www.news9live.com Open in urlscan Pro
99.86.4.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Submission: On April 29 via api (April 29th 2024, 7:00:52 am UTC) from AE — Scanned from DE

Summary HTTP 52 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 52 HTTP transactions. The main IP is 99.86.4.73, located in United States and belongs to AMAZON-02, US. The main domain is www.news9live.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 11th 2023. Valid for: a year.

This is the only time www.news9live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	99.86.4.73 99.86.4.73	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:d000:10:d413:e040:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:249... 2600:9000:2491:1600:1e:2598:7140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
1	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
52	19

7 99.86.4.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-73.fra6.r.cloudfront.net

www.news9live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:d000:10:d413:e040:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.tv9hindi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2491:1600:1e:2598:7140:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.news9live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	news9live.com www.news9live.com images.news9live.com — Cisco Umbrella Rank: 707223	296 KB
7	gstatic.com fonts.gstatic.com	287 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 981 pm-widget.taboola.com — Cisco Umbrella Rank: 3575	417 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660 region1.analytics.google.com — Cisco Umbrella Rank: 2941	124 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	367 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	170 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	7 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 183	3 KB
2	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1574 mab.chartbeat.com — Cisco Umbrella Rank: 2768	11 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7278	63 B
1	tv9hindi.com images.tv9hindi.com — Cisco Umbrella Rank: 903174	1 KB
52	12

	Domain	Requested by
10	images.news9live.com	www.news9live.com
7	fonts.gstatic.com	fonts.googleapis.com www.news9live.com
7	www.news9live.com	www.news9live.com
4	www.googletagmanager.com	www.news9live.com www.googletagmanager.com www.google-analytics.com
3	cdn.taboola.com	www.news9live.com cdn.taboola.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.news9live.com
2	sb.scorecardresearch.com	www.news9live.com
2	securepubads.g.doubleclick.net	www.news9live.com securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	www.news9live.com
1	region1.analytics.google.com	www.googletagmanager.com
1	mab.chartbeat.com	static.chartbeat.com
1	images.tv9hindi.com	www.news9live.com
1	static.chartbeat.com	www.news9live.com
52	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
tv9hindi.com
tv9marathi.com
tv9telugu.com
tv9kannada.com
tv9bangla.com
tv9gujarati.com
tv9punjabi.com
www.trends9.com
money9.com
www.news9plus.com
whatsapp.com
play.google.com
apps.apple.com
www.tv9.com

Subject Issuer	Validity	Valid
news9live.com Amazon RSA 2048 M02	`2023-12-11` - `2025-01-08`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.tv9hindi.com Amazon ECDSA 256 M02	`2024-01-17` - `2025-02-15`	a year	crt.sh
images.news9live.com Amazon RSA 2048 M02	`2023-10-17` - `2024-11-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Frame ID: 645EB3AC0D600B6EBB57C0EF125F2B80
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not found - 404

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

52
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

18
Subdomains

19
IPs

3
Countries

1704 kB
Transfer

4938 kB
Size

6
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/News9live/

Search URL Search Domain Scan URL

URL: https://twitter.com/News9Tweets

Search URL Search Domain Scan URL

URL: https://www.instagram.com/news9live/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/NEWS9LIVE

Search URL Search Domain Scan URL

URL: https://tv9hindi.com/
Title: TV9Hindi.com

Search URL Search Domain Scan URL

URL: https://tv9marathi.com/
Title: TV9Marathi.com

Search URL Search Domain Scan URL

URL: https://tv9telugu.com/
Title: TV9Telugu.com

Search URL Search Domain Scan URL

URL: https://tv9kannada.com/
Title: TV9Kannada.com

Search URL Search Domain Scan URL

URL: https://tv9bangla.com/
Title: TV9Bangla.com

Search URL Search Domain Scan URL

URL: https://tv9gujarati.com/
Title: TV9Gujarati.com

Search URL Search Domain Scan URL

URL: https://tv9punjabi.com/
Title: TV9Punjabi.com

Search URL Search Domain Scan URL

URL: https://www.trends9.com/
Title: Trends9.com

Search URL Search Domain Scan URL

URL: https://money9.com/
Title: Money9.com

Search URL Search Domain Scan URL

URL: https://www.news9plus.com/
Title: News9Plus.com

Search URL Search Domain Scan URL

URL: https://whatsapp.com/channel/0029VaAAeZxFCCocxNHPM707
Title: Join News9 on WhatsApp

