bF2ENsDwSkkHlqGVAyf1c8aZlLNlCQwQJOAiAc6CfenHar1WTJWpYwBQpmcrC-gysi71SxrizKBCE5zQ%3D%3D&range=65894-141808&rn=5&rbuf=4634&pot=Mm45VbwVhppnvTltVTiz8AZQ5gPOkMnLbo17e4yl3hXxCN83CcgKT3yx_j3nEpwWQeGPhM-kYo4126CB1Md5jdchHzjWnEejMCqA1lw6TgkEATGdlaQUGENXyS_kA4YLTyYl0Sy8Ry8PCKf1aI6VbA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8cc9ff7aaffc764b33a676a7d3b3912074aa7dbe0add11743510e0a03599cc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

client-protocol: quic
date: Sat, 07 Oct 2023 13:15:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2023 20:14:47 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 07 Oct 2023 13:15:19 GMT

GET
H2 200 APkrFKZFQEXV5kAB5H9gRDCg8QnBOyhrg0cN333HKlvbuEGtOyx67rghBfTQoUHjXQbX=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4876 660 B
750 B 45ms
44ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKZFQEXV5kAB5H9gRDCg8QnBOyhrg0cN333HKlvbuEGtOyx67rghBfTQoUHjXQbX=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b195e08468f930af0ef44d852ccc8eddfb47c8c934e594a6acd4c5bb6b62d40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 10:18:37 GMT
x-content-type-options: nosniff
server: fife
age: 10602
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 660
x-xss-protection: 0
expires: Sun, 08 Oct 2023 10:18:37 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 130 KB
130 KB 40ms
40ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=134&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=3129128&dur=58.057&lmt=1696623281204115&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhALGExqg7WVMGnqNYaNmlcnMVbQvw9klZ0O4MEeRpW8bTAiBmK6keN6Ev5pDvxiyUa-qHKwdIcnJzSL5m9-2NVa4PXQ%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAPK3PPlPhzeOQcRvLYnttzsPRzXbbMBzIjWIKZuD2QMeAiAx69dgmq8yx-YhvyRxrAewv12QszNfjHRepdOsM1aamA%3D%3D&range=152928-285975&rn=6&rbuf=2847&pot=Mm45VbwVhppnvTltVTiz8AZQ5gPOkMnLbo17e4yl3hXxCN83CcgKT3yx_j3nEpwWQeGPhM-kYo4126CB1Md5jdchHzjWnEejMCqA1lw6TgkEATGdlaQUGENXyS_kA4YLTyYl0Sy8Ry8PCKf1aI6VbA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0eece7fda1f5d28ffbdd3a51133a63c051c64fe858966bb0741ad7a84ce7f135

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Sat, 07 Oct 2023 13:15:19 GMT
date: Sat, 07 Oct 2023 13:15:19 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 06 Oct 2023 20:14:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 4876 0
17 B 54ms
53ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=nXFecUlnNF80t0xq&ver=2&cmt=0.019&fmt=134&fs=0&rt=0.678&euri=https%3A%2F%2Fnoticiasg1portal.online%2F&lact=717&cl=570533885&mos=1&volume=100&cbrand=samsung&cbr=Chrome%20Mobile&cbrver=116.0.5845.114&c=WEB_EMBEDDED_PLAYER&cver=1.20231003.01.00&cplayer=UNIPLAYER&cmodel=sm-a205u&cos=Android&cosver=10&cplatform=MOBILE&autoplay=1&epm=1&delay=4&hl=en_GB&cr=GB&len=59&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C280980%2C23071%2C84737%2C35229%2C1089%2C3782%2C2489%2C249%2C2951%2C26436294%2C3518%2C536%2C1253%2C75%2C602%2C1031%2C13742%2C1333%2C2040%2C564&rtn=8&afmt=251&size=833%3A469&inview=0.1&muted=1&docid=I2tP0CqgEYA&ei=5lkhZe63HYqs6dsPvby9sAg&plid=AAYHICYFsrLKBG1N&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI2tP0CqgEYA%3Fh%3Dnull%26playlist%3DI2tP0CqgEYA%26autoplay%3D1%26controls%3D1%26loop%3D0%26autopause%3D0%26playsinline%3D1%26mute%3D1&list=TLGGxZ0qulcbXygwNzEwMjAyMw&of=2hyjuvxRchHz306ieRbDCg&vm=CAEQABgEOjJBQWpSVTZuRWhfRkRXUFYtUC1NTmgwRTdDUVlQVWZTcWVjX2hNNFJxNzlwS2w3YjR6UWJyQVBta0tESVRMTEUwajc4aXhsNTJwbDU2SUNGSUZOMTNuR0x3YXVTTnRTMWFOazFsNGZQNldHSnp0WjJtWldpUWstX2JoTDZTRmd3Z2s4cDN1blhWS19FREpTbklHX3dCMWNuNzBUcGNHcVB2ekVzWUh3aAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1696684518352&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C833%2C469&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 13:15:19 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 4876 0
19 B 53ms
52ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=I2tP0CqgEYA&cpn=nXFecUlnNF80t0xq&ei=5lkhZe63HYqs6dsPvby9sAg&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1696684518352&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C833%2C469&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 13:15:19 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4876
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

