urlscan.io logo urlscan.io
SecurityTrails logo

www.news9live.com Open in urlscan Pro
99.86.4.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Effective URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Submission: On April 29 via api from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 12 domains to perform 68 HTTP transactions. The main IP is 99.86.4.108, located in United States and belongs to AMAZON-02, US. The main domain is www.news9live.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 11th 2023. Valid for: a year.
This is the only time www.news9live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net
www.news9live.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2646:7a00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
16    2600:9000:2491:6a00:1e:2598:7140:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.news9live.com
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    18.245.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2646:800:10:d413:e040:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.tv9hindi.com
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
8    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
6    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
2    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
cdn.taboola.com
7    141.226.228.48 (None, )

ASN- ()
am-trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
22 news9live.com
www.news9live.com
images.news9live.com — Cisco Umbrella Rank: 707223
758 KB
15 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 981
pm-widget.taboola.com — Cisco Umbrella Rank: 3575
trc.taboola.com — Cisco Umbrella Rank: 732
am-trc-events.taboola.com
429 KB
8 gstatic.com
fonts.gstatic.com
306 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
region1.analytics.google.com — Cisco Umbrella Rank: 2941
124 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
368 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
170 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 183
3 KB
2 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1574
mab.chartbeat.com — Cisco Umbrella Rank: 2768
11 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 tv9hindi.com
images.tv9hindi.com — Cisco Umbrella Rank: 903174
1 KB
68 12
Domain Requested by
16 images.news9live.com www.news9live.com
8 fonts.gstatic.com fonts.googleapis.com
www.news9live.com
7 am-trc-events.taboola.com cdn.taboola.com
6 www.news9live.com www.news9live.com
5 cdn.taboola.com www.news9live.com
cdn.taboola.com
4 www.googletagmanager.com www.news9live.com
www.googletagmanager.com
www.google-analytics.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 fonts.googleapis.com www.news9live.com
2 sb.scorecardresearch.com www.news9live.com
2 securepubads.g.doubleclick.net www.news9live.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.news9live.com
www.google-analytics.com
1 trc.taboola.com cdn.taboola.com
1 www.google.de www.news9live.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 mab.chartbeat.com static.chartbeat.com
1 images.tv9hindi.com www.news9live.com
1 static.chartbeat.com www.news9live.com
68 20
Subject Issuer Validity Valid
news9live.com
Amazon RSA 2048 M02		 2023-12-11 -
2025-01-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
images.news9live.com
Amazon RSA 2048 M02		 2023-10-17 -
2024-11-14		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.tv9hindi.com
Amazon ECDSA 256 M02		 2024-01-17 -
2025-02-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Frame ID: 0253716DA0C396A2C4CC21C5E0F16EEF
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

'First flight for many': Firm takes employees on an all-paid international trip | Viral News - News9live

Page URL History Show full URLs

  1. http://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-interna... HTTP 307
    https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-interna... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

68
Requests

100 %
HTTPS

60 %
IPv6

12
Domains

20
Subdomains

20
IPs

3
Countries

2198 kB
Transfer

5442 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405 HTTP 307
    https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
www.news9live.com/viral-news/
Redirect Chain
  • http://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
  • https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
171 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
/
Resource Hash
8ff7118cce20898a59c5412e32ea1ef5577b66c3f9f17dc33258cd871659d307

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
15884
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-length
44751
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 02:35:15 GMT
vary
Accept-Encoding Origin
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-id
oWkBKLe-yv7mjt7sjaXI5xCpC5RMLzNrItC8mH5QKKtl4kJ58FGI_g==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-cacheable
YES:Forced

Redirect headers

Location
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Non-Authoritative-Reason
HttpsUpgrades
slider.css
www.news9live.com/wp-content/themes/news9livedesktop/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.news9live.com/wp-content/themes/news9livedesktop/css/slider.css?ver=1.2
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
/
Resource Hash
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:26:41 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-cacheable
YES:Forced
x-amz-cf-pop
FRA6-C1
age
31111
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1327
last-modified
Mon, 11 Dec 2023 07:55:49 GMT
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=31104000
accept-ranges
bytes
x-amz-cf-id
E6btXlyIfb3byiI5wbPRveNxY8XlYuzlbz_OTICPlu-cBB-DVIqnfQ==
expires
Wed, 23 Apr 2025 22:21:28 GMT
slider.js
www.news9live.com/wp-content/themes/news9livedesktop/js/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news9live.com/wp-content/themes/news9livedesktop/js/slider.js?ver=1.2
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
/
Resource Hash
37dfa37d2ef5034fc8151191d2b3a12d5d9cbd28acea4d8b61c53827eb7f6a94