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.tv9news

Search URL Search Domain Scan URL

URL: https://apps.apple.com/in/app/tv9-app-live-tv-latest-news/id1671484759

Search URL Search Domain Scan URL

URL: https://www.tv9.com/complaint-redressal-news9.html
Title: Complaint Redressal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request first-flight-for-many-firm-takes-employ Show response
www.news9live.com/viral-news/ 157 KB
40 KB 509ms
414ms Document
text/html 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: c8f08a95bebac24ef4b5ece9abfda42669eeff9e0ecdca94b0a9c421289a8eae

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 40170
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 07:00:46 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
vary: Accept-Encoding Origin
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id: EjkNe2Ve1gtI2DF6PE-Pb8Wn_zYfbq7wmgIIhF00Dnktpt1yWgthfA==
x-amz-cf-pop: FRA6-C1
x-cache: Error from cloudfront
x-cacheable: NO:UNCACHEABLE

GET
H2 200 slider.css
www.news9live.com/wp-content/themes/news9livedesktop/css/ 5 KB
2 KB 40ms
39ms Stylesheet
text/css 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9live.com/wp-content/themes/news9livedesktop/css/slider.css?ver=1.2
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:26:41 GMT
content-encoding: gzip
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-cacheable: YES:Forced
x-amz-cf-pop: FRA6-C1
age: 31158
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1327
last-modified: Mon, 11 Dec 2023 07:55:49 GMT
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
x-amz-cf-id: Qv87mdTsy4qnpjFVaYUyO_Z1txjfOInmFCwRTJOJaWjIczW7rPKapA==
expires: Wed, 23 Apr 2025 22:21:28 GMT

GET
H2 200 slider.js Show response
www.news9live.com/wp-content/themes/news9livedesktop/js/ 29 KB
13 KB 45ms
45ms Script
application/javascript 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9live.com/wp-content/themes/news9livedesktop/js/slider.js?ver=1.2
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: 37dfa37d2ef5034fc8151191d2b3a12d5d9cbd28acea4d8b61c53827eb7f6a94

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 02:43:33 GMT
content-encoding: gzip
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-cacheable: YES:Forced
x-amz-cf-pop: FRA6-C1
age: 15704
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12856
last-modified: Mon, 11 Dec 2023 07:56:10 GMT
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
x-amz-cf-id: ZjTnBuDXJKH3ng6fkZtJbHdv136VlRWloJP1zZju8qzJG2l_aqktRA==
expires: Thu, 24 Apr 2025 02:39:02 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 153ms
42ms Script
application/x-javascript 2600:9000:2646:800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 18:33:07 GMT
content-encoding: gzip
via: 1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 44860
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: fvVKFWrdiA6o_QJV0VuIGLvqKytDw-ZW_RCXmnvdVI8SiovxukfTzA==
expires: Mon, 29 Apr 2024 18:33:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 94 KB
30 KB 148ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

612ceaf8957690a14b9bfa741dac7ba047af145cf34d286f367ac87d586e8af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30130
x-xss-protection: 0
server: cafe
etag: 704 / 19842 / 31083073 / config-hash: 8127643254797218485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 317 KB
103 KB 167ms
76ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c0da752cf080d946cce355ff0bf5769663995f5739e361a27d5a53824459382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104814
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 139ms
40ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 02:58:37 GMT
content-encoding: gzip
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 22975
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: R41pDxWcZ9tj5LXMC6lIm0dD6Qa3u7v9LJzyP2kq_YaQmqowV46y4w==

GET
H2 200 bright.svg
images.tv9hindi.com/wp-content/themes/tv9bharavarsh/images/ 1 KB
1 KB 222ms
43ms Image
image/svg+xml 2600:9000:2646:d000:10:d413:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.tv9hindi.com/wp-content/themes/tv9bharavarsh/images/bright.svg

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:d000:10:d413:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

eb6d97b492018690406b8a7895079bcbe77ff7f713a16beb3a7099649d16fe53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Nov 2023 10:54:42 GMT
content-encoding: gzip
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 65422e71a5c39c9adbee43a5
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 15537965
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.401
alt-svc: h3=":443"; ma=86400
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.tv9hindi.com 2023-08-26
etag: W/"3t13izcw33s45"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: Accept-Encoding,accept
access-control-allow-headers: *
x-amz-cf-id: Aa4Q0lgEwHOdJycehyogNvkC3Hj9cu5JJzBH3VXlbu7iyh0KdLlijA==

GET
H3 200 404.svg
www.news9live.com/wp-content/themes/news9livedesktop/images/ 17 KB
8 KB 42ms
41ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9live.com/wp-content/themes/news9livedesktop/images/404.svg
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: 887d369519e4f743e2e5977adb8512929b5a1d90d8a4d73c2c5b97aef4ccd531

