www.firstpost.com Open in urlscan Pro
104.75.89.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://firstpost.com/
Effective URL:
https://www.firstpost.com/
Submission Tags: falconsandbox
Submission: On September 12 via api (September 12th 2023, 10:36:44 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 18 domains to perform 89 HTTP transactions. The main IP is 104.75.89.173, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.firstpost.com. The Cisco Umbrella rank of the primary domain is 278277.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 8th 2023. Valid for: a year.

This is the only time www.firstpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.206.209.115 23.206.209.115	16625 (AKAMAI-AS) (AKAMAI-AS)
12	104.75.89.173 104.75.89.173	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
9	20.38.127.4 20.38.127.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:480... 2a02:26f0:480:f::213:7ee0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.208.149.253 23.208.149.253	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:3800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	107.21.249.220 107.21.249.220	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:11::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
89	27

1 23.206.209.115 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-115.deploy.static.akamaitechnologies.com

firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.75.89.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-173.deploy.static.akamaitechnologies.com

www.firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 20.38.127.4 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nw18videostorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:f::213:7ee0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.149.253 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-149-253.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:3800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.249.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-249-220.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:11::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5lznez.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	firstpost.com 1 redirects firstpost.com — Cisco Umbrella Rank: 207345 www.firstpost.com — Cisco Umbrella Rank: 278277 images.firstpost.com — Cisco Umbrella Rank: 335571	256 KB
16	youtube.com www.youtube.com — Cisco Umbrella Rank: 81	3 MB
9	windows.net nw18videostorage.blob.core.windows.net	1 MB
8	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 static.doubleclick.net — Cisco Umbrella Rank: 300	160 KB
7	googlevideo.com rr2---sn-4g5lznez.googlevideo.com — Cisco Umbrella Rank: 63514	1 MB
5	google.com www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 33	94 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 240	31 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16399	77 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1638 mab.chartbeat.com — Cisco Umbrella Rank: 2837	25 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	226 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	3 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 223	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1418	201 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 6306	598 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 568	114 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5677	408 B
89	18

	Domain	Requested by
16	www.youtube.com	www.youtube.com
12	www.firstpost.com	www.firstpost.com www.googletagmanager.com
9	nw18videostorage.blob.core.windows.net	www.firstpost.com
7	rr2---sn-4g5lznez.googlevideo.com	www.youtube.com
7	images.firstpost.com	www.firstpost.com
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
3	cdn.izooto.com	www.googletagmanager.com cdn.izooto.com
3	accounts.google.com	www.firstpost.com accounts.google.com
3	www.googletagmanager.com	www.firstpost.com www.googletagmanager.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	fonts.gstatic.com	www.youtube.com
2	securepubads.g.doubleclick.net	www.firstpost.com securepubads.g.doubleclick.net
2	static.chartbeat.com	www.firstpost.com
2	www.google.com	www.firstpost.com www.youtube.com
2	www.google-analytics.com	www.firstpost.com www.google-analytics.com
2	sb.scorecardresearch.com	www.firstpost.com
1	region1.google-analytics.com	www.googletagmanager.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net
1	chimpstatic.com	www.firstpost.com
1	ads.pubmatic.com	www.firstpost.com
1	www.google.de	www.firstpost.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	firstpost.com	1 redirects
89	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.news18.com
www.moneycontrol.com
www.cnbctv18.com
overdrive.in
www.forbesindia.com
www.topperlearning.com

Subject Issuer	Validity	Valid
nw18.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-08` - `2024-02-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
images.firstpost.com R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-29` - `2023-11-07`	2 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.firstpost.com/
Frame ID: 7E66E7DF5AB0FEA7C949F05266D90A34
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
Frame ID: DF0D67A70ECFF26ABF412D6D9417B31C
Requests: 36 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 8B86FC1D17EEFE883A9E0BA4D81E8650
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LIVE updates, Latest News, Breaking News, World News, Sports News, Bollywood News, Business, Entertainment, Tech, Political News and more – Firstpost

Page URL History Show full URLs

http://firstpost.com/ HTTP 301
https://www.firstpost.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

98 %
HTTPS

74 %
IPv6

18
Domains

27
Subdomains

27
IPs

4
Countries

6511 kB
Transfer

9694 kB
Size

11
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/firstpostin

Search URL Search Domain Scan URL

URL: https://twitter.com/firstpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/firstpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCz8QaiQxApLq8sLNcszYyJw/featured

Search URL Search Domain Scan URL

URL: https://www.news18.com/rising-india-summit/
Title: #RisingIndia

Search URL Search Domain Scan URL

URL: https://www.moneycontrol.com/promos/pro.php?utm_source=firstpost-header&utm_medium=referral&utm_campaign=Pro365
Title: FREEDOM365

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Firstpost/165818073477856
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.moneycontrol.com/
Title: Moneycontrol

Search URL Search Domain Scan URL

URL: https://www.news18.com/
Title: News18

Search URL Search Domain Scan URL

URL: https://www.cnbctv18.com/
Title: CNBC TV18

Search URL Search Domain Scan URL

URL: https://overdrive.in/
Title: Overdrive

Search URL Search Domain Scan URL

URL: https://www.forbesindia.com/
Title: Forbes India

Search URL Search Domain Scan URL

URL: https://www.topperlearning.com/
Title: TopperLearning

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://firstpost.com/ HTTP 301
https://www.firstpost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 73

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.firstpost.com/
Redirect Chain

http://firstpost.com/
https://www.firstpost.com/

512 KB
80 KB

131ms
39ms

Document
text/html

104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

39eca66b5a6c6ada2be3d2ce2442ae82e7aa6daaf089e63a21858ed5036774e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, max-age=58
content-encoding: gzip
content-length: 81269
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 22:36:36 GMT
etag: W/"8017f-4Ys4LCnYlrsl14PMfLZUFazi974"
ntcoent-length: 524671
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Tue, 12 Sep 2023 22:36:36 GMT
Location: https://www.firstpost.com/
Server: AkamaiGHost
X-Frame-Options: SAMEORIGIN

GET
H2 200 jquery-3.4.0.min.js Show response
www.firstpost.com/static/js/ 86 KB
33 KB 32ms
32ms Script
application/javascript 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/static/js/jquery-3.4.0.min.js

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
content-encoding: gzip
ntcoent-length: 88151
content-length: 33604
last-modified: Tue, 23 Jun 2020 08:58:12 GMT
etag: W/"15857-172e0663073"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, max-age=21068933
access-control-allow-credentials: false
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 84ms
36ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22956444-1

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8252e7c6661d3ee6c77e096e0701d5afa962b27a7e91eb0ee491643200a455ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64282
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 21:58:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Sep 2023 22:36:36 GMT

GET
H2 200 fp-desk-logo.png
www.firstpost.com/static/images/ 3 KB
4 KB 29ms
29ms Image
image/png 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstpost.com/static/images/fp-desk-logo.png

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

63d1837bf0033a10e20387a9aecc5079d1f49e61f72363195173c773657acba4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 12 Sep 2023 22:36:36 GMT
last-modified: Wed, 01 Jul 2020 13:01:39 GMT
etag: W/"d9a-1730a77f17c"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3482

