paste1s.com Open in urlscan Pro
2606:4700:3037::6815:59f0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste1s.com/notes/PZ9HW1
Submission: On March 31 via manual (March 31st 2023, 9:41:05 am UTC) from US — Scanned from SG

Summary HTTP 43 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3037::6815:59f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste1s.com.
TLS certificate: Issued by GTS CA 1P5 on February 3rd 2023. Valid for: 3 months.

This is the only time paste1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3037::6815:59f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4005:81a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4005:80b::2008	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700:20:... 2606:4700:20::681a:51a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2404:6800:400... 2404:6800:4005:81a::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4005:811::200e	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4005:800::200e	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4005:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4005:815::2006	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4005:808::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4005:814::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4005:808::2016	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4005:80d::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4005:801::2003	15169 (GOOGLE) (GOOGLE)
43	16

4 2606:4700:3037::6815:59f0 (United States)

ASN13335 (CLOUDFLARENET, US)

paste1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4005:81a::200a (Central, Hong Kong)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:80b::2008 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:51a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

fstatic.netpub.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4005:81a::2002 (Central, Hong Kong) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4005:811::200e (Central, Hong Kong)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4005:800::200e (Central, Hong Kong)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4005:80b::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:815::2006 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4005:808::200a (Central, Hong Kong)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:814::2004 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:808::2016 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:80d::2001 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4005:801::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	851 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	80 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	32 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 285	6 KB
4	netpub.media 2 redirects fstatic.netpub.media — Cisco Umbrella Rank: 262585	732 B
4	paste1s.com paste1s.com	139 KB
3	google.com drive.google.com — Cisco Umbrella Rank: 365 www.google.com — Cisco Umbrella Rank: 2	54 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	88 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	70 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	48 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
43	13

	Domain	Requested by
9	www.youtube.com	paste1s.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fstatic.netpub.media	2 redirects paste1s.com
4	paste1s.com	paste1s.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	drive.google.com	paste1s.com drive.google.com
2	cdnjs.cloudflare.com	paste1s.com cdnjs.cloudflare.com
2	fonts.googleapis.com	paste1s.com drive.google.com
1	ssl.gstatic.com	drive.google.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	pagead2.googlesyndication.com	paste1s.com
1	www.googletagmanager.com	paste1s.com
43	18

This site contains links to these domains. Also see Links.

Domain
telegra.ph
click4r.com
note1s.com
link1s.com
1shorten.com
kiemlua.com

Subject Issuer	Validity	Valid
*.paste1s.com GTS CA 1P5	`2023-02-03` - `2023-05-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://paste1s.com/notes/PZ9HW1
Frame ID: 6F4B6CA869E46EB7C1462D789FBB5789
Requests: 16 HTTP requests in this frame

Frame: https://drive.google.com/embeddedfolderview?id=1eXPZxpm4IVfVhvD7SlI6nvi1rv1GyfYC
Frame ID: 5B6899747A76257988C4DD7650F9E65A
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zQxumtRA0Zg
Frame ID: 13E358E5F9DEC9B384B5DF0C83345F59
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 1707C243FE7FA1975417203088477553
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note: Cancer Issues - The Process Of Death

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

43
Requests

93 %
HTTPS

100 %
IPv6

13
Domains

18
Subdomains

16
IPs

2
Countries

1435 kB
Transfer

4701 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://telegra.ph/Death-Metal-Guitar-Lesson---Improving-Your-Picking-To-Really-Thrash-03-30
Title: funeral program

Search URL Search Domain Scan URL

URL: https://click4r.com/posts/g/8861566/how-to-fix-the-red-ring-of-death-error-in-less-than-two-hours
Title: funeral program

Search URL Search Domain Scan URL

URL: https://note1s.com/notes/4RL2CKJY
Title: funeral program

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút gọn link kiếm tiền

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All shorteners in One

Search URL Search Domain Scan URL

URL: https://kiemlua.com/
Title: Kiếm tiền Online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1680255660687 HTTP 301
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js