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:42:09 GMT
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-cacheable: YES:Forced
age: 58718
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7709
last-modified: Thu, 21 Dec 2023 05:49:27 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
accept-ranges: bytes
x-amz-cf-id: ULjmLUj2HI3EcShydVlYyKLdjCWLgA_VKdfLl_AzIcrWemUjtx4TDA==
expires: Wed, 23 Apr 2025 14:42:09 GMT

GET
H2 200 PTI04_27_2024_000094A.jpg
images.news9live.com/wp-content/uploads/2024/04/ 22 KB
23 KB 1739ms
1480ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/PTI04_27_2024_000094A.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1408cc337fe94ec8a2a71423ae8a9448e796807bb4ed97b01dc8de7808d92514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 07:00:48 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 662f459f4e8431ae791faa58
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-gumlet-runtime: 1.41
alt-svc: h3=":443"; ma=86400
content-length: 22250
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-29
etag: "1rqm46qo1f2o7"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aPdOsq127pQvziQh86HicqT5nwZSft1UEk4DJz1UfdpK4xe0bl3oIA==

GET
H2 200 Vehicle-scrapping.jpg
images.news9live.com/wp-content/uploads/2024/04/ 19 KB
19 KB 386ms
127ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/Vehicle-scrapping.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

62abee5c0a8f21510a16f441edb84fbb493f90ae5042ebfbadfbb7faf8c79892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:58:37 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 662f451cbdcfd0b5277a9128
x-amz-cf-pop: FRA56-P7
age: 130
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.708
alt-svc: h3=":443"; ma=86400
content-length: 19048
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-29
etag: "3h3c55uo3i3r5"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: yRKoIWLyy17gZjLO-jYUqjb7xpsLYfPCK-4JYFe_3I5cXxu6NNuyDw==

GET
H2 200 bamindore.jpg
images.news9live.com/wp-content/uploads/2024/04/ 15 KB
16 KB 395ms
137ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/bamindore.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

41375bde30ee7a1df61fc1006b16ed5ec5a68977293b7b7622c562f65ab778b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: MISS
date: Mon, 29 Apr 2024 06:57:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: MISS
x-gumlet-reqid: Zi9EvzMRBvbIXBeq
x-amz-cf-pop: FRA56-P7
age: 223
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.87
alt-svc: h3=":443"; ma=86400
content-length: 15416
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-29
etag: "ht45k54wpw19"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: UQbjPiwiDgHdhXVLkIhk8FBuF6bO5ezTSp2gr1nUqFKM-Eo9Z4EoOw==

GET
H2 200 Apple-Pencil.jpg
images.news9live.com/wp-content/uploads/2024/04/ 8 KB
9 KB 306ms
48ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/Apple-Pencil.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0cd87504ca5840a2003b7eb48921343f3392fa6ff8680a9824f98bda67914c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:53:09 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 662f43d54e8431ae791f8b52
x-amz-cf-pop: FRA56-P7
age: 458
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.373
alt-svc: h3=":443"; ma=86400
content-length: 8292
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-29
etag: "3k802nveub75g"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: tbx0Q7dkuHWyjQBm2yKR7Cc7DofjkVFlNWL8jywqT6LU2ci6vSgrkA==

GET
H2 200 pexels-george-milton-7034744-2.jpg
images.news9live.com/wp-content/uploads/2024/04/ 9 KB
10 KB 301ms
44ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/pexels-george-milton-7034744-2.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4c4e356e4e79154ec20470a76e1e375b7f58ae10215b2d28f7f106830d092873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:46:18 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 662f423a77885d097e4e13db
x-amz-cf-pop: FRA56-P7
age: 869
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.007
alt-svc: h3=":443"; ma=86400
content-length: 9454
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-29
etag: "1a2v6dmecgbgz"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: yU2KnsWAkXI8vboT7ooO1vqYnaseOQfh7ma-9UMlTw3_WDpYO6KKAg==

GET
H2 200 Ankita-Lokhande-saree-6.jpg
images.news9live.com/wp-content/uploads/2024/04/ 14 KB
15 KB 334ms
76ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/Ankita-Lokhande-saree-6.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

85a76a29d066fc8a4d2a7da90919a4fd916bdb374176debd9f58c53898d98121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 Apr 2024 16:31:43 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 662bd6efbaafd361d7dd7935
x-amz-cf-pop: FRA56-P7
age: 224944
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.005
alt-svc: h3=":443"; ma=86400
content-length: 14600
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-26
etag: "230lp6o2qpnx2"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: yf3RGWKPButlBmE-yh4LqdnbfMsiyAWbHgFONUQzZbc7u7779bX-7w==