GET
H/1.1 200
OK fb59d6ee-ff24-4ab9-9e7d-4a828ef51f66.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 144 KB
144 KB 779ms
187ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/fb59d6ee-ff24-4ab9-9e7d-4a828ef51f66.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 92c9b128fc6cd038cc65ede952bf13e943924bc5e37da4afdfffce08e733e2f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:37 GMT
Last-Modified: Tue, 12 Sep 2023 06:46:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: w9CKdvkcW+yVOVuuUEkBlg==
ETag: 0x8DBB35BF5CB0FEF
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 99825ee0-201e-0058-3ac9-e5634b000000
x-ms-version: 2009-09-19
Content-Length: 147468

GET
H/1.1 200
OK 532c5558-7a1f-4dc2-b97e-9ffdb3a291d9.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 164 KB
164 KB 808ms
215ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/532c5558-7a1f-4dc2-b97e-9ffdb3a291d9.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aec0910388e633291bb8d67bdff5d9fcfdcc597aae44dfcf28c5249b2988098e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:37 GMT
Last-Modified: Tue, 12 Sep 2023 18:01:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: swZ6NFPhT4LOXvjxf3L3aA==
ETag: 0x8DBB3BA40C45BFB
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: adb4e41d-a01e-001b-7ac9-e58517000000
x-ms-version: 2009-09-19
Content-Length: 168006

GET
H/1.1 200
OK 3aac873c-8c4a-4273-b53b-d50e85497bab.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 182 KB
183 KB 807ms
182ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/3aac873c-8c4a-4273-b53b-d50e85497bab.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 89e2025a2e5eb1561e041f44699e64a6e27dc8fe1d967d5af5ac282848864446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:36 GMT
Last-Modified: Tue, 12 Sep 2023 17:51:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: UUPbOLwnQQHhB0jL3rE6IA==
ETag: 0x8DBB3B8DAA3120A
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 380e7f62-c01e-0040-02c9-e5bc2c000000
x-ms-version: 2009-09-19
Content-Length: 186816

GET
H/1.1 200
OK e982b49b-5b2a-42c2-93ed-a43437f13d88.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 175 KB
176 KB 1448ms
180ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/e982b49b-5b2a-42c2-93ed-a43437f13d88.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1f4cb57e97dab0aa5893cac6c75eb4f07b725b884aef1914f2c0a35e581612db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:37 GMT
Last-Modified: Tue, 12 Sep 2023 17:43:11 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Nv3WhnvxPIxGuDvzr/onKw==
ETag: 0x8DBB3B7BBF4377A
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 1d6e14c3-b01e-005a-41c9-e5ddf3000000
x-ms-version: 2009-09-19
Content-Length: 179397

GET
H/1.1 200
OK e7bb3755-8ff9-45b4-9da2-3d90ee97b66b.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 144 KB
145 KB 1480ms
181ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/e7bb3755-8ff9-45b4-9da2-3d90ee97b66b.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 811bcbe127edab81655aedca6323d6239968e83c874ae5ae914f1ff4b9328373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:37 GMT
Last-Modified: Tue, 12 Sep 2023 17:34:11 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 2/VP5jaMnh/3YcYxJ9GUmA==
ETag: 0x8DBB3B67A095AE7
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 70419b1b-d01e-004c-73c9-e52b24000000
x-ms-version: 2009-09-19
Content-Length: 147905

GET
H/1.1 200
OK 17a138a6-dc1b-4810-9a3e-02f809f2c89f.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 181 KB
181 KB 1499ms
183ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/17a138a6-dc1b-4810-9a3e-02f809f2c89f.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98c6002d7c913c67619b1312af12ed1531c0f3da8945c2a574bd2b7c03e7fe24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:38 GMT
Last-Modified: Tue, 12 Sep 2023 17:28:11 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 0nBLdHwQ7r564or4G3P1tA==
ETag: 0x8DBB3B5A399762D
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 99826042-201e-0058-5dc9-e5634b000000
x-ms-version: 2009-09-19
Content-Length: 185046

GET
H/1.1 200
OK f9c3a860-e4f1-4be0-a551-00c70194c99e.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 153 KB
153 KB 593ms
180ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/f9c3a860-e4f1-4be0-a551-00c70194c99e.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7b100d581f55f942d31ab939aff23f9755eaeb0bdbaeb7dfdab586bbe21e0b53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:36 GMT
Last-Modified: Tue, 12 Sep 2023 17:14:14 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: BMNDQwearUJRF+YYKnlYXA==
ETag: 0x8DBB3B3B078D483
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 1d6e13d0-b01e-005a-75c9-e5ddf3000000
x-ms-version: 2009-09-19
Content-Length: 156547

GET
H/1.1 200
OK 9d1d1971-1b29-4d3c-97f2-cdf818dc334b.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 151 KB
152 KB 610ms
181ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/9d1d1971-1b29-4d3c-97f2-cdf818dc334b.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 874c622850e2b5b1ade658f62ec5a6a6d863dc9b22a0a3e04c8d60b5f8150189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:36 GMT
Last-Modified: Tue, 12 Sep 2023 17:07:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: J1Bsre4vl0vutdaqMR1EpQ==
ETag: 0x8DBB3B2B857408D
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 704199ac-d01e-004c-2fc9-e52b24000000
x-ms-version: 2009-09-19
Content-Length: 154991

GET
H/1.1 200
OK ed5de76e-2b68-45e8-8fee-d688bf267c82.jpeg
nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ 195 KB
195 KB 619ms
190ms Image
image/jpeg 20.38.127.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nw18videostorage.blob.core.windows.net/nw18thumbnailcontainer/Firstpost/ed5de76e-2b68-45e8-8fee-d688bf267c82.jpeg
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.127.4 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98a450dbb209e87dc5db6d7b51661be8eae1e14db54c372fb3d9f09af2ed7460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 12 Sep 2023 22:36:36 GMT
Last-Modified: Tue, 12 Sep 2023 16:55:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: BakekSrTzodYnq7kWz2QaA==
ETag: 0x8DBB3B10BB0AB5E
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: b2387c03-601e-003b-21c9-e5feb0000000
x-ms-version: 2009-09-19
Content-Length: 199571

GET
H2 200 fplogo_placeholder_640x362.jpg
www.firstpost.com/static/images/ 4 KB
4 KB 30ms
28ms Image
image/jpeg 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstpost.com/static/images/fplogo_placeholder_640x362.jpg

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

60a40b2138cfd47cd85f899cd3612c34acd3ecd26597b5034a7d65ad62f01687

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
last-modified: Wed, 17 Jun 2020 09:37:38 GMT
etag: W/"ebf-172c1a421d7"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3775

GET
H2 200 fplogo_placeholder_192x104.jpg
www.firstpost.com/static/images/ 2 KB
3 KB 38ms
37ms Image
image/jpeg 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstpost.com/static/images/fplogo_placeholder_192x104.jpg

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

dba1bb2c05a93eb27a3807b6266c06045effe4507f25fb28644474bcf0c23640

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
last-modified: Tue, 23 Jun 2020 08:58:12 GMT
etag: W/"95b-172e066306f"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2395