Request Chain 8

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1680255660689 HTTP 301
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js

Request Chain 22

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request PZ9HW1 Show response
paste1s.com/notes/ 15 KB
7 KB 381ms
359ms Document
text/html 2606:4700:3037::6815:59f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:59f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

a9ee178efe65a59f0905f5291af6136f552a440e972015f0b9539bda8c22205f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7b07a2541eb4a081-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 09:41:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDeQ%2FffWQ%2F%2B%2FEwJjrEZ0ZwMtx6CnzG%2F6SYO%2FIR%2B%2BDuUk6lJl1lgxOMU6LVi6OvZB85aa97J7Sr3w4EGmXm%2BDWBLlFeMyXSDVQtfpEYLmT8c%2FuXAZDBrKt0aXuyABGRdrRAVcA%2FIwNoUwiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
924 B 147ms
54ms Stylesheet
text/css 2404:6800:4005:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:81a::200a Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13fec3ec2c0627ac42565a8e76288112d98b6ab4085e680f18cc5292892fb0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 31 Mar 2023 09:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 09:41:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Mar 2023 09:41:00 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 23ms
10ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1243537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSoJoW5gAN4DwlveAzr1CyFAlmpLSKFUV9MPZbKvwpM93kF3w8xX0kKv6HGd9VoTTrjECifmjhfduFxCCSu5%2FFYXiVAr9nDoiNYuZBo7bbjdYVuCfowfz%2BZ0BusyznvW%2FJ3Y4HmDIB5VRMhs2FCmwr8F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b07a2567c5640d4-SIN
expires: Wed, 20 Mar 2024 09:41:00 GMT

GET
H2 200 app.css
paste1s.com/css/ 143 KB
25 KB 14ms
13ms Stylesheet
text/css 2606:4700:3037::6815:59f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/css/app.css?id=ebe28cb9d875b19bed6b

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:59f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0138a397ea954dfb7486525dcfdb18ff24b7c4d6c501981b76d731277f26f879

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/notes/PZ9HW1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362337
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 05:02:47 GMT
server: cloudflare
etag: W/"63dc9577-23c92"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPGIjsO2ejNay9kH7EYlnkuqs1FbIUBwYFSOcDLIDbZa3K6lQ3IIAPAmmGyBOwIm4%2B16MHi%2Bm%2Ff2WXhVeADtZm0iqgsWSCMh%2FmPvDjyJXCAsRKxCr6Go36g78W8da711wqwSRmG173B3hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b07a256688ba081-SIN
expires: Wed, 26 Apr 2023 05:02:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 149ms
56ms Script
application/javascript 2404:6800:4005:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:80b::2008 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11015d005521ed57f0c3cdd204f0c222c9eeef24c86feac7250e5e5ae8ca4f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45018
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 Mar 2023 09:41:00 GMT

GET
H3 200 logo.png
paste1s.com/images/ 23 KB
24 KB 11ms
11ms Image
image/png 2606:4700:3037::6815:59f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste1s.com/images/logo.png

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/notes/PZ9HW1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23690
pragma: public
last-modified: Fri, 03 Feb 2023 05:02:56 GMT
server: cloudflare
etag: "63dc9580-5c8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF5%2BC5k3NeyvlIeitgNSlcalw4FgybCz%2Bb0Lba0qT9RcDlsA746A%2BJzKk8SWVch2aHG7KuRi28xwcSMUfEkMXcBPgkLhQ9PHQ2SR85uG5NU1yJuWu0qfjw4yWt1g80RgsSN%2Bdsxx%2BrHfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b07a25749a5879f-SIN
expires: Wed, 26 Apr 2023 04:58:13 GMT

GET
H3 200 app.js Show response
paste1s.com/js/ 258 KB
84 KB 18ms
17ms Script
application/javascript 2606:4700:3037::6815:59f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/js/app.js?id=0e83dba9e8630f1a1f92