GET
H2 200 Sarangpur-Hanuman-photo-today.jpeg
images.news9live.com/wp-content/uploads/2024/04/ 83 KB
84 KB 73ms
72ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/Sarangpur-Hanuman-photo-today.jpeg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1868ba5d68879e8e7df86e97d8d2583fa0ffe61e9fdab7a9a93b2309e07385d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Apr 2024 14:24:03 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 6627c4830bf4fa1226624d9f
x-amz-cf-pop: FRA56-P7
age: 491803
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.007
alt-svc: h3=":443"; ma=86400
content-length: 85156
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-23
etag: "e4wx1mbzwpw9"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 91BELh1iSK3lOK_P3LXquSM8qBzSWmIOBW7YQ4Z2GOkNpBMSWDEu0w==

GET
H2 200 Hanuman-Jayanti-photo-gallery.jpg
images.news9live.com/wp-content/uploads/2024/04/ 10 KB
11 KB 79ms
79ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/Hanuman-Jayanti-photo-gallery.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a902befc49bd7f4e10c57f0e526f3bcedc21abe98bab721ba9e5881a0fcf444d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Apr 2024 14:24:04 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 6627c484bc726412125fa1a5
x-amz-cf-pop: FRA56-P7
age: 491803
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.027
alt-svc: h3=":443"; ma=86400
content-length: 10064
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-23
etag: "i4hfmwzpjjje"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: MWzlrubJCu6HQKxfZbzfrfV10UhiLwPrsxaALDfjl0em4fQecVyzwg==

GET
H2 200 Untitled-design-2024-04-20T081359.168.jpg
images.news9live.com/wp-content/uploads/2024/04/ 23 KB
23 KB 138ms
138ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/Untitled-design-2024-04-20T081359.168.jpg?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c19cf9cdbd41740cee85b02791a9ef327f91ebc33fe87191b4d1b27c3a3841a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Apr 2024 04:43:49 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 6625eb05037d6d5ded064108
x-amz-cf-pop: FRA56-P7
age: 613018
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.007
alt-svc: h3=":443"; ma=86400
content-length: 23082
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-20
etag: "30tgzlhaho5ly"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: GP_q-SgQMbN3sTTYEEWows6JJH9Kg7qboRSu1BDi7rU54BKGJdtafQ==

GET
H2 200 mangalsutra-2.png
images.news9live.com/wp-content/uploads/2024/04/ 11 KB
11 KB 144ms
143ms Image
image/webp 2600:9000:2491:1600:1e:2598:7140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news9live.com/wp-content/uploads/2024/04/mangalsutra-2.png?w=400

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:1600:1e:2598:7140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5e8c5f085b3dddb984adbfee82428008cce35310a4b35104497f518b28737f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 Apr 2024 19:28:26 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 6622c5da037d6d5dedd8db3d
x-amz-cf-pop: FRA56-P7
age: 819141
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.024
alt-svc: h3=":443"; ma=86400
content-length: 10850
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.news9live.com 2024-04-19
etag: "1ptp53rg50en3"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: q-wHVRyy1-5jPT3-uTVrACUl06uCoPkC0nW3_stgKnF3ZE7a9btePQ==

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 231ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34a4181d8daf88cc53bc685e09e725966499e0ea56d4ed86df0ba62cb3f01acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 07:00:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H3 200 googleplay.svg
www.news9live.com/wp-content/themes/news9livedesktop/images/ 7 KB
3 KB 41ms
40ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9live.com/wp-content/themes/news9livedesktop/images/googleplay.svg
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: b1c3a8f08ab75aca270b20a11ef900a0f07e6bf494f9a2f372b9f9ee81eff022

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 07:57:24 GMT
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-cacheable: YES:Forced
age: 83980
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3001
last-modified: Thu, 14 Dec 2023 04:48:12 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
accept-ranges: bytes
x-amz-cf-id: H4fewrw6vUErK_iRkh5cC5pBYZuY-83psMQhK-5jxppAYybnFRuU-w==
expires: Wed, 23 Apr 2025 07:41:07 GMT

GET
H3 200 appstore.svg
www.news9live.com/wp-content/themes/news9livedesktop/images/ 12 KB
5 KB 42ms
41ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9live.com/wp-content/themes/news9livedesktop/images/appstore.svg
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 01:10:26 GMT
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-cacheable: YES:Forced
age: 21021
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4633
last-modified: Thu, 14 Dec 2023 04:45:18 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
accept-ranges: bytes
x-amz-cf-id: z3NjGOMbBPWYcsVVmCSugxKyk1dkYv_1s2WHnGaYzIHrYfEkiGgXAQ==
expires: Thu, 24 Apr 2025 01:10:26 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 40ms
40ms Image
text/plain 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=33425927&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1714374047080&ns_c=UTF-8&c7=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employ&c8=Page%20Not%20found%20-%20404&c9=
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: XdBD856T47SUHPdPGrHEb_SCWA_ExRoCFWDP4fpjQcz09A_QaQ81Ew==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 208 B
512 B 324ms
151ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=news9live.com&domain=news9live.com&path=%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employ
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f5e9682267f7f1ef2d74a35d7421d58aa76bd19efcb119522661cd290872078