GET
H2 200 fplogo_placeholder_120x120.jpg
www.firstpost.com/static/images/ 2 KB
2 KB 37ms
36ms Image
image/jpeg 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstpost.com/static/images/fplogo_placeholder_120x120.jpg

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

171118490bb0c67cf2962c96ddd03a8decaa186bc5209138311a62df29f30dbe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
last-modified: Wed, 17 Jun 2020 09:37:38 GMT
etag: W/"769-172c1a421aa"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1897

GET
H2 200 fp-logo.png
www.firstpost.com/static/images/ 1 KB
2 KB 38ms
37ms Image
image/png 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstpost.com/static/images/fp-logo.png

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

8389b20c82fb8ca21eebe5bba0fdeeccaf254bb4af457b5803325ad57f29b65b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
last-modified: Tue, 23 Jun 2020 08:58:12 GMT
etag: W/"52c-172e066306f"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1324

GET
H2 200 main-fp.js Show response
www.firstpost.com/static/js/ 35 KB
11 KB 34ms
33ms Script
application/javascript 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/static/js/main-fp.js

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

99d87357f51eae8c3c7d3a7b8615068280f97f3051a97462e94da3faef8f85ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
content-encoding: gzip
content-length: 10465
cteonnt-length: 35645
last-modified: Fri, 28 Jul 2023 13:29:41 GMT
etag: W/"8b3d-1899cb0d239"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, max-age=27528969
access-control-allow-credentials: false
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 91ms
25ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 03:17:33 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 69544
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 6PsyMkJvN6ps07Qo9LBhBG2ItD1CKUFgounqU6gQEpQ-5_ZDOd0ZbQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Sep 2023 21:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2813
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Sep 2023 23:49:43 GMT

GET
H2 200 playfair-display.woff2
www.firstpost.com/static/fonts/ 35 KB
35 KB 29ms
29ms Font
font/woff2 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/static/fonts/playfair-display.woff2

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.firstpost.com/
Origin: https://www.firstpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
last-modified: Thu, 01 Dec 2022 10:46:03 GMT
etag: W/"8bb4-184cd4b2190"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: font/woff2
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 35764

GET
H2 200 pubstack-player.web.api.min.js Show response
www.firstpost.com/static/v2-9/ 111 KB
27 KB 32ms
32ms Script
application/javascript 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/static/v2-9/pubstack-player.web.api.min.js?v=4.2

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dff47431c716b91b15e5263db8b52baf0abbb004090ccc4d670d65676b6325d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:36 GMT
content-encoding: gzip
ntcoent-length: 113815
content-length: 27206
last-modified: Wed, 25 Jan 2023 13:44:43 GMT
etag: W/"1bc97-185e92c74fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, max-age=22430372
access-control-allow-credentials: false
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 24ms
24ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6683813&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694558197027&ns_c=UTF-8&c7=https%3A%2F%2Fwww.firstpost.com%2F&c8=LIVE%20updates%2C%20Latest%20News%2C%20Breaking%20News%2C%20World%20News%2C%20Sports%20News%2C%20Bollywood%20News%2C%20Business%2C%20Entertainment%2C%20Tech%2C%20Political%20News%20and%20more%20%E2%80%93%20Firstpost&c9=
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 0w59dUC51-eCzgdiceYX5U33aZWkoBa9sBjGkOXgchTkyoy9WMMp8A==
x-cache: Miss from cloudfront

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 30ms
29ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2145619090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstpost.com%2F&ul=en-us&de=UTF-8&dt=LIVE%20updates%2C%20Latest%20News%2C%20Breaking%20News%2C%20World%20News%2C%20Sports%20News%2C%20Bollywood%20News%2C%20Business%2C%20Entertainment%2C%20Tech%2C%20Political%20News%20and%20more%20%E2%80%93%20Firstpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=36245327&gjid=6213883&cid=1813970039.1694558197&tid=UA-22956444-1&_gid=1521140883.1694558197&_r=1&gtm=457e3960&cd12=Taboola%20Yes&jsscut=1&z=544479057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22956444-1&cid=1813970039.1694558197&jid=36245327&gjid=6213883&_gid=1521140883.1694558197&_u=YEDAAUAAAAAAACAAI~&z=1451386793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Sep 2023 22:36:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 169454472497.jpg
images.firstpost.com/wp-content/uploads/fpranking/ 16 KB
17 KB 109ms
30ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fpranking/169454472497.jpg?impolicy=website&width=640&height=362
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 4c6446a5cff21c7147884b5e080c3eb1eb6454a77fafae65f31fef466ec26033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 18:54:16 GMT
server: Akamai Image Manager
etag: "ae740-6052dcc36ff6f"
content-type: image/avif
cache-control: private, no-transform, max-age=2578612
content-length: 16715
expires: Thu, 12 Oct 2023 18:53:29 GMT

GET
H2 200 1694527733321.jpg
images.firstpost.com/wp-content/uploads/fpranking/ 4 KB
4 KB 113ms
34ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fpranking/1694527733321.jpg?impolicy=website&width=203&height=114
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f6df37c8a836350b2bd5e00bcea1b008acf3edb06e0a6e326bca68a10abceb49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 14:09:58 GMT
server: Akamai Image Manager
etag: "832e-60529d776f623"
content-type: image/avif
cache-control: private, no-transform, max-age=2561458
content-length: 4393
expires: Thu, 12 Oct 2023 14:07:35 GMT

GET
H2 200 1694525169440.jpg
images.firstpost.com/wp-content/uploads/fpranking/ 6 KB
6 KB 112ms
33ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fpranking/1694525169440.jpg?impolicy=website&width=203&height=114
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 10d302dc73335dd811f1b6d2c4732d89204a6f03c5ecc8dcf0bc7f219280eb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 13:26:30 GMT
x-serial: 1316
server: Akamai Image Manager
x-check-cacheable: YES
etag: "1cd0a-605293e9c659d"
content-type: image/avif
cache-control: private, no-transform, max-age=2559046
content-length: 5671
expires: Thu, 12 Oct 2023 13:27:23 GMT

GET
H2 200 169453349254.jpg
images.firstpost.com/wp-content/uploads/fpranking/ 2 KB
3 KB 111ms
32ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fpranking/169453349254.jpg?impolicy=website&width=203&height=114
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 8da4efe96443f193d4990a51c7d95c486a4de4343403b1328783c15a55fea157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 15:47:12 GMT
x-serial: 10
server: Akamai Image Manager
x-check-cacheable: YES
etag: "6aa4-6052b2eb67698"
content-type: image/avif
cache-control: private, no-transform, max-age=2567453
content-length: 2508
expires: Thu, 12 Oct 2023 15:47:30 GMT

GET
H2 200 169453349266.jpg
images.firstpost.com/wp-content/uploads/fpranking/ 3 KB
3 KB 111ms
33ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fpranking/169453349266.jpg?impolicy=website&width=130&height=73
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 97ee11e8a2fb7f106966ddc28aaa9be0ccf28c81f8712f0a2ec5cc15cba9fb44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 15:47:18 GMT
x-serial: 1196
server: Akamai Image Manager
x-check-cacheable: YES
etag: "14435-6052b2eb6f552"
content-type: image/avif
cache-control: private, no-transform, max-age=2567444
content-length: 3336
expires: Thu, 12 Oct 2023 15:47:21 GMT