52ms
51ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c1b2bcb11379bf9704884b856433af83de9881efadebe05fb89a7d3126a3ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sat, 07 Oct 2023 13:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Oct 2023 13:15:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4876 328 B
328 B Other
application/json

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 966bd148075d6ad067c4bcc5c2aa068b028f48c10e85ce05b677f9e08d5bf873

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: application/json

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 327 KB
327 KB 42ms
41ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=134&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=3129128&dur=58.057&lmt=1696623281204115&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhALGExqg7WVMGnqNYaNmlcnMVbQvw9klZ0O4MEeRpW8bTAiBmK6keN6Ev5pDvxiyUa-qHKwdIcnJzSL5m9-2NVa4PXQ%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAPK3PPlPhzeOQcRvLYnttzsPRzXbbMBzIjWIKZuD2QMeAiAx69dgmq8yx-YhvyRxrAewv12QszNfjHRepdOsM1aamA%3D%3D&range=285976-620512&rn=7&rbuf=5339&pot=Mm45VbwVhppnvTltVTiz8AZQ5gPOkMnLbo17e4yl3hXxCN83CcgKT3yx_j3nEpwWQeGPhM-kYo4126CB1Md5jdchHzjWnEejMCqA1lw6TgkEATGdlaQUGENXyS_kA4YLTyYl0Sy8Ry8PCKf1aI6VbA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2a99fde5f4db30b8fb42ec9d847303bb95a9cdc1a2a7d97243cd12aec967f335

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Sat, 07 Oct 2023 13:15:19 GMT
date: Sat, 07 Oct 2023 13:15:19 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 06 Oct 2023 20:14:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
DATA 200
OK truncated
/ Frame 4876 96 B
96 B Other
application/json

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9881bf9c9454ae0f2322d10dcd38c97d72eb26a1e28b8d6e9b16e49c2f4aed0b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: application/json

GET
DATA 200
OK truncated
/ Frame 4876 50 KB
50 KB Other
application/json

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef3171f22a31ae207189461b0d23bd8e9d4ab51f4e7fa08513476855c482914d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: application/json

GET
DATA 200
OK truncated
/ Frame 4876 50 KB
50 KB Other
application/json

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7762a3d97ba5c5b78f98ac7998d1465e151d104fa656e36bb58c828072cfef81

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: application/json

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 174 KB
174 KB 40ms
39ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=251&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=1015210&dur=58.201&lmt=1696623287623557&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPP_QeucUJUJS01e3oXEDelnw1nVqXvQtAEffmO6Ue_pAiBBPYhxaDqLhZlOimH-zcjE5QHjm483noVWmkYvlLweaA%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAKxL4IKwn0bF2ENsDwSkkHlqGVAyf1c8aZlLNlCQwQJOAiAc6CfenHar1WTJWpYwBQpmcrC-gysi71SxrizKBCE5zQ%3D%3D&range=141809-320103&rn=8&rbuf=9941&pot=Mm45VbwVhppnvTltVTiz8AZQ5gPOkMnLbo17e4yl3hXxCN83CcgKT3yx_j3nEpwWQeGPhM-kYo4126CB1Md5jdchHzjWnEejMCqA1lw6TgkEATGdlaQUGENXyS_kA4YLTyYl0Sy8Ry8PCKf1aI6VbA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c36a49dd131f30d7c7656e8e9a4ea1cbbc398ac01b7beac58b7a9bf8dc416b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