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 158
x-served-by: cache-mxp6921-MXP
x-timer: S1714374047.279354,VS0,VE103
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 27 Apr 2024 07:00:47 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/ 449 KB
140 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083073

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83f5282269ab1b6bbfac8a6af1a4996cc4473e647a88aaa2e67980bf89933cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 13:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62986
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143053
x-xss-protection: 0
server: cafe
etag: 9567458949288514437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 28 Apr 2025 13:31:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
97 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EQBYL0ZYL8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee1945707c062effdfc8511a0accc404a0a7ad451aa033f64d0adc30f455d905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Apr 2024 05:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4359
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Apr 2024 07:48:08 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 214 KB
78 KB 87ms
87ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10903970923&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJFDD5B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1bdb483c6eb014a2bae8aa1bda2034ae85fceaeb042f0bb53ea3cbf4b63548e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79502
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 248ms
161ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:28:46 GMT
x-content-type-options: nosniff
age: 581521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19388
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 13:28:46 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 210ms
123ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 09:09:55 GMT
x-content-type-options: nosniff
age: 510652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38372
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 09:09:55 GMT

GET
H2 200 nKKU-Go6G5tXcr5KPxWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 143ms
56ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 00:22:57 GMT
x-content-type-options: nosniff
age: 196670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19572
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 00:22:57 GMT

GET
H2 200 nKKU-Go6G5tXcr5mOBWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 209ms
122ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5mOBWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 04:39:34 GMT
x-content-type-options: nosniff
age: 526873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19292
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 04:39:34 GMT

GET
H2 200 nKKU-Go6G5tXcr4-ORWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 129ms
43ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr4-ORWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@300;400;500;600;700&family=Playfair+Display:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8545021ffd4b062ea76df6ab092f50a7c0de35d61132769dc7b43afcdb0fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 08:17:03 GMT
x-content-type-options: nosniff
age: 168224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19128
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:52:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 08:17:03 GMT

GET
H2 200 21874393853 Show response
fundingchoicesmessages.google.com/i/ 181 KB
61 KB 168ms
76ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21874393853?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2458b8eaa20b72b506b0a4be82bc822894fdd505fd14fbcd35842d63c5fe7982

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-h6AzFPE6cz4u3zxImzHZAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-h6AzFPE6cz4u3zxImzHZAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo753Xs3sgnsOLj6OSMA_JcrEw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 47ms
46ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=768114268&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employ&ul=de-de&de=UTF-8&dt=Page%20Not%20found%20-%20404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=238298746&gjid=1612859527&cid=477286650.1714374047&tid=UA-187221534-1&_gid=536827497.1714374047&_r=1&_slc=1&gtm=45He44o0n81WJFDD5Bv838264729za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=787503141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

af5a02c410a901938ff6821c6d307027a7c64b717c88ed320108487eb27cdaef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 07:00:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 139ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EQBYL0ZYL8&gtm=45je44o0v9123311582z8838264729za200&_p=1714374046917&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=477286650.1714374047&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714374047&sct=1&seg=0&dl=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employ&dt=Page%20Not%20found%20-%20404&en=page_view&_fv=1&_ss=1&ep.page_type=&ep.content_id=&ep.content_type=Other&ep.word_count=&ep.author_name=&ep.author_id=&ep.edit_by_author_name=&ep.edit_by_author_id=&ep.title=&ep.published_date=&ep.modification_date=&ep.article_position=&ep.category=&ep.anchor_name=&ep.sub_category=NA&ep.previous_source=&ep.day_parting=NA&up.client_id=&tfd=1080
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQBYL0ZYL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 07:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 149ms
50ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EQBYL0ZYL8&cid=477286650.1714374047&gtm=45je44o0v9123311582z8838264729za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQBYL0ZYL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 07:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 100ms
50ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EQBYL0ZYL8&cid=477286650.1714374047&gtm=45je44o0v9123311582z8838264729za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1861596998