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 02:43:33 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-cacheable
YES:Forced
x-amz-cf-pop
FRA6-C1
age
15657
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12856
last-modified
Mon, 11 Dec 2023 07:56:10 GMT
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31104000
accept-ranges
bytes
x-amz-cf-id
weQtzn8mqPUXoqZsFf163IFuc-mgX2fK1LwDrmsmtwX395QOLK5ulQ==
expires
Thu, 24 Apr 2025 02:39:02 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 05:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4736
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Apr 2024 07:41:03 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:7a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 18:33:07 GMT
content-encoding
gzip
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
44812
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
WlpOkIwXtqXO9GRNAtkZadCSjRlXxqQmhWtO4SubzjbOLBbIxl3l9g==
expires
Mon, 29 Apr 2024 18:33:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec5361f690dd9ba267e5eded9d97fe0b2eed7c7fa0514bda4ce870b321538c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 06:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30123
x-xss-protection
0
server
cafe
etag
956 / 19842 / m202404230101 / config-hash: 8127643254797218485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 29 Apr 2024 06:59:59 GMT
WhatsApp-Image-2024-01-09-at-10.04.04-PM.jpeg
images.news9live.com/wp-content/uploads/2024/01/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-09-at-10.04.04-PM.jpeg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4d1c52cf3be8e87cdd51bfcd63dde0a4da1d112b6a156fd3ffb7d411310030c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Feb 2024 19:01:34 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
65db8e8edd1d3390e289c989
x-amz-cf-pop
FRA56-P7
age
5486305
x-cache
Hit from cloudfront
x-gumlet-runtime
0.022
alt-svc
h3=":443"; ma=86400
content-length
60700
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-01-10
etag
"37ejj8ebf6jk0"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
U880izycNJ9TF4Jbj0E5HrIECXj-2yVvHAQkRSo3YGRhVRkuVkz4MQ==
placeholder.jpg
images.news9live.com/wp-content/uploads/2022/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2022/12/placeholder.jpg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68226f459e03a806fa54ed1f8e0f89d7ce153fd034ae9e15cbaaf1708d21ffc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Oct 2023 20:50:16 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
652ef3889e94c79241792280
x-amz-cf-pop
FRA56-P7
age
16798183
x-cache
Hit from cloudfront
x-gumlet-runtime
0.39
alt-svc
h3=":443"; ma=86400
content-length
1608
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2023-07-26
etag
"3fmuhglqzu908"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
Vp_hu6tC6F7nZje2yKM2koQjeAuEfeVU-YfPahsGGU51vvHdaiVk2g==
WhatsApp-Image-2024-04-27-at-1.28.08-PM.jpeg
images.news9live.com/wp-content/uploads/2024/04/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/WhatsApp-Image-2024-04-27-at-1.28.08-PM.jpeg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3a3d382a217755cfc1af06cd9ca7bc6894e1952919ec0a1e9a37f34c2572ecc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Apr 2024 06:59:59 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662f456fc3f692327dd96dda
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-gumlet-runtime
0.013
alt-svc
h3=":443"; ma=86400
content-length
157416
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-27
etag
"u7qgkaecz9rx"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
CiJMJLYik_g2oJRN8D63py2GY73YjivHQos-yosloKe5UfDhESQQuA==
WhatsApp-Image-2024-04-27-at-1.27.49-PM.jpeg
images.news9live.com/wp-content/uploads/2024/04/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/WhatsApp-Image-2024-04-27-at-1.27.49-PM.jpeg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
853b1f904f727006ca59d715ff7a7d7d9fe8c6d78948f9df13065a424c1bf286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 Apr 2024 08:16:35 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662cb462230908917d67dab6
x-amz-cf-pop
FRA56-P7
age
168204
x-cache
Hit from cloudfront
x-gumlet-runtime
1.02
alt-svc
h3=":443"; ma=86400
content-length
94600
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-27
etag
"214va4jucdkyt"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_kolkETeQBhk6wxY6HnfRKMusPijF9y2zg-fDQkqkv6J9ulA41YXNw==
WhatsApp-Image-2024-04-27-at-1.27.34-PM.jpeg
images.news9live.com/wp-content/uploads/2024/04/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/WhatsApp-Image-2024-04-27-at-1.27.34-PM.jpeg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
631c134347f7b7df2e3701e7f0854e73643c97bae4a8a90121dbb313552de880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 Apr 2024 08:17:07 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662cb4815111a9f51279b76f
x-amz-cf-pop
FRA56-P7
age
168172
x-cache
Hit from cloudfront
x-gumlet-runtime
1.485
alt-svc
h3=":443"; ma=86400
content-length
113332
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-27
etag
"1v9ad647zjsik"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WXk10LNquv3x7GUEG0-k374hslfO8nDaPTHwZwrMZtR1wIj6RX-mVg==
Forest-fire-1.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/Forest-fire-1.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
98311c6170fb31d06e30da2cbbdf50e140d5880d1a61e6cbc37a1fdeae74d8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Apr 2024 02:32:24 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662f06b82eeea9d2973a8461
x-amz-cf-pop
FRA56-P7
age
16055
x-cache
Hit from cloudfront
x-gumlet-runtime
0.006
alt-svc
h3=":443"; ma=86400
content-length
5970
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-29
etag
"1ycultzk5337d"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RP8-Qyx24ZzKkEMLTUI-bmmIqR1ZvYtlQcZZ1yzA1su0cqFgxUw9Ew==
heatwave1-1.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/heatwave1-1.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba5dba136ce911be4bad4765513b738c0635fb17ffab81c077472e7d489740cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Apr 2024 03:02:48 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662f0dd8efcd8f1e5b8c4f78
x-amz-cf-pop
FRA56-P7
age
14231
x-cache
Hit from cloudfront