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e5fb043938f7aff456e97c06d85e24de3ed2a33dd62dea9886c24b67061185

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/notes/PZ9HW1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362567
cf-polished: origSize=263816
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 05:02:47 GMT
server: cloudflare
etag: W/"63dc9577-40688"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGejVdSIpSgGGvJ%2FkYugNaxo9lvhiOENTIYzkoHf43XdxXQ3Q%2BUaW7r%2Fa4qYoUKjj7VNNhHFsq5Z0HL1uL7d8ZKG5UGqUyb4Job600pT8M2wBAcWe3ZwSE8iB3qoI1Nd%2FskxG3CrIILuaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 7b07a25688ed879f-SIN
expires: Wed, 26 Apr 2023 04:58:13 GMT

GET
H2

404

service.js
fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/
Redirect Chain

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1680255660687
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js

0
0

176ms
175ms

Script
text/html

2606:4700:20::681a:51a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1
Protocol: H2
Server: 2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 31 Mar 2023 09:41:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDmbu%2BV473RVEnMGnqvwdKPVO6o4x1yFvMX4RfmJ5IrlADjqqIPpc9CjjZEIG%2BxoraJAS5O0xfJvUfSiGGanZ3U5MLIRkwR1%2By6ePRGWGzFkj6mkPPi7bFZe%2F2LkxJgTKh7TpWgjT2A%2FnSnREsMadZhd"}],"group":"cf-nel","max_age":604800}
location: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
cache-control: max-age=3600
cf-ray: 7b07a2576e9ca135-SIN
expires: Fri, 31 Mar 2023 10:41:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 164ms
73ms Script
text/javascript 2404:6800:4005:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:81a::2002 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb31a7a3e1673f4180b454fea464c54c050cd99ec810a1005673973bef3bb097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48199
x-xss-protection: 0
server: cafe
etag: 3988176137345673999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 09:41:00 GMT

GET
H2

404

service.js
fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/
Redirect Chain

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1680255660689
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js

0
0

176ms
176ms

Script
text/html

2606:4700:20::681a:51a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1
Protocol: H2
Server: 2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 31 Mar 2023 09:41:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvCdEP5zn2Iy4SRmVo2InOrXfcN8fiowGn%2Fd4m1H4asqIGTKoNjvOj50OcSv%2FIobH%2FC0HnlZZVywsbuN%2FVTPlyP6cT4o4x3I5j0RKJFUXBaPP8sN0kTO6qOCSao9%2Fehj1gMcyjVDEMSQbH5tlD%2BvekSm"}],"group":"cf-nel","max_age":604800}
location: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
cache-control: max-age=3600
cf-ray: 7b07a2576ea0a135-SIN
expires: Fri, 31 Mar 2023 10:41:00 GMT

GET
H2 200 embeddedfolderview Show response
drive.google.com/ Frame 5B68 8 KB
3 KB 549ms
454ms Document
text/html 2404:6800:4005:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/embeddedfolderview?id=1eXPZxpm4IVfVhvD7SlI6nvi1rv1GyfYC

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:811::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24f1dadc67cf787ff2c7f117b1872cc8af93567a5ccbc7f3fab6fb207855a599

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QklTPHuWU3W9VmurQJYMVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QklTPHuWU3W9VmurQJYMVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
date: Fri, 31 Mar 2023 09:41:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
server: GSE
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 zQxumtRA0Zg Show response
www.youtube.com/embed/ Frame 13E3 72 KB
31 KB 203ms
111ms Document
text/html 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zQxumtRA0Zg