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 07:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 124ms
49ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-187221534-1&cid=477286650.1714374047&jid=238298746&gjid=1612859527&_gid=536827497.1714374047&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1195917394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 Apr 2024 07:00:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
90 KB 69ms
68ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FJ5NWRJ11F&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4cc846f796259476ed274328fc613dfe9f4e0d2ca9df95ee6e9bee74eb89fd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H2 200 AGSKWxXLzg07CbEIJE7bEMspmcxMSSNmDOrLEbbrG2OwgozUK6ZnQ9GDxeK6MYVzYM26jIjviLLVexnGy7779fU7k8vo9BbBtn0jljsVKI705YmK1rCiCR4TsFHjT24JeFidpsc7KWNdUg== Show response
fundingchoicesmessages.google.com/f/ 403 KB
63 KB 149ms
148ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLzg07CbEIJE7bEMspmcxMSSNmDOrLEbbrG2OwgozUK6ZnQ9GDxeK6MYVzYM26jIjviLLVexnGy7779fU7k8vo9BbBtn0jljsVKI705YmK1rCiCR4TsFHjT24JeFidpsc7KWNdUg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0Mzc0MDQ3LDYwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubmV3czlsaXZlLmNvbS92aXJhbC1uZXdzL2ZpcnN0LWZsaWdodC1mb3ItbWFueS1maXJtLXRha2VzLWVtcGxveSIsbnVsbCxbWzgsInVEY3RtbWdKTEJnIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uDctmmgJLBg.es5.O/am=gAE/d=1/rs=AJlcJMwNifH9ZQN3aBBnic9VQS8RTmtN2g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d6b374def78a42ac84c4e45c00d68b1541098f4f5754406aae2e0fd53a5972

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wZ0xOkYcWFmZFHmqwXQI2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-wZ0xOkYcWFmZFHmqwXQI2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo753Xs3sglsODfxJhMA9t4q4w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 50ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FJ5NWRJ11F&gtm=45je44o0v9117674547za200&_p=1714374046917&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tcfd=10001&ul=de-de&sr=1600x1200&cid=477286650.1714374047&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.news9live.com%2Fviral-news%2Ffirst-flight-for-many-firm-takes-employ&dt=Page%20Not%20found%20-%20404&sid=1714374047&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1263
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FJ5NWRJ11F&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 07:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 56ms
55ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uDctmmgJLBg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyC2lXMd9SOjtp5e0_FiY3pGisqnQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 07:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 07:00:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 07:00:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 202491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:45:56 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 19:45:43 GMT
x-content-type-options: nosniff
age: 558904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 19:45:43 GMT