x-gumlet-runtime
0.005
alt-svc
h3=":443"; ma=86400
content-length
16918
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-29
etag
"3vh6rhbiymmwf"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WVR5RpQOemeoR6nm5xh5ZopJ2h9ktedy_4WRh_tDYlR_5Mdla5xKTA==
truckcarcollision.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/truckcarcollision.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fa636cf1a20bcb12f409402000c160ac8e0d524a0613ecc1a0afdfb081ae7212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Apr 2024 02:18:01 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662f0359f53a8cd275dd7b45
x-amz-cf-pop
FRA56-P7
age
16918
x-cache
Hit from cloudfront
x-gumlet-runtime
0.346
alt-svc
h3=":443"; ma=86400
content-length
13728
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-29
etag
"2jgzio666ny00"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1yhcgqpXrFriLIauIGjrZKuFlgSYKrbWFo33oNoAeiksWTe5tUY9XQ==
PSG-win-Ligue-1-title.png
images.news9live.com/wp-content/uploads/2024/04/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/PSG-win-Ligue-1-title.png?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ce66c1b75079907ac75147ab4bfa19641b9e6adde1cc82133e11d75b92be5149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Apr 2024 02:11:12 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662f01c0f53a8cd275dd4b60
x-amz-cf-pop
FRA56-P7
age
17327
x-cache
Hit from cloudfront
x-gumlet-runtime
0.036
alt-svc
h3=":443"; ma=86400
content-length
11336
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-29
etag
"15tyzfg8w43v3"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aUNlSEZXhvFV5tjxdmNNTx1YSlmdaDtryESDLboMqTb4qoxi81zLcg==
bidennetanyahureuters.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/bidennetanyahureuters.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
557446339fdc65ad592c6cd6e5e157522e48b626cfab1f288de630af0f39410b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Apr 2024 02:00:44 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662eff4b0354a4066dce6c1a
x-amz-cf-pop
FRA56-P7
age
17955
x-cache
Hit from cloudfront
x-gumlet-runtime
0.78
alt-svc
h3=":443"; ma=86400
content-length
23046
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-29
etag
"3rqasu0dqa74q"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Zv4zG3EFa5fZOtpLRitgYuZpLfa0vxPMG_9PwI3Sa68AlJB2XqlmRg==
Ankita-Lokhande-saree-6.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/Ankita-Lokhande-saree-6.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
85a76a29d066fc8a4d2a7da90919a4fd916bdb374176debd9f58c53898d98121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Apr 2024 16:31:43 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662bd6efbaafd361d7dd7935
x-amz-cf-pop
FRA56-P7
age
224896
x-cache
Hit from cloudfront
x-gumlet-runtime
0.005
alt-svc
h3=":443"; ma=86400
content-length
14600
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-26
etag
"230lp6o2qpnx2"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
vSsIhJdp_rJoZU3H8el8aproUl3CMPyjnVeExfMOfRSpDJznxWs_1g==
Sarangpur-Hanuman-photo-today.jpeg
images.news9live.com/wp-content/uploads/2024/04/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/Sarangpur-Hanuman-photo-today.jpeg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1868ba5d68879e8e7df86e97d8d2583fa0ffe61e9fdab7a9a93b2309e07385d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Apr 2024 14:24:03 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
6627c4830bf4fa1226624d9f
x-amz-cf-pop
FRA56-P7
age
491755
x-cache
Hit from cloudfront
x-gumlet-runtime
0.007
alt-svc
h3=":443"; ma=86400
content-length
85156
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-23
etag
"e4wx1mbzwpw9"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XwTQ5LDnuM3-Cqt14fJje9XHC4rW-nKpmZ2efDWTjBpF5livZrQWIQ==
Hanuman-Jayanti-photo-gallery.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/Hanuman-Jayanti-photo-gallery.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a902befc49bd7f4e10c57f0e526f3bcedc21abe98bab721ba9e5881a0fcf444d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Apr 2024 14:24:04 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
6627c484bc726412125fa1a5
x-amz-cf-pop
FRA56-P7
age
491755
x-cache
Hit from cloudfront
x-gumlet-runtime
0.027
alt-svc
h3=":443"; ma=86400
content-length
10064
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-23
etag
"i4hfmwzpjjje"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
UHoyHCe8hH2OW7Bb9SIgQOyWTvQnnbsHniEAbytTfhm98Eno_GhkTQ==
Untitled-design-2024-04-20T081359.168.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/Untitled-design-2024-04-20T081359.168.jpg?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c19cf9cdbd41740cee85b02791a9ef327f91ebc33fe87191b4d1b27c3a3841a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Apr 2024 04:43:49 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
6625eb05037d6d5ded064108
x-amz-cf-pop
FRA56-P7
age
612970
x-cache
Hit from cloudfront
x-gumlet-runtime
0.007
alt-svc
h3=":443"; ma=86400
content-length
23082
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-20
etag
"30tgzlhaho5ly"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
HYnN-8tzGMCfc5KqWsstMcArOfwiwloZnTZAUeNHgqHiI28Z0G9Wew==
mangalsutra-2.png
images.news9live.com/wp-content/uploads/2024/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/mangalsutra-2.png?w=400
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5e8c5f085b3dddb984adbfee82428008cce35310a4b35104497f518b28737f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 Apr 2024 19:28:26 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
6622c5da037d6d5dedd8db3d
x-amz-cf-pop
FRA56-P7
age
819093
x-cache
Hit from cloudfront
x-gumlet-runtime
0.024
alt-svc
h3=":443"; ma=86400
content-length
10850
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-19
etag
"1ptp53rg50en3"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
CnvRib-ARjDZooQ85lwc_9qdCSDyGvOymkrVvTI-Nm_UgLcYX7lV7w==
googleplay.svg
www.news9live.com/wp-content/themes/news9livedesktop/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.news9live.com/wp-content/themes/news9livedesktop/images/googleplay.svg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
/
Resource Hash
b1c3a8f08ab75aca270b20a11ef900a0f07e6bf494f9a2f372b9f9ee81eff022