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/PZ9HW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6728aa648ce61269b7e101d1609582afdc91ea7d5ff2bc85318d34081073b2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 09:41:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=zh-CN for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 23ms
16ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://paste1s.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2472291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmGvI%2BheF7JaQWbaAuBO1t3aYe5zUh7xlO%2BQnLC%2FMOT5TiiTqRZ95OmW58OHYBY0ntI1etmUUjgEc%2FgJOt4WMWL106YwGzOazQHEW5APCMSa5p5rSfkQsmNNdBX%2B%2BcDOdGdTOgF6gAjppgO0lrH1WHQz"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b07a2578be740b6-SIN
expires: Wed, 20 Mar 2024 09:41:00 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 131ms
40ms Font
font/woff2 2404:6800:4005:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:80b::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:36:49 GMT
x-content-type-options: nosniff
age: 255851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:36:49 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 12 KB
13 KB 132ms
49ms Font
font/woff2 2404:6800:4005:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:80b::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:47:16 GMT
x-content-type-options: nosniff
age: 255224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12736
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:47:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
39ms Script
text/javascript 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 08:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5749
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 31 Mar 2023 10:05:11 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
189 B 52ms
51ms XHR
text/plain 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=48615105&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2FPZ9HW1&ul=en-us&de=UTF-8&dt=Note%3A%20Cancer%20Issues%20-%20The%20Process%20Of%20Death&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=367274425&gjid=295452173&cid=601465491.1680255661&tid=UA-129758818-17&_gid=1098261535.1680255661&_r=1&gtm=457e33t0&jsscut=1&z=229684723

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste1s.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 09:41:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 4 KB
4 KB 40ms
39ms Font
font/woff2 2404:6800:4005:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:80b::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:11:56 GMT
x-content-type-options: nosniff
age: 91744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4252
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:11:56 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/931a8913/ Frame 13E3 400 KB
51 KB 39ms
39ms Stylesheet
text/css 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35cf24d2125ee634ad18070ecc44ec9d73e736b7d3b24f83d0fd274d780b448a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52114
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 14:56:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 1707 10 KB
5 KB 44ms
39ms Document
text/html 2404:6800:4005:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:81a::2002 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 09:23:59 GMT
etag: 2378337311435320485
expires: Fri, 14 Apr 2023 09:23:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/931a8913/www-embed-player.vflset/ Frame 13E3 348 KB
108 KB 39ms
38ms Script
text/javascript 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3adeef26fad2c537c7506bf1f293c1d3125c059dd57a660a6c5f5625ad9d69c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110483
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 14:57:17 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/ Frame 13E3 2 MB
613 KB 82ms
81ms Script
text/javascript 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea9b231a2201ff050351f9ea28eefea4ebd38f74af9dc974446bbbea2db214c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 15:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 627638
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 15:13:16 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/931a8913/fetch-polyfill.vflset/ Frame 13E3 9 KB
3 KB 81ms
80ms Script
text/javascript 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 326623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 14:57:17 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 13E3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

52ms
52ms

XHR
application/json

2404:6800:4005:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Server

2404:6800:4005:81a::2002 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e31e72184b1ca79264aa390502d22175132ade6b0ab3fbef54acec70ce3015b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 31 Mar 2023 09:41:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 13E3 29 B
495 B 129ms
38ms Script
text/javascript 2404:6800:4005:815::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:815::2006 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:35:11 GMT
x-content-type-options: nosniff
age: 350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 Mar 2023 09:50:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 144ms
52ms Preflight
text/html 2404:6800:4005:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:808::200a Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 31 Mar 2023 09:41:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 13E3 66 KB
30 KB 63ms
63ms XHR
application/json+protobuf 2404:6800:4005:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:808::200a Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd7a977d3b4044a477bed19e07262332e70d524ea385404cb708d3c0665a8520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 31 Mar 2023 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31007
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/ Frame 13E3 116 KB
36 KB 40ms
39ms Script
text/javascript 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad162c963ff2c6cd80e0deb980eac84070f6e7cc4f23597f6f7aba9bf6d2c212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36587
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 15:13:20 GMT