client-protocol: quic
date: Sat, 07 Oct 2023 13:15:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2023 20:14:47 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 07 Oct 2023 13:15:19 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnekn7k.googlevideo.com/ Frame 4876 628 KB
628 KB 40ms
39ms Fetch
application/vnd.yt-ump 2a00:1450:400e:2::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1696706118&ei=5lkhZe63HYqs6dsPvby9sAg&ip=2001%3Aac8%3A21%3Ae%3A%3A8&id=o-AK-k_-il7rarF3sO_ACUyhWIVJfgnhs6y9QWskmP3lWj&itag=134&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f87Cla3x5c8V9oTalQgo1eikBoBUcCYPWpu21w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=jkVZXYwKSF2UHtvkTT0z7P0P&gir=yes&clen=3129128&dur=58.057&lmt=1696623281204115&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=TfDt6SxdQnblsg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhALGExqg7WVMGnqNYaNmlcnMVbQvw9klZ0O4MEeRpW8bTAiBmK6keN6Ev5pDvxiyUa-qHKwdIcnJzSL5m9-2NVa4PXQ%3D%3D&alr=yes&cpn=nXFecUlnNF80t0xq&cver=1.20231003.01.00&redirect_counter=1&cm2rm=sn-aige6z7l&cms_redirect=yes&cmsv=e&mh=i7&mm=34&mn=sn-5hnekn7k&ms=ltu&mt=1696684122&mv=m&mvi=5&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAPK3PPlPhzeOQcRvLYnttzsPRzXbbMBzIjWIKZuD2QMeAiAx69dgmq8yx-YhvyRxrAewv12QszNfjHRepdOsM1aamA%3D%3D&range=620513-1263946&rn=9&rbuf=10497&pot=Mm45VbwVhppnvTltVTiz8AZQ5gPOkMnLbo17e4yl3hXxCN83CcgKT3yx_j3nEpwWQeGPhM-kYo4126CB1Md5jdchHzjWnEejMCqA1lw6TgkEATGdlaQUGENXyS_kA4YLTyYl0Sy8Ry8PCKf1aI6VbA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