GET
H2 200 1694504866806.jpg
images.firstpost.com/wp-content/uploads/fpranking/ 2 KB
2 KB 112ms
33ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fpranking/1694504866806.jpg?impolicy=website&width=130&height=73
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: fcff8c2b35dd0c3f77699f3c6974540465a4edcb18f294ef491113498da09f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 07:49:06 GMT
server: Akamai Image Manager
etag: "6a8f-605248482ec2b"
content-type: image/avif
cache-control: private, no-transform, max-age=2538814
content-length: 1884
expires: Thu, 12 Oct 2023 07:50:11 GMT

GET
H2 200 WhatsApp-Image-2023-09-12-at-2.43.09-PM.jpeg
images.firstpost.com/wp-content/uploads/2023/09/ 19 KB
19 KB 28ms
28ms Image
image/avif 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/2023/09/WhatsApp-Image-2023-09-12-at-2.43.09-PM.jpeg?impolicy=website&width=640&height=362
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 255781034c026b1f3307e9386aa722b44d8d1148705843811d751c7372f0d5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:37 GMT
last-modified: Tue, 12 Sep 2023 09:18:53 GMT
x-serial: 1052
server: Akamai Image Manager
x-check-cacheable: YES
etag: "9acd-60525bce58da8"
content-type: image/avif
cache-control: private, no-transform, max-age=2544107
content-length: 19140
expires: Thu, 12 Oct 2023 09:18:24 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 85ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22956444-1&cid=1813970039.1694558197&jid=36245327&_u=YEDAAUAAAAAAACAAI~&z=1875127921

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 86ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22956444-1&cid=1813970039.1694558197&jid=36245327&_u=YEDAAUAAAAAAACAAI~&z=1875127921

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/113941/3204/ 573 KB
114 KB 322ms
22ms Script
application/javascript 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/113941/3204/pwt.js
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 22f9c09ced8cd69a8e13bd536e3ee6fa4ea34bb4e861d004f245121a110d5a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:38 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 12:15:45 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=121642
accept-ranges: bytes
content-length: 115881
expires: Thu, 14 Sep 2023 08:24:00 GMT

GET
H/1.1 200
OK 0084276cc5ca765622f51f8eb.js Show response
chimpstatic.com/mcjs-connected/js/users/5eea658f179c37d2555573fac/ 50 B
598 B 327ms
28ms Script
application/javascript 23.208.149.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/5eea658f179c37d2555573fac/0084276cc5ca765622f51f8eb.js
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.149.253 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-149-253.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Unused62: 8096267
X-EdgeConnect-Origin-MEX-Latency: 103
Date: Tue, 12 Sep 2023 22:36:38 GMT
Last-Modified: Mon, 10 Aug 2020 13:23:37 GMT
Server: AmazonS3
x-amz-request-id: 5M2WCQ7VEK2T4K0M
X-EdgeConnect-MidMile-RTT: 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=434
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: CGeVEF3Ibnrl7T0o4xSqFyRobxVzogCMrazwcPTN1xixcvY3ozm4sjVzVQQtxs5vsMpfAO2WLQY=
Expires: Tue, 12 Sep 2023 22:43:52 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 324ms
25ms Script
application/x-javascript 2600:9000:2057:3800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:21:26 GMT
content-encoding: gzip
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 18912
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: a5N9vYSkDxlCXVJaJ9m8rCs0R0wx_gnwn7h3pZNGWO3aQAWqUcNK8w==
expires: Wed, 13 Sep 2023 17:21:26 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 326ms
27ms Script
application/x-javascript 2600:9000:2057:3800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.firstpost.com
URL: https://www.firstpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:55:53 GMT
content-encoding: gzip
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:37:14 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 20445
etag: W/"649b80ba-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vIA8aavvaERdqvFY9hLigq-ppAa3_3cxwEY4zaUOuJm27FjPoCoqlg==
expires: Wed, 13 Sep 2023 16:55:53 GMT

GET
H2 200 1k4KVsuAb5M Show response
www.youtube.com/embed/ Frame DF0D 88 KB
39 KB 140ms
77ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e9e3bb60d9b9a0c18fc27fe192a02825a66285865692c442706cf9bb35a199d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 22:36:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 523ms
255ms Image
image/gif 107.21.249.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=firstpost.com&p=%2F&u=CJOX4XB47Dt8DPsqs7&d=firstpost.com&g=20831&g0=Home&g1=No%20Author&g4=Homepage&n=1&f=00001&c=0&x=0&m=0&y=14633&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.firstpost.com%2F&b=1977&t=D9RfKOCb2-V8CppIM3DZozi-UK5VB&V=141&i=LIVE%20updates%2C%20Latest%20News%2C%20Breaking%20News%2C%20World%20News%2C%20Sports%20News%2C%20Bollywood%20News%2C%20Business%2C%20Entertainment%2C%20Tech%2C%20Political%20News%20and%20more%20%E2%80%93%20Firstpost&tz=-120&sn=1&sv=CeR7bHmfiEnDD3UIHDMVzkWBzMs7_&sd=1&im=067b2fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.249.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-249-220.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 22:36:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 157 B
482 B 89ms
22ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=firstpost.com&domain=firstpost.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 22a078ac6d797e74bc4b448c9c080c88500566640bccd03c3987978b4dc38f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-cache-hits: 1
date: Tue, 12 Sep 2023 22:36:38 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 1142
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 124
x-served-by: cache-fra-eddf8230117-FRA
x-timer: S1694558199.952712,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 10 Sep 2023 22:17:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
29 KB 150ms
96ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ff122d5532b646ac44732bf956907be287fc9220c0780b23124525d35981c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29606
x-xss-protection: 0
server: cafe
etag: 332 / 19612 / 31077786 / config-hash: 16843757859347006962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 22:36:39 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/de91d1cf/ Frame DF0D 383 KB
48 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e383c59b89e3581ba173e50d18dbedc7760e41313f9fbb44016ad177fe01248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49338
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 22:28:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DF0D 15 KB
16 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 309641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DF0D 15 KB
15 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 17699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:41:40 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/de91d1cf/www-embed-player.vflset/ Frame DF0D 314 KB
94 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa99a3aa8188c94845c65fa50fdfab849429c221cb5b6c92aea2498537ffb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96209
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 19:37:32 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/ Frame DF0D 2 MB
2 MB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced95747a05ae058878a50c591c7c6002546cd6a87b280e5a15ad4da3e526de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:24:11 GMT
x-content-type-options: nosniff
age: 72748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2555305
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 02:24:11 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/ 408 KB
129 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43203
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131712
x-xss-protection: 0
server: cafe
etag: 7905716078372049509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Sep 2024 10:36:36 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DF0D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