GET
H2 200 yh64qGL6cJWuaIuBylQ3olHoN540yfVTMqcwVUx5bOA.js Show response
www.google.com/js/th/ Frame 13E3 36 KB
14 KB 130ms
39ms Script
text/javascript 2404:6800:4005:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/yh64qGL6cJWuaIuBylQ3olHoN540yfVTMqcwVUx5bOA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:814::2004 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca1eb8a862fa7095ae688b81ca5437a251e8379e34c9f55332a730554c796ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14197
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Mar 2024 08:08:49 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/zQxumtRA0Zg/ Frame 13E3 70 KB
70 KB 172ms
79ms Image
image/jpeg 2404:6800:4005:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zQxumtRA0Zg/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:808::2016 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93012debdf6e5bd32d350dab27dd6cfda81fdaadcc3faff4c51ac6d1c4da27c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71244
x-xss-protection: 0
server: sffe
etag: "1613664743"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 11:41:01 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/ Frame 13E3 28 KB
9 KB 39ms
39ms Script
text/javascript 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe10f02d57cab9cae31d2475885ebaddda406fc4ea9d61e527da845505d9a804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 15:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8789
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 15:13:58 GMT

GET
DATA 200
OK truncated
/ Frame 13E3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 o9-yao0xt724hF2rkpQDlGI23uBzUkQOznw3vd8T0WGOccbMLkZZGcKUgKk8qERUTe7PRTpf=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 13E3 3 KB
3 KB 132ms
38ms Image
image/jpeg 2404:6800:4005:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/o9-yao0xt724hF2rkpQDlGI23uBzUkQOznw3vd8T0WGOccbMLkZZGcKUgKk8qERUTe7PRTpf=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:80d::2001 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

884d3c5ea16d0e611d30c0b649f48f63d6837f6f3fd4533284e017c611f3dac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 06:44:01 GMT
x-content-type-options: nosniff
age: 10620
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2730
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Mar 2023 21:44:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 13E3 15 KB
15 KB 41ms
40ms Font
font/woff2 2404:6800:4005:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:80b::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:09:45 GMT
x-content-type-options: nosniff
age: 91876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:09:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 13E3 15 KB
15 KB 41ms
41ms Font
font/woff2 2404:6800:4005:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:80b::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 256201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5B68 10 KB
847 B 56ms
55ms Stylesheet
text/css 2404:6800:4005:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en

Requested by

Host: drive.google.com
URL: https://drive.google.com/embeddedfolderview?id=1eXPZxpm4IVfVhvD7SlI6nvi1rv1GyfYC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:81a::200a Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

273a6195b2780c1e45e18de13f69107d59ea3bea80a359d645557098944af060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 31 Mar 2023 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 09:41:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Mar 2023 09:41:01 GMT

GET
H2 200 4091102073-folderlandingpage.css
drive.google.com/static/doclist/client/css/ Frame 5B68 327 KB
37 KB 40ms
39ms Stylesheet
text/css 2404:6800:4005:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/static/doclist/client/css/4091102073-folderlandingpage.css

Requested by

Host: drive.google.com
URL: https://drive.google.com/embeddedfolderview?id=1eXPZxpm4IVfVhvD7SlI6nvi1rv1GyfYC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:811::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d509370adee85ffb3608f848e28739701140caa397c04dc9f1ef4b3e40e22821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://drive.google.com/embeddedfolderview?id=1eXPZxpm4IVfVhvD7SlI6nvi1rv1GyfYC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 08:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37917
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 08:58:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 26 Mar 2024 08:59:10 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 13E3 4 KB
2 KB 152ms
61ms Script
text/javascript 2404:6800:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:801::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:41:01 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 13E3 0
10 B 40ms
40ms Image
text/plain 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?IoBnkw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/zQxumtRA0Zg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:41:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 folder_list_shared-42c0c113afece2f86061c72f1124556f.png
ssl.gstatic.com/docs/doclist/images/ Frame 5B68 1 KB
2 KB 135ms
41ms Image
image/png 2404:6800:4005:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/doclist/images/folder_list_shared-42c0c113afece2f86061c72f1124556f.png