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 07:57:24 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-cacheable
YES:Forced
x-amz-cf-pop
FRA6-C1
age
83932
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3001
last-modified
Thu, 14 Dec 2023 04:48:12 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000
accept-ranges
bytes
x-amz-cf-id
zWSj5afL2cy-1UvcrpCQmaIeJ9pLGlBy3kDzjivOBaW6tQolpxcdFw==
expires
Wed, 23 Apr 2025 07:41:07 GMT
appstore.svg
www.news9live.com/wp-content/themes/news9livedesktop/images/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.news9live.com/wp-content/themes/news9livedesktop/images/appstore.svg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
/
Resource Hash
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 01:10:26 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-cacheable
YES:Forced
x-amz-cf-pop
FRA6-C1
age
20973
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4633
last-modified
Thu, 14 Dec 2023 04:45:18 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000
accept-ranges
bytes
x-amz-cf-id
BkNz0rmEQY1UeOjBClEIcCPkK_hRkThSt8WOHLYetCe1wrAkkWvw2Q==
expires
Thu, 24 Apr 2025 01:10:26 GMT
gtm.js
www.googletagmanager.com/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76e71a5e5f23e351795eb44392c7017bf52a1e8715f232d84ad17b084fedb2cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 06:59:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104793
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Apr 2024 06:59:59 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 03:39:10 GMT
content-encoding
gzip
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
22927
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
iNKLVkKRgB5AVPhBJWi7yJxmhTn3Uy2hLeU9Wbjlr0QeCEGctlG5bA==
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34a4181d8daf88cc53bc685e09e725966499e0ea56d4ed86df0ba62cb3f01acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 06:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 06:59:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 06:59:59 GMT
bright.svg
images.tv9hindi.com/wp-content/themes/tv9bharavarsh/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tv9hindi.com/wp-content/themes/tv9bharavarsh/images/bright.svg
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:800:10:d413:e040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eb6d97b492018690406b8a7895079bcbe77ff7f713a16beb3a7099649d16fe53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 10:54:42 GMT
content-encoding
gzip
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
65422e71a5c39c9adbee43a5
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
15537917
x-cache
Hit from cloudfront
x-gumlet-runtime
0.401
alt-svc
h3=":443"; ma=86400
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.tv9hindi.com 2023-08-26
etag
W/"3t13izcw33s45"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
Accept-Encoding,accept
access-control-allow-headers
*
x-amz-cf-id
FKOKBHlUOGpGcU7MuLzaiTl1umuvm5xXhxUXcweOrdtwv0-CfoPxRw==
Company-takes-employees-on-an-all-paid-international-trip.jpg
images.news9live.com/wp-content/uploads/2024/04/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.news9live.com/wp-content/uploads/2024/04/Company-takes-employees-on-an-all-paid-international-trip.jpg?w=802&enlarge=true
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
31e98abddff38a7437dd14941ac4efaa69b922f5bd2701ea4e5c3031eacf384d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 Apr 2024 08:16:36 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid
662cb46397fbd1ed0fa75cba
x-amz-cf-pop
FRA56-P7
age
168203
x-cache
Hit from cloudfront
x-gumlet-runtime
1.035
alt-svc
h3=":443"; ma=86400
content-length
46494
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key
images.news9live.com 2024-04-27
etag
"e753v8782mnc"
access-control-max-age
3600
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary
accept
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Z1UETeJz4-G_hmpE2gEGAcAYqEKLcBLzi-OyBvpSCg3VXl871dEURA==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		253 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=news9live.com&domain=news9live.com&path=%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
121628006bfe0ae1216ee906d623fec02ecb74692dd921d78a937a6e32fb0687