29ms
29ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f437659424442afc3ef6586599d60d537bd1e302e7fac06db4092f34612878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 22:36:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DF0D 29 B
495 B 93ms
23ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:29:15 GMT
x-content-type-options: nosniff
age: 444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 22:44:15 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 85ms
31ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 12 Sep 2023 22:36:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DF0D 68 KB
31 KB 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9fc2c2429c0afd26c22ecaf8587486bdee66556b43f93d101d5a353053fdbc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31841
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame DF0D 76 KB
30 KB 228ms
227ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

08d91ee2d2280b4ccae7da67f4c7786462ba81d4603591be79646a59da527ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230904.00.00
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30521
x-xss-protection: 0
expires: Tue, 12 Sep 2023 22:36:39 GMT

GET
H2 200 6rYNENeOMvAUc9bGa0xtERGWwzDcJS3nJ_rOtLUTUgM.js Show response
www.google.com/js/th/ Frame DF0D 38 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/6rYNENeOMvAUc9bGa0xtERGWwzDcJS3nJ_rOtLUTUgM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eab60d10d78e32f01473d6c66b4c6d111196c330dc252de727faceb4b5135203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 19:49:43 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/ Frame DF0D 50 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d2457ca4483b2e4c39c7856ecff955de96be3a7b714f5ff06b1af111f2404f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15713
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 02:24:11 GMT

GET
DATA 200
OK truncated
/ Frame DF0D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ECkjlnETOWq_v2UuToBHeR_UY42J47UNashpSkdQpcMEMh0eBdBag-81bRs65BOhZzsbGxUW=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DF0D 1 KB
2 KB 94ms
26ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ECkjlnETOWq_v2UuToBHeR_UY42J47UNashpSkdQpcMEMh0eBdBag-81bRs65BOhZzsbGxUW=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5ae006e084a92cee1dcbbcee87e2049fc2fbb2269356efdd9c79dca2c76d6bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:45:56 GMT
x-content-type-options: nosniff
age: 10243
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1369
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:45:56 GMT

GET
DATA 200
OK truncated
/ Frame DF0D 268 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad42e8a35d2104ef1e5ac594d0332cb386e20be762761ce2d5f28554dddf0f40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
www.youtube.com/ Frame DF0D 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?rHew9g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
30ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 12 Sep 2023 22:36:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DF0D 90 B
134 B 34ms
34ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a161d8b1cbb9c51c5c7ffa57456925bc7f3f430b156c9553e8fc5af7c1f2df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame DF0D 0
19 B 28ms
28ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&cpn=sfdUQdGQZbwA1szS&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C160066%2C19936%2C27524%2C23070%2C60173%2C24564%2C25387%2C9842%2C1088%2C4974%2C976%2C322%2C965%2C2235%2C26436268%2C26%2C171%2C136%2C987%2C2224%2C535%2C1254%2C677%2C612%2C243%2C4326&cl=564501012&seq=1&docid=1k4KVsuAb5M&ei=9-cAZefnFYaox_APreGA8Ao&event=streamingstats&plid=AAYFMROGmAkTPKDE&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1k4KVsuAb5M%3Fautoplay%3D1%26mute%3D1%26rel%3D0&qclc=ChBzZmRVUWRHUVpid0Exc3pTEAE&embargoed=0&cbr=Chrome&cbrver=116.0.5845.187&c=WEB_EMBEDDED_PLAYER&cver=1.20230904.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.012:B,0.293:B,0.293:B&cat=streaming&cmt=0.012:0.000,0.293:0.000&vfs=0.293:243:243::r&view=0.293:300:250&bwe=0.293:130000&bat=0.293:1:1&vis=0.293:0&bh=0.293:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-YouTube-Client-Version: 1.20230904.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1694558199207&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 119 KB
120 KB 98ms
21ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=3537115&dur=107.520&lmt=1686247309584321&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgOvSerbIK4Mn2m24QCDxdqQbTvPHZffM8Emc4EQmHDhgCIQDGYkYgJLZfzb0ub5yL6jFqlH1su8lWB-oKFD6sDXN42g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=0-121856&rn=1&rbuf=0&pot=Iiw84zzlWePbFH-ESI1zpXLVZtFQsFmJeq1qsFbRRtdzjH6JdaR_hHambrF1og==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3499f04c80bbd38a53c9fb84786bc49f127727bc0a4defbad0f6c4cdc8aaf0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 22:36:39 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Thu, 08 Jun 2023 18:01:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 12 Sep 2023 22:36:39 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 64 KB
65 KB 99ms
24ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=251&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=1499478&dur=107.541&lmt=1686247298453622&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANtvUc9Is5MWAYel0AMiNiq2u8BRga-7J9UtjG8dzRngAiEAxT7wWvX0257s8HkFj6VELGoxCMzRQBZ4CL8z6Yk45wY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=0-65985&rn=2&rbuf=0&pot=IixRVFFSNFS2oxIzJToeEh9iC2Y9BzQ-FxoHBztmK2AeOxM-GBMSMxsRAwYYFQ==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

595f4a1a66ad85bd41ef5036a0584dae7d00fe2a99d23542c4c1c84d57f90012

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 22:36:39 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Thu, 08 Jun 2023 18:01:38 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 12 Sep 2023 22:36:39 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/ Frame DF0D 116 KB
33 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39581781fefb678e186bdbb4aa9a51fae0a1cd71938bb66be4eea4eaf8c2537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33748
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 02:24:12 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/ Frame DF0D 70 KB
24 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

379aea36c4c41ec2ecf8041c9b2cbeb1bc9b98bd323320e729d54ddcebdca1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24148
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 02:24:40 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/ Frame DF0D 32 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bbaaf4566b42b447697586ef46c249c41e1d68f281162cad03095dbc042860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8228
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:56:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Sep 2024 02:24:40 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame DF0D 8 KB
3 KB 217ms
217ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

45ced827a8e5f6b34af2a157fb17d3f3de6aa6cb6ffeb12aaa3558675c631f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230904.00.00
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2658
x-xss-protection: 0
expires: Tue, 12 Sep 2023 22:36:39 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DF0D 28 B
54 B 40ms
34ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-Goog-Request-Time: 1694558199662
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-YouTube-Client-Version: 1.20230904.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1694558199207&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 12 Sep 2023 22:36:39 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DF0D 4 KB
2 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 22:36:39 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 107 KB
107 KB 46ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=3537115&dur=107.520&lmt=1686247309584321&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgOvSerbIK4Mn2m24QCDxdqQbTvPHZffM8Emc4EQmHDhgCIQDGYkYgJLZfzb0ub5yL6jFqlH1su8lWB-oKFD6sDXN42g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=121857-230897&rn=3&rbuf=2612&pot=MmhryZ958gQgqmvxBaoJiYp_RZjyB7q5930InvwhBbz8rmcyzLEz2kXWhxC2VoR8mZA2x0BVlXSmRlA7T-MyDITZ6ZdoUCCECPgKE2HuDhLADPnzPF6-qWOuxFur-hy0-bnTY7Ah4GyzcA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