78a15af92d25bf2c09a8bd2189d775f10f8bc90ecc53f6fbacbb592faaf95211

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Sat, 07 Oct 2023 13:15:19 GMT
date: Sat, 07 Oct 2023 13:15:19 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 06 Oct 2023 20:14:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4876 28 B
54 B 59ms
59ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
X-Goog-Request-Time: 1696684520781
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: Cgs3Q05LUngycmNSYyjls4WpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1696684518212&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C833%2C469&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 07 Oct 2023 13:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 07 Oct 2023 13:15:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/I2tP0CqgEYA?h=null&playlist=I2tP0CqgEYA&autoplay=1&controls=1&loop=0&autopause=0&playsinline=1&mute=1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Astro object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cYdjC9_kSmA
			.youtube.com/	1970-01-20 19:37:16	Name: VISITOR_INFO1_LIVE Value: 7CNKRx2rcRc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors zyro.com .zyro.com .zyro.space .dp.zyro.space .hostinger.com *.hostinger.io hostinger.in hostinger.co.uk
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zyrosite.com
cdn.zyrosite.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
noticiasg1portal.online
rr2---sn-aigzrnz7.googlevideo.com
rr5---sn-5hnekn7k.googlevideo.com
static.doubleclick.net
www.google.com
www.noticiasg1portal.online
www.youtube.com
yt3.ggpht.com
www.youtube.com
2600:1901:0:84ef::
2606:4700:4400::ac40:9a64
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:830::200e
2a00:1450:4009:1c::7
2a00:1450:400e:2::a
0eece7fda1f5d28ffbdd3a51133a63c051c64fe858966bb0741ad7a84ce7f135
1124efe7dc5a7ab82f449b5245b2eae26089e01f7057f9fa41dfc918f1ce005b
1291c9d190fb9d3fe93d97cfc948c24d26bbe85b2fbeb347188dd43093487050
1cebe17fcbed13afbae32c2cbb98e13d214086724717f2164d2bf26c18017364
1f48bdfc2ad60e47e97cddec5550a1d568d96ff35592300b62b400d3d728ced4
1fdb12ba3feabe454fbb90ef5028f23a3ca881478d03ca52a8541fa71e304651
29692ce3dc0ca0cac50006c645664a322e78d953d5cca1439e079ac1802f6df6
2999a98ae5a8be375f8e8711a8af6649dc112d203d04bbecc70f419f0f659438
2a99fde5f4db30b8fb42ec9d847303bb95a9cdc1a2a7d97243cd12aec967f335
2d52c539a131fd46c1bdefc7a9bcfddac0335afe315bb3587b10722a132dc54e
323594d80175c971974d242e974fc27df24d421a5ce02ba4ea81ba6c90279691
3800b6d255953fc3109b76f9996425d62f2aaced2e0cacc1d84f0adb8ff2d00f
407a2cdd2ccc183ee0b93db3302b7ba9bb33bcb80cf87f3b903f098d1cae314c
415c3acc3d308609a9c5c64a0de947b3a02b6f6838098841f02a9cd9da9a60e0
48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600
4ba5bab3868d6a11dddb5884e4381453910cc37e0bbf114187d02e8c3d800064
5676c5a361e3b50bc34dc5eb29d0e553a6db5d1b2ba61e0883f6b8c90ebd3fd2
5db257bd3603377cc54d7b13e3b6e73242c69936d9b9feafe9f524f783f8aaf3
5eb29b03937a151bcf9ab897b9d99ceb7b83b398740264571b3d40fe0914ff19
67af51dc9c8d2df83c17d6142952c895e1c44ab86208b591fc1a4356f53eb7a8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68cc35d7422008fd13a10a8eaf4223b4da1041fd34fdab3802a7a5eeead789a3
69fa9c2995b71ee7bbd863cb6cb2cf5151893ce205fbffbffbb64f52439f6879
6c1b2bcb11379bf9704884b856433af83de9881efadebe05fb89a7d3126a3ca9
6de082428388fa63dfd1a4e0fac8ab2518c28d33b46aec4b031010cdc7eee2be
7119b52c11c37c8cb405b58be9024071e4fa6f7f060bcb22eecd7e20a36e99df
73a118d57ef804d5f4155930b2bbc18a5a78906e9acdc2436d23f82145cfdd37
7762a3d97ba5c5b78f98ac7998d1465e151d104fa656e36bb58c828072cfef81
78a15af92d25bf2c09a8bd2189d775f10f8bc90ecc53f6fbacbb592faaf95211
79697fc18bc169b2c99c4fd6ce577e7d53c676a8f8812ec1aeff2ab6393dd8a4
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
8728ea337b89a095604466bfb7548d10971c0b4efce36607df511df2684fe2cc
8885222d36887cf061ea0b744d30612a33d2534132a3feed43f5262256515ba6
8cc9ff7aaffc764b33a676a7d3b3912074aa7dbe0add11743510e0a03599cc66
966bd148075d6ad067c4bcc5c2aa068b028f48c10e85ce05b677f9e08d5bf873
9881bf9c9454ae0f2322d10dcd38c97d72eb26a1e28b8d6e9b16e49c2f4aed0b
a9b671b639d257bb577526d47fa53690b120efc179fd7ae2b44118049fda69c0
aae89222da88d01b34607bf995bcb8264a62ba5c486ed8df997fb7fff641c1f4
afd5ac2a5ba06b976a747ed9628c81907b9377cd9dfa0994cd01dc016d0d7b0b
b195e08468f930af0ef44d852ccc8eddfb47c8c934e594a6acd4c5bb6b62d40b
b4e865edcf88083a23700d74d519cc8b1ca68bb75983814f87d8f9fe327eb881
b80fdb856fd311368683d0a1939cb4ebc1bb94dddc43ad53f76a226192f38010
bfecf91014597eac69e26c16c136df9a7816b7eaec54c7a636c10d9010eb95c6
c0386cae22f24d520aeb2e6693ea4364bce0c989748649ef81015dfb999a5b56
c36a49dd131f30d7c7656e8e9a4ea1cbbc398ac01b7beac58b7a9bf8dc416b06
c6400470028d0bea30ddb293e35233ba2eb4ef5dabb5d7d42aa5e10649b0f995
c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e14625853561386b2e01de38a25087b388598be436387a71fa39680a65335716
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef3171f22a31ae207189461b0d23bd8e9d4ab51f4e7fa08513476855c482914d
f108bbdbd6901bb5c06bc59d01725ee99242fd7197c28a8d1afd6b4e4cb4a5e3
ff3bae8b1c952a429f946dac23978f1ad96c10e58973133a04af7e656080efe7

noticiasg1portal.online Open in urlscan Pro 2600:1901:0:84ef:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

77 Requests

96 %HTTPS

100 %IPv6

8 Domains

12 Subdomains

11 IPs

4 Countries

3363 kBTransfer

7349 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

noticiasg1portal.online Open in urlscan Pro
2600:1901:0:84ef:: Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

3363 kB
Transfer

7349 kB
Size

2
Cookies

77 HTTP transactions
6 data transactions