POST
H3 204 AGSKWxUl3rHiVbgnn3MIxPA12HpxwsLLRt0p7mpPJVQ_O_pEuwCljhsCL_hUISM56kQ1Ubzbe6D3puY9bpydyjusXmksDUfgCveCRvzYYvgPsWoXpUfxbfhkIcQvy30YA0LeXVfqjNDnOg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 131ms
51ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUl3rHiVbgnn3MIxPA12HpxwsLLRt0p7mpPJVQ_O_pEuwCljhsCL_hUISM56kQ1Ubzbe6D3puY9bpydyjusXmksDUfgCveCRvzYYvgPsWoXpUfxbfhkIcQvy30YA0LeXVfqjNDnOg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8-1u-C64e_idfqHk2mBRCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Apr 2024 07:00:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-8-1u-C64e_idfqHk2mBRCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh2N-996NbAIz2hfvZQYAws4LxQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.news9live.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
www.news9live.com/wp-content/themes/news9livedesktop/images/ico/ 4 KB
4 KB 42ms
42ms Other
image/x-icon 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9live.com/wp-content/themes/news9livedesktop/images/ico/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: /
Resource Hash: 4c0b65516ef902a3874f24cb01aa0e086e9ca9ad9f9bd29711f540ef970aeba9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 04:26:24 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified: Mon, 17 Oct 2022 11:00:26 GMT
x-cacheable: YES:Forced
age: 11592
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/x-icon
cache-control: max-age=31104000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3774
x-amz-cf-id: Ismn0DbP4qkKWrUXYNrGtTbkv9yP6gI-7NOF7oiah5fUsxBA53mFPA==
expires: Thu, 24 Apr 2025 03:47:36 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tv9-news9live/ 823 KB
207 KB 126ms
40ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Requested by: Host: www.news9live.com
URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c896dff0dc005d49e4698dfa1a35f8dee02c617e7c37ff70c4cc99b6e0e90ec3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: smoM_a3ta1OdBFWYuoWsPDQ9EOeqKGzD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 Apr 2024 07:00:50 GMT
x-amz-request-id: XCJX1WDN44A6T4VS
age: 29
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 211275
x-amz-id-2: dfEP2C8PBA4szjrYYUKxJ0k7PsG1eCfnBZXiqIO1vs6bAez5aRtZQA3cAhdY4QUO+5yveSkdrB8=
x-served-by: cache-fra-etou8220131-FRA
last-modified: Thu, 25 Apr 2024 11:25:40 GMT
server: AmazonS3
x-timer: S1714374050.022726,VS0,VE2
etag: "d0f628b0f4bd203b3ac5036ef3402d4b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 82
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 load.js Show response
pm-widget.taboola.com/tv9-news9live/ 3 KB
1 KB 69ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/tv9-news9live/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c6a1d10c2fcb2ea2b24c44d3b18b86184cf047921912cd4598437284ad5d5b6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: CvIklAIwFFcR7CkBxr6y0rABXRiC4x8l
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 Apr 2024 07:00:50 GMT
x-amz-request-id: 4QT4GDZ4295C1KGJ
age: 2605
x-cache: HIT
content-length: 1135
x-amz-id-2: BQNavNzec0XQ4oEigBvjX5QAyOVoSMwdLYvXbJdxdwbOVnmdzFaTtLdhvieUwAkE4E2YeH8Cj3c=
x-served-by: cache-fra-etou8220131-FRA
last-modified: Tue, 12 Mar 2024 06:17:12 GMT
server: AmazonS3
x-timer: S1714374050.209654,VS0,VE1
etag: "07e1ad2d3aa552a5d0fd281451b4e4cf"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20240425-11-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 39ms
38ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240425-11-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 547cf834b1dd6f1cc2dad9a684631b36e0b5050dae72dffd1cc08bbb2ea9365e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BzCeX03YnYOwu5buHvITmOmkRFFKWDlg
content-encoding: br
via: 1.1 varnish
date: Mon, 29 Apr 2024 07:00:50 GMT
x-amz-request-id: SN437QHT9MNVDGE9
age: 13713
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185743
x-amz-id-2: MhZvNXjQRTJbOlAdeQzIKbXXKlfrtFfVA5sMqxYYWvFZQdgojABF644+NP5zKU2N1eLPC7EfjiQ=
x-served-by: cache-fra-etou8220131-FRA
last-modified: Thu, 25 Apr 2024 11:12:16 GMT
server: AmazonS3-br
x-timer: S1714374050.190298,VS0,VE0
etag: "4005c2f054d364681bf07a2ade2fa018"
vary: Accept-Encoding
content-type: application/javascript
abp: 14
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 12824

GET
H2 200 pmk-20220605.1.js Show response
pm-widget.taboola.com/tv9-news9live/ 84 KB
24 KB 118ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/tv9-news9live/pmk-20220605.1.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/tv9-news9live/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eeab7e57e6b676e636c570ae4ebc00150e4007c9ae3a6aee42f4a608f58e3d1d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Origin: https://www.news9live.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: bBrYrec6o61uOMP52hPula3Xti8yoB5M
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 Apr 2024 07:00:50 GMT
x-amz-request-id: ZJFE1JPVM9ZYC905
age: 2011800
x-cache: HIT
content-length: 24281
x-amz-id-2: xR31656nerNklUC7uL/e1cNBqe9dbmTPhgRfReDQ3BmNKOAVPh+S0dkB1BxmAs/Mof3FJPVSbgM=
x-served-by: cache-fra-etou8220052-FRA
last-modified: Tue, 12 Mar 2024 06:17:11 GMT
server: AmazonS3
x-timer: S1714374050.343491,VS0,VE1
etag: "48f6ab93be520d310e4586a0d38c69e3"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 card-interference-detector.20240425-11-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 38ms
38ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20240425-11-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cace3ec25675a6f8a95c613fcf56cc3a63ee4296af7c7296a80bb50abe04090b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9live.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: b5kX_.bqXBn8vxQKAURv.XHobafpY.5q
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 Apr 2024 07:00:50 GMT
x-amz-request-id: 5RR2VEFJY0EVE4B1
age: 330317
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: OqzbHVnzdR7hFQCjndOX7bJ+cXwAH37u4fzNBI+7baIcyZYFkQjTSEiyFJGd68+M7X92hM5J6ms=
x-served-by: cache-fra-etou8220131-FRA
last-modified: Thu, 25 Apr 2024 11:15:33 GMT
server: AmazonS3
x-timer: S1714374050.277288,VS0,VE0
etag: "793902dd2df6f2664214d395be652e9e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 85570