30154c12ca16b4f28c99ef3d8ee6193b10e080b45420bdbbe40323351dcf9264

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 22:36:39 GMT
date: Tue, 12 Sep 2023 22:36:39 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Thu, 08 Jun 2023 18:01:49 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/116/ Frame DF0D 51 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/116/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:06:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 13 Sep 2023 19:49:43 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame DF0D 0
17 B 29ms
28ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=sfdUQdGQZbwA1szS&ver=2&cmt=0.054&fmt=243&fs=0&rt=0.54&euri=https%3A%2F%2Fwww.firstpost.com%2F&lact=580&cl=564501012&mos=1&volume=100&cbr=Chrome&cbrver=116.0.5845.187&c=WEB_EMBEDDED_PLAYER&cver=1.20230904.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&dni=1&epm=2&hl=de_DE&cr=DE&len=107.541&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C160066%2C19936%2C27524%2C23070%2C60173%2C24564%2C25387%2C9842%2C1088%2C4974%2C976%2C322%2C965%2C2235%2C26436268%2C26%2C171%2C136%2C987%2C2224%2C535%2C1254%2C677%2C612%2C243%2C4326&rtn=5&afmt=251&size=300%3A250&inview=0&muted=1&docid=1k4KVsuAb5M&ei=9-cAZefnFYaox_APreGA8Ao&plid=AAYFMROGmAkTPKDE&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1k4KVsuAb5M%3Fautoplay%3D1%26mute%3D1%26rel%3D0&of=c3evehFWIDUiHcz38aOqiw&vm=CAEQARgEOjJBQWpSVTZtZGs1VktJQTA1NXBVcFhRNEd5ZTMtT0k5dHoxRXdaTTBwbnBtQ01nMUkxQWJgQVBta0tESkFDMUlRTzJ1dHJMTDZ5R1Q1elJYalNrcVh0M25LaS10ZFprQy00ZHRTWGNzQ3JmTDZXNUVDMVVUeWpkbkk0eUJfUHlhSFZ6TG9tUjVWaFZwZFBhalFBY3RXaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-YouTube-Client-Version: 1.20230904.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1694558199207&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame DF0D 0
19 B 28ms
28ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=1k4KVsuAb5M&cpn=sfdUQdGQZbwA1szS&ei=9-cAZefnFYaox_APreGA8Ao&ptk=youtube_single&oid=wGq9EMhqo84lGVb-4GwMyQ&ptchn=z8QaiQxApLq8sLNcszYyJw&pltype=content

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-YouTube-Client-Version: 1.20230904.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1694558199207&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DF0D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

27ms
27ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63f0ad6428d2ded1a30dfbc0ca14eff2a9d9045a3fbae7fa28223df638c37257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 22:36:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 64 KB
64 KB 25ms
24ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=251&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=1499478&dur=107.541&lmt=1686247298453622&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANtvUc9Is5MWAYel0AMiNiq2u8BRga-7J9UtjG8dzRngAiEAxT7wWvX0257s8HkFj6VELGoxCMzRQBZ4CL8z6Yk45wY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=65986-131716&rn=4&rbuf=4321&pot=MmhryZ958gQgqmvxBaoJiYp_RZjyB7q5930InvwhBbz8rmcyzLEz2kXWhxC2VoR8mZA2x0BVlXSmRlA7T-MyDITZ6ZdoUCCECPgKE2HuDhLADPnzPF6-qWOuxFur-hy0-bnTY7Ah4GyzcA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cf515df1b57fb0f58ce70d6b37772c7884ed1e8b83c021f5959159edf02243b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 12 Sep 2023 22:36:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 18:01:38 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Tue, 12 Sep 2023 22:36:39 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 195 KB
195 KB 23ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=3537115&dur=107.520&lmt=1686247309584321&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgOvSerbIK4Mn2m24QCDxdqQbTvPHZffM8Emc4EQmHDhgCIQDGYkYgJLZfzb0ub5yL6jFqlH1su8lWB-oKFD6sDXN42g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=230898-430724&rn=5&rbuf=4960&pot=MmhryZ958gQgqmvxBaoJiYp_RZjyB7q5930InvwhBbz8rmcyzLEz2kXWhxC2VoR8mZA2x0BVlXSmRlA7T-MyDITZ6ZdoUCCECPgKE2HuDhLADPnzPF6-qWOuxFur-hy0-bnTY7Ah4GyzcA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8d3c8b14858b84fcb42248494ed18ef8abd3ccc39d97c01c1460fbf47cdd92a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 22:36:39 GMT
date: Tue, 12 Sep 2023 22:36:39 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Thu, 08 Jun 2023 18:01:49 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 129 KB
129 KB 25ms
25ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=251&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=1499478&dur=107.541&lmt=1686247298453622&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANtvUc9Is5MWAYel0AMiNiq2u8BRga-7J9UtjG8dzRngAiEAxT7wWvX0257s8HkFj6VELGoxCMzRQBZ4CL8z6Yk45wY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=131717-263373&rn=6&rbuf=8654&pot=MmhryZ958gQgqmvxBaoJiYp_RZjyB7q5930InvwhBbz8rmcyzLEz2kXWhxC2VoR8mZA2x0BVlXSmRlA7T-MyDITZ6ZdoUCCECPgKE2HuDhLADPnzPF6-qWOuxFur-hy0-bnTY7Ah4GyzcA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a7d93c59aa78a1e710d8ac4f8b4d40b5f208890b027210deab51c5795318b798

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 12 Sep 2023 22:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 18:01:38 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Tue, 12 Sep 2023 22:36:40 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznez.googlevideo.com/ Frame DF0D 487 KB
487 KB 22ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1694579799&ei=9-cAZefnFYaox_APreGA8Ao&ip=2001%3A1b60%3A1010%3A3%3A1012%3A3b5c%3Ae0bd%3A8767&id=o-AISvqeRwLyDoNKiQSQAlqJH1rntvoF2KSd6kdWcMrW3L&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=EX&mm=31%2C26&mn=sn-4g5lznez%2Csn-f5f7lnl7&ms=au%2Conr&mv=m&mvi=2&pl=29&initcwndbps=1307500&spc=UWF9f23dE5Zme6wpv_7h8dRbFqeLZ_J_J2sS-voosQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zefwFahxZkYdjLWUV8XVomUP&gir=yes&clen=3537115&dur=107.520&lmt=1686247309584321&mt=1694557784&fvip=1&keepalive=yes&fexp=24007246%2C24363391&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=2CYBVN5-FIuaYA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgOvSerbIK4Mn2m24QCDxdqQbTvPHZffM8Emc4EQmHDhgCIQDGYkYgJLZfzb0ub5yL6jFqlH1su8lWB-oKFD6sDXN42g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq_Mi3UTFJ_wh9CWVxZOnHJRQkdCSi0knHZXVJXAECKAiEA-38oN_d0zkpZms5oObFM4QS9cCfR61AiHZVN335x8q0%3D&alr=yes&cpn=sfdUQdGQZbwA1szS&cver=1.20230904.00.00&range=430725-929511&rn=7&rbuf=9714&pot=MmhryZ958gQgqmvxBaoJiYp_RZjyB7q5930InvwhBbz8rmcyzLEz2kXWhxC2VoR8mZA2x0BVlXSmRlA7T-MyDITZ6ZdoUCCECPgKE2HuDhLADPnzPF6-qWOuxFur-hy0-bnTY7Ah4GyzcA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