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 29 Apr 2024 07:00:00 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
189
x-served-by
cache-fra-etou8220086-FRA
x-timer
S1714374000.930935,VS0,VE108
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 27 Apr 2024 06:59:59 GMT
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=33425927&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1714373999887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405&c8=%27First%20flight%20for%20many%27%3A%20Firm%20takes%20employees%20on%20an%20all-paid%20international%20trip%20%7C%20Viral%20News%20-%20News9live&c9=
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-107.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 06:59:59 GMT
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
GbpNQq4oGR0pISvMPBlkAfBewGXBu-mCg8CEiiOKHmNNPlQPzGUQNQ==
x-cache
Miss from cloudfront
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 13:28:46 GMT
x-content-type-options
nosniff
age
581473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 13:28:46 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 09:09:55 GMT
x-content-type-options
nosniff
age
510604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38372
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:15:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 09:09:55 GMT
nKKU-Go6G5tXcr5mOBWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5mOBWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 04:39:34 GMT
x-content-type-options
nosniff
age
526825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19292
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:56:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 04:39:34 GMT
nKKU-Go6G5tXcr4uPhWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr4uPhWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 23:03:46 GMT
x-content-type-options
nosniff
age
546973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19336
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 23:03:46 GMT
nKKU-Go6G5tXcr5KPxWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 00:22:57 GMT
x-content-type-options
nosniff
age
196622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19572
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 00:22:57 GMT
nKKU-Go6G5tXcr4-ORWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr4-ORWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8545021ffd4b062ea76df6ab092f50a7c0de35d61132769dc7b43afcdb0fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 08:17:03 GMT
x-content-type-options
nosniff
age
168176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19128
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:52:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 08:17:03 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/ 		448 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e838bb8caf249027ff1236bb9a02e382e21fe497273c1ba28edc4188b1e22873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
31034
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142995
x-xss-protection
0
server
cafe
etag
2748456399490205869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 28 Apr 2025 22:22:45 GMT
21874393853
fundingchoicesmessages.google.com/i/ 		181 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21874393853?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
917c071f093915bb0849a72aafd0f635eff55e722ca3b969a8f2a0419563a967
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DqR0ER48RK8x4V1G3sVymw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:00:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DqR0ER48RK8x4V1G3sVymw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhbo4PXXs3sgl0tGziBwDOjioZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EQBYL0ZYL8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f6b387869c2375f1859c19f83710a41b3bb8da2ec8eb00c614257dfe88ad886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:00:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99347
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Apr 2024 07:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		216 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10903970923&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c2ec9e0430a1d52840d70b8f116803a8c38c885ba194acb8597bfd9380a7bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:00:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79993
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Apr 2024 07:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=133412182&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405&ul=de-de&de=UTF-8&dt=%27First%20flight%20for%20many%27%3A%20Firm%20takes%20employees%20on%20an%20all-paid%20international%20trip%20%7C%20Viral%20News%20-%20News9live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=946682876&gjid=292886366&cid=1659061633.1714374000&tid=UA-187221534-1&_gid=1338348196.1714374000&_r=1&_slc=1&gtm=45He44o0n81WJFDD5Bv838264729za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2047693567
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
af5a02c410a901938ff6821c6d307027a7c64b717c88ed320108487eb27cdaef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 07:00:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.news9live.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-187221534-1&cid=1659061633.1714374000&jid=946682876&gjid=292886366&_gid=1338348196.1714374000&npa=1&_u=YEBAAEAAAAAAACAAI~&z=602994966
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 29 Apr 2024 07:00:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.news9live.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FJ5NWRJ11F&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
c7fe64af77ac9c1975c2855abc80da8fba4c29408af790ae4cd53aa63b1cdf71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:00:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91973
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Apr 2024 07:00:00 GMT
AGSKWxVpV0-9ElacornGeFBiXnh2ldQ577YI1BnH0DWH0aqx1YyEu8c89O-lvZEltP_a66fp8syaaemjzxsI6bC7C5fn6uQ1KRG2camrOx9EbNuzwoc_jTRJloARYOa0rcVXddbOjcx6ZQ==
fundingchoicesmessages.google.com/f/ 		403 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVpV0-9ElacornGeFBiXnh2ldQ577YI1BnH0DWH0aqx1YyEu8c89O-lvZEltP_a66fp8syaaemjzxsI6bC7C5fn6uQ1KRG2camrOx9EbNuzwoc_jTRJloARYOa0rcVXddbOjcx6ZQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0Mzc0MDAwLDc4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5uZXdzOWxpdmUuY29tL3ZpcmFsLW5ld3MvZmlyc3QtZmxpZ2h0LWZvci1tYW55LWZpcm0tdGFrZXMtZW1wbG95ZWVzLW9uLWFuLWFsbC1wYWlkLWludGVybmF0aW9uYWwtdHJpcC0yNTE0NDA1IixudWxsLFtbOCwidURjdG1tZ0pMQmciXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uDctmmgJLBg.es5.O/am=gAE/d=1/rs=AJlcJMwNifH9ZQN3aBBnic9VQS8RTmtN2g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31385767ab1b018f3c82e42d309685f6082fbd5e40ac6c741869dfc00f35b312
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mytGERYxQW8fx9iwoN3Gew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 07:00:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mytGERYxQW8fx9iwoN3Gew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhbo4PXXs3sglsuLHPEQDRNirV"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FJ5NWRJ11F&gtm=45je44o0v9117674547za200&_p=1714373999842&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tcfd=10001&ul=de-de&sr=1600x1200&cid=1659061633.1714374000&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405&dt=%27First%20flight%20for%20many%27%3A%20Firm%20takes%20employees%20on%20an%20all-paid%20international%20trip%20%7C%20Viral%20News%20-%20News9live&sid=1714374000&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=353