Requested by

Host: drive.google.com
URL: https://drive.google.com/static/doclist/client/css/4091102073-folderlandingpage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:80b::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e902828b988f71ad72ccc4fa82b65165c6681ef03de61f94383cde90cf94f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 141653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1521
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Thu, 28 Mar 2024 18:20:08 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 13E3 94 B
138 B 55ms
54ms XHR
application/json+protobuf 2404:6800:4005:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:808::200a Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01c195597434efc9f8f5e94243838a2371384d77796dd091492a1e3df55a437e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 31 Mar 2023 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
52ms Preflight
text/html 2404:6800:4005:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:808::200a Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 31 Mar 2023 09:41:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 13E3 48 KB
14 KB 39ms
39ms Script
text/javascript 2404:6800:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4005:801::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 10:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 31 Mar 2023 10:06:05 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 13E3 28 B
50 B 60ms
57ms XHR
application/json 2404:6800:4005:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4005:800::200e Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time: 1680255663198
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/zQxumtRA0Zg
X-YouTube-Client-Version: 1.20230326.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtVSXp4bms1cExBcyis1ZqhBg%3D%3D
X-YouTube-Ad-Signals: dt=1680255661028&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 31 Mar 2023 09:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste1s.com/	1970-01-20 10:44:22	Name: XSRF-TOKEN Value: eyJpdiI6IlZkSWdvS0JtVjRuZzJ3VytMY2xhQ3c9PSIsInZhbHVlIjoiSXJtU25GN3VZYjRrVm1UU25kUzR4cVA2Zm1rMHh5d1pkWGJPQ1U1YmtIU2ZjUTJlRzdjNzZOdXJwV0VEdG5LR2EyVUdKb1BKaWZBMVdYN3FxcmdhWGlKMWZ1TzU1bUo2bUo1N1pHQ1R2WXJ4QU92QUZnZE9pbVUxQ0xlU2VtVy8iLCJtYWMiOiIzZmMzNzMxMzM4N2IwYzRhMjIzNjg2YmIxMzU4MDhhNzU4OGUzZTczNGMzZmFhM2E4MmQ5ODU0ZmJhZWNiOWNmIn0%3D
paste1s.com/	1970-01-20 10:44:22	Name: online_notepad_take_notes_and_earn_money_at_paste1scom_session Value: eyJpdiI6IlFOdFBhM1E1M3hZTnhWZTFSY3dlK1E9PSIsInZhbHVlIjoiRFgxdHkrQVBOVHdRdFlnemVlYVN5ZjlxVHdEUnhsQWtIYXlXbGlPQnFWeWI4S2g2eG1ZTzhWK1paY0pwZUxZalF0K3V0dU1uMDhrUG11bXNZOUE0L1I5L2YwbzM4RmtOR2NYazFqdTlraVMxMU15YmlIYzIwakxBUnRqSC9zeTkiLCJtYWMiOiIyY2U1MGY2MTIxMTY0MmMxYjE4ZGY2N2UzZDZmYTcwNzQwM2Q2MzYxZDQwYmM0MjFmYTk4MzIzMjU3Y2Y5YzJkIn0%3D
.paste1s.com/	1970-01-20 20:20:15	Name: _ga Value: GA1.2.601465491.1680255661
.paste1s.com/	1970-01-20 10:45:42	Name: _gid Value: GA1.2.1098261535.1680255661
.paste1s.com/	1970-01-20 10:44:15	Name: _gat_gtag_UA_129758818_17 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eFPZuVG1kY8
.youtube.com/	1970-01-20 15:03:27	Name: VISITOR_INFO1_LIVE Value: UIzxnk5pLAs