376276c910a530318d0b7613969210338660c6d1ded434b740f332988304eaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 22:36:40 GMT
date: Tue, 12 Sep 2023 22:36:40 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Thu, 08 Jun 2023 18:01:49 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2 200 one_tap.js Show response
www.firstpost.com/static/js/ 2 KB
1 KB 32ms
32ms Script
application/javascript 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/static/js/one_tap.js

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bb445dca20b7b25c5b53fed6fecc68587d26a8a3ac81d0514238d69d07eda66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:40 GMT
content-encoding: gzip
ntcoent-length: 2294
content-length: 1062
last-modified: Mon, 05 Dec 2022 06:57:26 GMT
etag: W/"8f6-184e11342b0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, max-age=23292495
access-control-allow-credentials: false
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 client Show response
accounts.google.com/gsi/ 197 KB
78 KB 133ms
74ms Script
application/javascript 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/static/js/one_tap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

866768efa051d0eaedf6cf4deca40571ee594a591992a51c7bf7de4a34cb78c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-wIBpxiSavHRQ1fPYNSzNLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-wIBpxiSavHRQ1fPYNSzNLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 12 Sep 2023 22:36:40 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OQ1Rh92Z834IoH1bzO96wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-OQ1Rh92Z834IoH1bzO96wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 12 Sep 2023 22:36:40 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
527 B 246ms
245ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=189207058064-5krt6kv5harp7gbj1octltmmfurr056i.apps.googleusercontent.com&as=iB%2Bawr9oXVC8R6tmb1zoMg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eea6fb1d472e9bafb60651fe15bd84388c0534c60a3a10bd0827080ea5634d2a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-h-gzPFZB1jV_4fYau0T1Rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-h-gzPFZB1jV_4fYau0T1Rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firstpost.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DF0D 28 B
54 B 35ms
35ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/de91d1cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-Goog-Request-Time: 1694558201270
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1k4KVsuAb5M?autoplay=1&mute=1&rel=0
X-YouTube-Client-Version: 1.20230904.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtnOFN6Z2lSejFNVSj2z4OoBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1694558199042&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 12 Sep 2023 22:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 12 Sep 2023 22:36:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
75 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLJQLND

Requested by

Host: www.firstpost.com
URL: https://www.firstpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c653b105014ee1a55ceff7a3480a6680f60001dcdfb6e491a2a211e4fccaada3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76258
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 21:58:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Sep 2023 22:36:42 GMT

GET
H2 200 00acb2139b7de30d5754c91bdabbe2d808c2e453.js Show response
cdn.izooto.com/scripts/ 7 KB
2 KB 90ms
35ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/00acb2139b7de30d5754c91bdabbe2d808c2e453.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLJQLND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0dfba906c68bb7dd8e89cfffec8b0081b4bc25c31e77c11bb71c25b6b6f28e1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Jul 2023 13:26:57 GMT
server: cloudflare
age: 448345
etag: W/"64c270a1-1b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 805ba17b49972c5a-FRA
x-xss-protection: 1; mode=block
expires: Wed, 13 Sep 2023 22:36:42 GMT

GET
H2 200 nw18_fp.js Show response
www.firstpost.com/dlxczavtqcctuei/prod/ 2 KB
1 KB 35ms
35ms Script
application/x-javascript 104.75.89.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/dlxczavtqcctuei/prod/nw18_fp.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLJQLND

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-173.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

7025e626b84fabae57e7ad3662390c7963be94395e47eca4373415b38c8394ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:42 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 04:33:46 GMT
server: AkamaiNetStorage
etag: "245d28bcb9d2fa1c282a12a1dea18b24:1635395670.160269"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 717

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
89 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9KTR7DH8RP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLJQLND

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f74ec7c10aec9df0f757c94664c2755b4ae8a926ba026d30ab3726f5d0c49a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Sep 2023 22:36:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 85ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9KTR7DH8RP&gtm=45je3960&_p=2145619090&cid=1813970039.1694558197&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694558202&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstpost.com%2F&dt=LIVE%20updates%2C%20Latest%20News%2C%20Breaking%20News%2C%20World%20News%2C%20Sports%20News%2C%20Bollywood%20News%2C%20Business%2C%20Entertainment%2C%20Tech%2C%20Political%20News%20and%20more%20%E2%80%93%20Firstpost&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KTR7DH8RP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 22:36:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 316 KB
74 KB 40ms
40ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/00acb2139b7de30d5754c91bdabbe2d808c2e453.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ee8c9e1ffd45b8579370752ec4bf9cfb4edde25f60f3eb57e1754d34a7f05d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:36:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 13:06:08 GMT
server: cloudflare
age: 34127
etag: W/"65006240-4f05c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 805ba17bb9df2c5a-FRA
x-xss-protection: 1; mode=block
expires: Thu, 28 Sep 2023 22:36:42 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 8B86 4 KB
1 KB 34ms
33ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 43666
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 805ba17c3a372c5a-FRA
content-encoding: br
content-type: text/html
date: Tue, 12 Sep 2023 22:36:42 GMT
expires: Fri, 13 Oct 2023 22:36:42 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firstpost.com/	1970-01-20 14:44:04	Name: _gid Value: GA1.2.1521140883.1694558197
.firstpost.com/	1970-01-20 14:42:38	Name: _gat_gtag_UA_22956444_1 Value: 1
.firstpost.com/	1970-01-21 00:11:26	Name: _cb Value: CJOX4XB47Dt8DPsqs7
.firstpost.com/	1970-01-21 00:11:26	Name: _chartbeat2 Value: .1694558198860.1694558198860.1.CeR7bHmfiEnDD3UIHDMVzkWBzMs7_.1
.firstpost.com/	1970-01-20 14:42:39	Name: _cb_svref Value: null
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: J5kN4RBXg1w
.youtube.com/	1970-01-20 19:01:50	Name: VISITOR_INFO1_LIVE Value: g8SzgiRz1MU
.firstpost.com/	1970-01-21 00:18:38	Name: _ga_9KTR7DH8RP Value: GS1.1.1694558202.1.0.1694558202.0.0.0
.firstpost.com/	1970-01-21 00:18:38	Name: _ga Value: GA1.1.1813970039.1694558197
.firstpost.com/	1970-01-21 00:18:38	Name: _nw18_fp Value: bfbd0df7-2944-d0c8-7311-b8834df9a16a
.izooto.com/	1970-01-21 00:18:38	Name: IZCID Value: 3c4e59b4-226c-413a-b6d9-cbef2c06e41f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.pubmatic.com
cdn.izooto.com
chimpstatic.com
firstpost.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.firstpost.com
jnn-pa.googleapis.com
mab.chartbeat.com
nw18videostorage.blob.core.windows.net
ping.chartbeat.net
region1.google-analytics.com
rr2---sn-4g5lznez.googlevideo.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
www.firstpost.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.75.89.173
107.21.249.220
13.32.121.21
184.30.16.195
20.38.127.4
2001:4860:4802:34::36
23.206.209.115
23.208.149.253
2600:9000:2057:3800:18:1fcd:353:c61
2606:4700::6812:d941
2a00:1450:4001:11::7
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2006
2a00:1450:400c:c00::9b
2a02:26f0:480:f::213:7ee0
2a04:4e42:400::714
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
08d91ee2d2280b4ccae7da67f4c7786462ba81d4603591be79646a59da527ef2
10d302dc73335dd811f1b6d2c4732d89204a6f03c5ecc8dcf0bc7f219280eb28
171118490bb0c67cf2962c96ddd03a8decaa186bc5209138311a62df29f30dbe
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bb445dca20b7b25c5b53fed6fecc68587d26a8a3ac81d0514238d69d07eda66
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f4cb57e97dab0aa5893cac6c75eb4f07b725b884aef1914f2c0a35e581612db
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22a078ac6d797e74bc4b448c9c080c88500566640bccd03c3987978b4dc38f55
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
22f9c09ced8cd69a8e13bd536e3ee6fa4ea34bb4e861d004f245121a110d5a98
23f437659424442afc3ef6586599d60d537bd1e302e7fac06db4092f34612878
255781034c026b1f3307e9386aa722b44d8d1148705843811d751c7372f0d5ea
2dff47431c716b91b15e5263db8b52baf0abbb004090ccc4d670d65676b6325d
30154c12ca16b4f28c99ef3d8ee6193b10e080b45420bdbbe40323351dcf9264
3499f04c80bbd38a53c9fb84786bc49f127727bc0a4defbad0f6c4cdc8aaf0fd
376276c910a530318d0b7613969210338660c6d1ded434b740f332988304eaab
379aea36c4c41ec2ecf8041c9b2cbeb1bc9b98bd323320e729d54ddcebdca1ad
39eca66b5a6c6ada2be3d2ce2442ae82e7aa6daaf089e63a21858ed5036774e4
3a161d8b1cbb9c51c5c7ffa57456925bc7f3f430b156c9553e8fc5af7c1f2df5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
45ced827a8e5f6b34af2a157fb17d3f3de6aa6cb6ffeb12aaa3558675c631f83
4c6446a5cff21c7147884b5e080c3eb1eb6454a77fafae65f31fef466ec26033
4ff122d5532b646ac44732bf956907be287fc9220c0780b23124525d35981c1f
595f4a1a66ad85bd41ef5036a0584dae7d00fe2a99d23542c4c1c84d57f90012
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae006e084a92cee1dcbbcee87e2049fc2fbb2269356efdd9c79dca2c76d6bbf
60a40b2138cfd47cd85f899cd3612c34acd3ecd26597b5034a7d65ad62f01687
60bbaaf4566b42b447697586ef46c249c41e1d68f281162cad03095dbc042860
63d1837bf0033a10e20387a9aecc5079d1f49e61f72363195173c773657acba4
63f0ad6428d2ded1a30dfbc0ca14eff2a9d9045a3fbae7fa28223df638c37257
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7025e626b84fabae57e7ad3662390c7963be94395e47eca4373415b38c8394ef
7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075
7b100d581f55f942d31ab939aff23f9755eaeb0bdbaeb7dfdab586bbe21e0b53
7d2457ca4483b2e4c39c7856ecff955de96be3a7b714f5ff06b1af111f2404f6
7e9e3bb60d9b9a0c18fc27fe192a02825a66285865692c442706cf9bb35a199d
811bcbe127edab81655aedca6323d6239968e83c874ae5ae914f1ff4b9328373
8252e7c6661d3ee6c77e096e0701d5afa962b27a7e91eb0ee491643200a455ca
8389b20c82fb8ca21eebe5bba0fdeeccaf254bb4af457b5803325ad57f29b65b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866768efa051d0eaedf6cf4deca40571ee594a591992a51c7bf7de4a34cb78c1
874c622850e2b5b1ade658f62ec5a6a6d863dc9b22a0a3e04c8d60b5f8150189
89e2025a2e5eb1561e041f44699e64a6e27dc8fe1d967d5af5ac282848864446
8d3c8b14858b84fcb42248494ed18ef8abd3ccc39d97c01c1460fbf47cdd92a9
8da4efe96443f193d4990a51c7d95c486a4de4343403b1328783c15a55fea157
8e383c59b89e3581ba173e50d18dbedc7760e41313f9fbb44016ad177fe01248
92c9b128fc6cd038cc65ede952bf13e943924bc5e37da4afdfffce08e733e2f2
97ee11e8a2fb7f106966ddc28aaa9be0ccf28c81f8712f0a2ec5cc15cba9fb44
98a450dbb209e87dc5db6d7b51661be8eae1e14db54c372fb3d9f09af2ed7460
98c6002d7c913c67619b1312af12ed1531c0f3da8945c2a574bd2b7c03e7fe24
99d87357f51eae8c3c7d3a7b8615068280f97f3051a97462e94da3faef8f85ba
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a0dfba906c68bb7dd8e89cfffec8b0081b4bc25c31e77c11bb71c25b6b6f28e1
a7d93c59aa78a1e710d8ac4f8b4d40b5f208890b027210deab51c5795318b798
ad42e8a35d2104ef1e5ac594d0332cb386e20be762761ce2d5f28554dddf0f40
aec0910388e633291bb8d67bdff5d9fcfdcc597aae44dfcf28c5249b2988098e
c1ee8c9e1ffd45b8579370752ec4bf9cfb4edde25f60f3eb57e1754d34a7f05d
c39581781fefb678e186bdbb4aa9a51fae0a1cd71938bb66be4eea4eaf8c2537
c653b105014ee1a55ceff7a3480a6680f60001dcdfb6e491a2a211e4fccaada3
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
ced95747a05ae058878a50c591c7c6002546cd6a87b280e5a15ad4da3e526de6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf515df1b57fb0f58ce70d6b37772c7884ed1e8b83c021f5959159edf02243b3
cfa99a3aa8188c94845c65fa50fdfab849429c221cb5b6c92aea2498537ffb76
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dba1bb2c05a93eb27a3807b6266c06045effe4507f25fb28644474bcf0c23640
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab60d10d78e32f01473d6c66b4c6d111196c330dc252de727faceb4b5135203
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea6fb1d472e9bafb60651fe15bd84388c0534c60a3a10bd0827080ea5634d2a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6df37c8a836350b2bd5e00bcea1b008acf3edb06e0a6e326bca68a10abceb49
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f74ec7c10aec9df0f757c94664c2755b4ae8a926ba026d30ab3726f5d0c49a7b
f9fc2c2429c0afd26c22ecaf8587486bdee66556b43f93d101d5a353053fdbc0
fcff8c2b35dd0c3f77699f3c6974540465a4edcb18f294ef491113498da09f4a

www.firstpost.com Open in urlscan Pro 104.75.89.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

98 %HTTPS

74 %IPv6

18 Domains

27 Subdomains

27 IPs

4 Countries

6511 kBTransfer

9694 kBSize

11 Cookies

13 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.firstpost.com Open in urlscan Pro
104.75.89.173 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

98 %
HTTPS

74 %
IPv6

18
Domains

27
Subdomains

27
IPs

4
Countries

6511 kB
Transfer

9694 kB
Size

11
Cookies

89 HTTP transactions
2 data transactions