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FJ5NWRJ11F&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 07:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.news9live.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uDctmmgJLBg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyC2lXMd9SOjtp5e0_FiY3pGisqnQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 07:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 07:00:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 07:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
202444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 19:45:43 GMT
x-content-type-options
nosniff
age
558857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 19:45:43 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EQBYL0ZYL8&gtm=45je44o0v9123311582z8838264729za200&_p=1714373999842&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=1659061633.1714374000&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714374000&sct=1&seg=0&dl=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405&dt=%27First%20flight%20for%20many%27%3A%20Firm%20takes%20employees%20on%20an%20all-paid%20international%20trip%20%7C%20Viral%20News%20-%20News9live&en=page_view&_fv=1&_ss=1&ep.page_type=Detail&ep.content_id=2514405&ep.content_type=NewsArticle&ep.word_count=564&ep.author_name=Ria%20Kapoor&ep.author_id=2553&ep.edit_by_author_name=Ria%20Kapoor&ep.edit_by_author_id=2553&ep.title=%26%238216%3BFirst%20flight%20for%20many%26%238217%3B%3A%20Firm%20takes%20employees%20on%20an%20all-paid%20international%20trip&ep.published_date=2024-04-27T13%3A45%3A23%2B05%3A30&ep.modification_date=2024-04-27T17%3A10%3A34%2B05%3A30&ep.article_position=NA&ep.category=Viral%20News&ep.anchor_name=NA&ep.sub_category=NA&ep.previous_source=NA&ep.day_parting=NA&up.client_id=&tfd=437
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQBYL0ZYL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 07:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.news9live.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EQBYL0ZYL8&cid=1659061633.1714374000&gtm=45je44o0v9123311582z8838264729za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQBYL0ZYL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 07:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.news9live.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVEfvYAOxKZS-dIK8JjL7qz1Zf0ObXDdmOY3X-wreBwCHMVYflrey52Od8edxhbR326mffdSljkGCtduekzh82GHXqml6k5k7B5wzH6Dw9zv5qF20LF0TvSpS0oAJUzVFnpgs0VTg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVEfvYAOxKZS-dIK8JjL7qz1Zf0ObXDdmOY3X-wreBwCHMVYflrey52Od8edxhbR326mffdSljkGCtduekzh82GHXqml6k5k7B5wzH6Dw9zv5qF20LF0TvSpS0oAJUzVFnpgs0VTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uDctmmgJLBg.es5.O/am=gAE/d=1/rs=AJlcJMwNifH9ZQN3aBBnic9VQS8RTmtN2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GGUFUTSv8jAHOKvgQhrFww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Apr 2024 07:00:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-GGUFUTSv8jAHOKvgQhrFww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1hDgFiIm-ND196NbAIH5p8pBQC6rQwv"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.news9live.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EQBYL0ZYL8&cid=1659061633.1714374000&gtm=45je44o0v9123311582z8838264729za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1519379947
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 07:00:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
www.news9live.com/wp-content/themes/news9livedesktop/images/ico/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.news9live.com/wp-content/themes/news9livedesktop/images/ico/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
/
Resource Hash
4c0b65516ef902a3874f24cb01aa0e086e9ca9ad9f9bd29711f540ef970aeba9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 04:26:24 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 11:00:26 GMT
x-cacheable
YES:Forced
age
11544
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/x-icon
cache-control
max-age=31104000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3774
x-amz-cf-id
YPZf77xGOaPgVV-kPvM159xYHZAKGmQwwrLcfjgg2xbbk33n7b4ZRw==
expires
Thu, 24 Apr 2025 03:47:36 GMT
loader.js
cdn.taboola.com/libtrc/tv9-news9live/ 		824 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Requested by
Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ce0c152d7ed8ac4003891fab3482c753780c71e32db6d4424e4a078f8e68adb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
smoM_a3ta1OdBFWYuoWsPDQ9EOeqKGzD
content-encoding
gzip
via
1.1 varnish
date
Mon, 29 Apr 2024 07:00:02 GMT
x-amz-request-id
ESD4EXRBGQ4M2QMG
age
10785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
4
x-amz-replication-status
FAILED
content-length
212694
x-amz-id-2
xrYTKUnDyXkWZOLw0EwE/waugrFMVXaoTQlzfMjpZLxDJUSTSqfzTrpCTqy9Qgq61ebejr6igpY=
x-served-by
cache-fra-etou8220132-FRA
last-modified
Mon, 29 Apr 2024 04:00:17 UTC
server
nginx
x-timer
S1714374003.881334,VS0,VE1
etag
"e8853669a3b235fe4cd7f67796b195c126c85b4d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
0
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
tr5
cdn.taboola.com/libtrc/ 		3 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=video-loAF-prod-vidstat_var
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-etou8220132-FRA
date
Mon, 29 Apr 2024 07:00:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1714374003.927369,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
load.js
pm-widget.taboola.com/tv9-news9live/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tv9-news9live/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c6a1d10c2fcb2ea2b24c44d3b18b86184cf047921912cd4598437284ad5d5b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
CvIklAIwFFcR7CkBxr6y0rABXRiC4x8l
content-encoding
gzip
via
1.1 varnish
date
Mon, 29 Apr 2024 07:00:03 GMT
x-amz-request-id
4QT4GDZ4295C1KGJ
age
2558
x-cache
HIT
content-length
1135
x-amz-id-2
BQNavNzec0XQ4oEigBvjX5QAyOVoSMwdLYvXbJdxdwbOVnmdzFaTtLdhvieUwAkE4E2YeH8Cj3c=
x-served-by
cache-fra-etou8220132-FRA
last-modified
Tue, 12 Mar 2024 06:17:12 GMT
server
AmazonS3
x-timer
S1714374003.438543,VS0,VE1
etag
"07e1ad2d3aa552a5d0fd281451b4e4cf"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
impl.20240425-11-RELEASE.js
cdn.taboola.com/libtrc/ 		894 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240425-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
547cf834b1dd6f1cc2dad9a684631b36e0b5050dae72dffd1cc08bbb2ea9365e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BzCeX03YnYOwu5buHvITmOmkRFFKWDlg
content-encoding
br
via
1.1 varnish
date
Mon, 29 Apr 2024 07:00:03 GMT
x-amz-request-id
SN437QHT9MNVDGE9
age
13666
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
185743
x-amz-id-2
MhZvNXjQRTJbOlAdeQzIKbXXKlfrtFfVA5sMqxYYWvFZQdgojABF644+NP5zKU2N1eLPC7EfjiQ=
x-served-by
cache-fra-etou8220132-FRA
last-modified
Thu, 25 Apr 2024 11:12:16 GMT
server
AmazonS3-br
x-timer
S1714374003.440454,VS0,VE0
etag
"4005c2f054d364681bf07a2ade2fa018"
vary
Accept-Encoding
content-type
application/javascript
abp
67
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12946
json
trc.taboola.com/tv9-news9live/trc/3/ 		22 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tv9-news9live/trc/3/json?llvl=2&tim=09%3A00%3A03.438&lti=video-loAF-prod-vidstat_var&pubit=i&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%225830%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1714374003439%2C%22cv%22%3A%2220240425-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405%22%2C%22vpi%22%3A%22%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9121%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22video-loAF-prod-vidstat_var%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22cd%22%3A8473.06%2C%22mw%22%3A929.94%7D%5D%2C%22pev%22%3A%2214960%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22124.0.6367.78%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1714044337870%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c7b65f4a95d4e239d2e9c4e47b87526601c3d9d5a460e0b31bf8ff4dc5c1784