.google.com/	1970-01-20 15:07:46	Name: NID Value: 511=hfSy6kZUizc8DDflCGQ7jRwNjDCzKRywKxu7SN4nzutK92f06uCQy4ucpJtoXOHFd19bIiGMgW9vQgi7WV60VkiroRp009p6pHOw1uEq4YDZ2Jt24aS5xO4_sJU96CbTC-Nz4doegkT_ZPVZCYF57fvnBxy9clwbYoSKy-5nBsw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
fstatic.netpub.media
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pagead2.googlesyndication.com
paste1s.com
ssl.gstatic.com
static.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2404:6800:4005:800::200e
2404:6800:4005:801::2003
2404:6800:4005:808::200a
2404:6800:4005:808::2016
2404:6800:4005:80b::2003
2404:6800:4005:80b::2008
2404:6800:4005:80d::2001
2404:6800:4005:811::200e
2404:6800:4005:814::2004
2404:6800:4005:815::2006
2404:6800:4005:81a::2002
2404:6800:4005:81a::200a
2606:4700:20::681a:51a
2606:4700:3037::6815:59f0
2606:4700::6811:180e
0138a397ea954dfb7486525dcfdb18ff24b7c4d6c501981b76d731277f26f879
01c195597434efc9f8f5e94243838a2371384d77796dd091492a1e3df55a437e
0e31e72184b1ca79264aa390502d22175132ade6b0ab3fbef54acec70ce3015b
11015d005521ed57f0c3cdd204f0c222c9eeef24c86feac7250e5e5ae8ca4f31
13fec3ec2c0627ac42565a8e76288112d98b6ab4085e680f18cc5292892fb0f9
24f1dadc67cf787ff2c7f117b1872cc8af93567a5ccbc7f3fab6fb207855a599
273a6195b2780c1e45e18de13f69107d59ea3bea80a359d645557098944af060
31e5fb043938f7aff456e97c06d85e24de3ed2a33dd62dea9886c24b67061185
35cf24d2125ee634ad18070ecc44ec9d73e736b7d3b24f83d0fd274d780b448a
3adeef26fad2c537c7506bf1f293c1d3125c059dd57a660a6c5f5625ad9d69c2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ea9b231a2201ff050351f9ea28eefea4ebd38f74af9dc974446bbbea2db214c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
6728aa648ce61269b7e101d1609582afdc91ea7d5ff2bc85318d34081073b2a2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68e902828b988f71ad72ccc4fa82b65165c6681ef03de61f94383cde90cf94f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
884d3c5ea16d0e611d30c0b649f48f63d6837f6f3fd4533284e017c611f3dac2
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
93012debdf6e5bd32d350dab27dd6cfda81fdaadcc3faff4c51ac6d1c4da27c8
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
a9ee178efe65a59f0905f5291af6136f552a440e972015f0b9539bda8c22205f
ad162c963ff2c6cd80e0deb980eac84070f6e7cc4f23597f6f7aba9bf6d2c212
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca1eb8a862fa7095ae688b81ca5437a251e8379e34c9f55332a730554c796ce0
cb31a7a3e1673f4180b454fea464c54c050cd99ec810a1005673973bef3bb097
cd7a977d3b4044a477bed19e07262332e70d524ea385404cb708d3c0665a8520
d509370adee85ffb3608f848e28739701140caa397c04dc9f1ef4b3e40e22821
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fe10f02d57cab9cae31d2475885ebaddda406fc4ea9d61e527da845505d9a804

paste1s.com Open in urlscan Pro 2606:4700:3037::6815:59f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

100 %IPv6

13 Domains

18 Subdomains

16 IPs

2 Countries

1435 kBTransfer

4701 kBSize

8 Cookies

6 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste1s.com Open in urlscan Pro
2606:4700:3037::6815:59f0 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

100 %
IPv6

13
Domains

18
Subdomains

16
IPs

2
Countries

1435 kB
Transfer

4701 kB
Size

8
Cookies

43 HTTP transactions
1 data transactions