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
265
date
Mon, 29 Apr 2024 07:00:03 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.6916666666666668
x-fastly-to-nlb-rtt
7321
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220132-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1714374003.452333,VS0,VE265
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.news9live.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pmk-20220605.1.js
pm-widget.taboola.com/tv9-news9live/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tv9-news9live/pmk-20220605.1.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/tv9-news9live/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eeab7e57e6b676e636c570ae4ebc00150e4007c9ae3a6aee42f4a608f58e3d1d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bBrYrec6o61uOMP52hPula3Xti8yoB5M
content-encoding
gzip
via
1.1 varnish
date
Mon, 29 Apr 2024 07:00:03 GMT
x-amz-request-id
ZJFE1JPVM9ZYC905
age
2011753
x-cache
HIT
content-length
24281
x-amz-id-2
xR31656nerNklUC7uL/e1cNBqe9dbmTPhgRfReDQ3BmNKOAVPh+S0dkB1BxmAs/Mof3FJPVSbgM=
x-served-by
cache-fra-etou8220072-FRA
last-modified
Tue, 12 Mar 2024 06:17:11 GMT
server
AmazonS3
x-timer
S1714374003.467222,VS0,VE1
etag
"48f6ab93be520d310e4586a0d38c69e3"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
0
card-interference-detector.20240425-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20240425-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cace3ec25675a6f8a95c613fcf56cc3a63ee4296af7c7296a80bb50abe04090b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
b5kX_.bqXBn8vxQKAURv.XHobafpY.5q
content-encoding
gzip
via
1.1 varnish
date
Mon, 29 Apr 2024 07:00:03 GMT
x-amz-request-id
5RR2VEFJY0EVE4B1
age
330269
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
OqzbHVnzdR7hFQCjndOX7bJ+cXwAH37u4fzNBI+7baIcyZYFkQjTSEiyFJGd68+M7X92hM5J6ms=
x-served-by
cache-fra-etou8220132-FRA
last-modified
Thu, 25 Apr 2024 11:15:33 GMT
server
AmazonS3
x-timer
S1714374003.478065,VS0,VE0
etag
"793902dd2df6f2664214d395be652e9e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
85601
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.news9live.com/
Origin
https://www.news9live.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Mon, 29 Apr 2024 07:00:03 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
1652
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220072-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1714374004.732217,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
84
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4350
debug
am-trc-events.taboola.com/tv9-news9live/log/2/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/2/debug?type=warn&msg=loafSupported%3Atrue&lt=video-loAF-prod-vidstat_var&tvi48=10637&tvi50=11105&tvi62=15730&tim=09%3A00%3A03.727&id=51264&cv=20240425-11-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
date
Mon, 29 Apr 2024 07:00:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15418
debug
am-trc-events.taboola.com/tv9-news9live/log/2/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/2/debug?type=warn&msg=Taboola%20Push%20Option%20modes%20%22thumbnails-a%22%20not%20present%20in%20Publisher%20Config%20modes.&lt=video-loAF-prod-vidstat_var&tvi48=10637&tvi50=11105&tvi62=15730&tim=09%3A00%3A03.727&id=82491&cv=20240425-11-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
date
Mon, 29 Apr 2024 07:00:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15418
debug
am-trc-events.taboola.com/tv9-news9live/log/2/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20Below%20Article%20Thumbnails%20%7C%20Injected%201&lt=video-loAF-prod-vidstat_var&tvi48=10637&tvi50=11105&tvi62=15730&tim=09%3A00%3A03.727&id=74394&cv=20240425-11-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
date
Mon, 29 Apr 2024 07:00:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15418
debug
am-trc-events.taboola.com/tv9-news9live/log/2/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20Below%20Article%20Thumbnails%20%7C%20Injected%201&lt=video-loAF-prod-vidstat_var&tvi48=10637&tvi50=11105&tvi62=15730&tim=09%3A00%3A03.727&id=90601&cv=20240425-11-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
date
Mon, 29 Apr 2024 07:00:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15418
social
am-trc-events.taboola.com/tv9-news9live/log/3/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/3/social?lti=video-loAF-prod-vidstat_var&ri=94ebce5be2d7906ae47ec520644e1f14&sd=v2_cbae741e4ba0f344844343d83a498d30_d2d82459-2974-4998-be03-7c036fec0224-tuctd28caf3_1714374003_1714374003_CNawjgYQz-deGO-VncXyMSABKAEwODib4wlAgooQSPO62QNQ____________AVgAYABonsvVgc3k1JjyAXAA&ui=d2d82459-2974-4998-be03-7c036fec0224-tuctd28caf3&pi=%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405&wi=1497694305933432309&pt=text&vi=1714374003439&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%E2%80%98First%20flight%20for%20many%E2%80%99%3A%20Firm%20takes%20employees%20on%20an%20all-paid%20international%20trip%22%2C%22sec%22%3A%22viral-news%22%2C%22aut%22%3A%5B%22Ria%20Kapoor%22%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.news9live.com%2Fwp-content%2Fuploads%2F2024%2F04%2FCompany-takes-employees-on-an-all-paid-international-trip.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
pragma
no-cache
date
Mon, 29 Apr 2024 07:00:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/tv9-news9live/log/3/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/3/metrics?route=AM%3AAM%3AV&lti=video-loAF-prod-vidstat_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
pragma
no-cache
date
Mon, 29 Apr 2024 07:00:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/tv9-news9live/log/3/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/tv9-news9live/log/3/abtests?route=AM%3AAM%3AV&lti=video-loAF-prod-vidstat_var&tvi48=10637&tvi50=11105&tvi62=15730&ri=94ebce5be2d7906ae47ec520644e1f14&sd=v2_cbae741e4ba0f344844343d83a498d30_d2d82459-2974-4998-be03-7c036fec0224-tuctd28caf3_1714374003_1714374003_CNawjgYQz-deGO-VncXyMSABKAEwODib4wlAgooQSPO62QNQ____________AVgAYABonsvVgc3k1JjyAXAA&ui=d2d82459-2974-4998-be03-7c036fec0224-tuctd28caf3&pi=%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employees-on-an-all-paid-international-trip-2514405&wi=1497694305933432309&pt=text&vi=1714374003439&tim=09%3A00%3A03.730&id=91422&llvl=2&cv=20240425-11-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1714374003730%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.news9live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.news9live.com
pragma
no-cache
date
Mon, 29 Apr 2024 07:00:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| dayPart object| dataLayer object| _sf_async_config object| googletag object| _comscore function| setTheme function| toggleTheme object| _taboola function| socialfun function| tabLoadJWScript function| tabCallbackFunction number| scrollPos object| _izq function| r function| Jt object| n function| t function| Splide object| _cb_shared object| COMSCORE object| ns_p object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| _cbm object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NzYwMWY4MjJiY2MzYWM2OGxvYWRlcl9qcw== string| NzYwMWY4MjJiY2MzYWM2OGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| TRC object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRCImpl undefined| __startEngine object| __visibleCallbackList object| __visibleElementToIdMap object| __visibleIdToElementMap boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand boolean| _tb_vautop object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| bg object| image

6 Cookies

Domain/Path Name / Value
.news9live.com/ Name: _gcl_au
Value: 1.1.564996892.1714374000
.news9live.com/ Name: _gid
Value: GA1.2.1338348196.1714374000
.news9live.com/ Name: _gat_UA-187221534-1
Value: 1
.news9live.com/ Name: _ga_FJ5NWRJ11F
Value: GS1.2.1714374000.1.0.1714374000.0.0.0
.news9live.com/ Name: _ga_EQBYL0ZYL8
Value: GS1.1.1714374000.1.0.1714374000.60.0.0
.news9live.com/ Name: _ga
Value: GA1.1.1659061633.1714374000

1 Console Messages

Source Level URL
Text
other warning URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js(Line 99)
Message:
Unrecognized feature: 'browsing-topics'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am-trc-events.taboola.com
cdn.taboola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
images.news9live.com
images.tv9hindi.com
mab.chartbeat.com
pm-widget.taboola.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
trc.taboola.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.news9live.com
141.226.228.48
142.250.186.35
151.101.1.44
151.101.65.44
172.217.16.200
172.217.18.14
18.245.60.107
2001:4860:4802:32::36
2600:9000:2491:6a00:1e:2598:7140:93a1
2600:9000:2646:7a00:18:1fcd:353:c61
2600:9000:2646:800:10:d413:e040:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2008
2a00:1450:400c:c00::9c
2a04:4e42:200::714
99.86.4.108
121628006bfe0ae1216ee906d623fec02ecb74692dd921d78a937a6e32fb0687
1868ba5d68879e8e7df86e97d8d2583fa0ffe61e9fdab7a9a93b2309e07385d0
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
31385767ab1b018f3c82e42d309685f6082fbd5e40ac6c741869dfc00f35b312
31e98abddff38a7437dd14941ac4efaa69b922f5bd2701ea4e5c3031eacf384d
34a4181d8daf88cc53bc685e09e725966499e0ea56d4ed86df0ba62cb3f01acd
37dfa37d2ef5034fc8151191d2b3a12d5d9cbd28acea4d8b61c53827eb7f6a94
3a3d382a217755cfc1af06cd9ca7bc6894e1952919ec0a1e9a37f34c2572ecc5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c7b65f4a95d4e239d2e9c4e47b87526601c3d9d5a460e0b31bf8ff4dc5c1784
4c0b65516ef902a3874f24cb01aa0e086e9ca9ad9f9bd29711f540ef970aeba9
4d1c52cf3be8e87cdd51bfcd63dde0a4da1d112b6a156fd3ffb7d411310030c3
547cf834b1dd6f1cc2dad9a684631b36e0b5050dae72dffd1cc08bbb2ea9365e
557446339fdc65ad592c6cd6e5e157522e48b626cfab1f288de630af0f39410b
5e8c5f085b3dddb984adbfee82428008cce35310a4b35104497f518b28737f9a
5f6b387869c2375f1859c19f83710a41b3bb8da2ec8eb00c614257dfe88ad886
631c134347f7b7df2e3701e7f0854e73643c97bae4a8a90121dbb313552de880
68226f459e03a806fa54ed1f8e0f89d7ce153fd034ae9e15cbaaf1708d21ffc9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
76e71a5e5f23e351795eb44392c7017bf52a1e8715f232d84ad17b084fedb2cc
7c2ec9e0430a1d52840d70b8f116803a8c38c885ba194acb8597bfd9380a7bf7
7c6a1d10c2fcb2ea2b24c44d3b18b86184cf047921912cd4598437284ad5d5b6
7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
853b1f904f727006ca59d715ff7a7d7d9fe8c6d78948f9df13065a424c1bf286
85a76a29d066fc8a4d2a7da90919a4fd916bdb374176debd9f58c53898d98121
8ff7118cce20898a59c5412e32ea1ef5577b66c3f9f17dc33258cd871659d307
917c071f093915bb0849a72aafd0f635eff55e722ca3b969a8f2a0419563a967
98311c6170fb31d06e30da2cbbdf50e140d5880d1a61e6cbc37a1fdeae74d8c4
9ce0c152d7ed8ac4003891fab3482c753780c71e32db6d4424e4a078f8e68adb
a902befc49bd7f4e10c57f0e526f3bcedc21abe98bab721ba9e5881a0fcf444d
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
af5a02c410a901938ff6821c6d307027a7c64b717c88ed320108487eb27cdaef
b1c3a8f08ab75aca270b20a11ef900a0f07e6bf494f9a2f372b9f9ee81eff022
ba5dba136ce911be4bad4765513b738c0635fb17ffab81c077472e7d489740cc
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c19cf9cdbd41740cee85b02791a9ef327f91ebc33fe87191b4d1b27c3a3841a9
c7fe64af77ac9c1975c2855abc80da8fba4c29408af790ae4cd53aa63b1cdf71
c8545021ffd4b062ea76df6ab092f50a7c0de35d61132769dc7b43afcdb0fc75
cace3ec25675a6f8a95c613fcf56cc3a63ee4296af7c7296a80bb50abe04090b
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
ce66c1b75079907ac75147ab4bfa19641b9e6adde1cc82133e11d75b92be5149
dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5
e838bb8caf249027ff1236bb9a02e382e21fe497273c1ba28edc4188b1e22873
e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28
eb6d97b492018690406b8a7895079bcbe77ff7f713a16beb3a7099649d16fe53
ec5361f690dd9ba267e5eded9d97fe0b2eed7c7fa0514bda4ce870b321538c90
eeab7e57e6b676e636c570ae4ebc00150e4007c9ae3a6aee42f4a608f58e3d1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa636cf1a20bcb12f409402000c160ac8e0d524a0613ecc1a0afdfb081ae7212