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.news9live.com/	1970-01-20 22:22:30	Name: _gcl_au Value: 1.1.2004309794.1714374047
.news9live.com/	1970-01-20 20:14:20	Name: _gid Value: GA1.2.536827497.1714374047
.news9live.com/	1970-01-20 20:12:54	Name: _gat_UA-187221534-1 Value: 1
.news9live.com/	1970-01-21 05:48:54	Name: _ga Value: GA1.1.477286650.1714374047
.news9live.com/	1970-01-21 05:48:54	Name: _ga_FJ5NWRJ11F Value: GS1.2.1714374047.1.0.1714374047.0.0.0
.news9live.com/	1970-01-21 05:48:54	Name: _ga_EQBYL0ZYL8 Value: GS1.1.1714374047.1.0.1714374048.59.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.news9live.com/viral-news/first-flight-for-many-firm-takes-employ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.taboola.com/libtrc/tv9-news9live/loader.js Message: Unrecognized feature: 'browsing-topics'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.taboola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
images.news9live.com
images.tv9hindi.com
mab.chartbeat.com
pm-widget.taboola.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.news9live.com
142.250.181.232
142.250.185.174
142.250.185.195
151.101.1.44
151.101.193.44
18.245.60.53
2001:4860:4802:32::36
2600:9000:2491:1600:1e:2598:7140:93a1
2600:9000:2646:800:18:1fcd:353:c61
2600:9000:2646:d000:10:d413:e040:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a04:4e42:200::714
99.86.4.73
0cd87504ca5840a2003b7eb48921343f3392fa6ff8680a9824f98bda67914c60
1408cc337fe94ec8a2a71423ae8a9448e796807bb4ed97b01dc8de7808d92514
1868ba5d68879e8e7df86e97d8d2583fa0ffe61e9fdab7a9a93b2309e07385d0
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
2458b8eaa20b72b506b0a4be82bc822894fdd505fd14fbcd35842d63c5fe7982
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2c0da752cf080d946cce355ff0bf5769663995f5739e361a27d5a53824459382
2f5e9682267f7f1ef2d74a35d7421d58aa76bd19efcb119522661cd290872078
34a4181d8daf88cc53bc685e09e725966499e0ea56d4ed86df0ba62cb3f01acd
37dfa37d2ef5034fc8151191d2b3a12d5d9cbd28acea4d8b61c53827eb7f6a94
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41375bde30ee7a1df61fc1006b16ed5ec5a68977293b7b7622c562f65ab778b2
4c0b65516ef902a3874f24cb01aa0e086e9ca9ad9f9bd29711f540ef970aeba9
4c4e356e4e79154ec20470a76e1e375b7f58ae10215b2d28f7f106830d092873
4cc846f796259476ed274328fc613dfe9f4e0d2ca9df95ee6e9bee74eb89fd45
547cf834b1dd6f1cc2dad9a684631b36e0b5050dae72dffd1cc08bbb2ea9365e
5e8c5f085b3dddb984adbfee82428008cce35310a4b35104497f518b28737f9a
612ceaf8957690a14b9bfa741dac7ba047af145cf34d286f367ac87d586e8af2
62abee5c0a8f21510a16f441edb84fbb493f90ae5042ebfbadfbb7faf8c79892
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
7c6a1d10c2fcb2ea2b24c44d3b18b86184cf047921912cd4598437284ad5d5b6
7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83f5282269ab1b6bbfac8a6af1a4996cc4473e647a88aaa2e67980bf89933cc6
85a76a29d066fc8a4d2a7da90919a4fd916bdb374176debd9f58c53898d98121
887d369519e4f743e2e5977adb8512929b5a1d90d8a4d73c2c5b97aef4ccd531
a902befc49bd7f4e10c57f0e526f3bcedc21abe98bab721ba9e5881a0fcf444d
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
af5a02c410a901938ff6821c6d307027a7c64b717c88ed320108487eb27cdaef
b1c3a8f08ab75aca270b20a11ef900a0f07e6bf494f9a2f372b9f9ee81eff022
c19cf9cdbd41740cee85b02791a9ef327f91ebc33fe87191b4d1b27c3a3841a9
c8545021ffd4b062ea76df6ab092f50a7c0de35d61132769dc7b43afcdb0fc75
c896dff0dc005d49e4698dfa1a35f8dee02c617e7c37ff70c4cc99b6e0e90ec3
c8d6b374def78a42ac84c4e45c00d68b1541098f4f5754406aae2e0fd53a5972
c8f08a95bebac24ef4b5ece9abfda42669eeff9e0ecdca94b0a9c421289a8eae
cace3ec25675a6f8a95c613fcf56cc3a63ee4296af7c7296a80bb50abe04090b
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1bdb483c6eb014a2bae8aa1bda2034ae85fceaeb042f0bb53ea3cbf4b63548e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5
e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28
eb6d97b492018690406b8a7895079bcbe77ff7f713a16beb3a7099649d16fe53
ee1945707c062effdfc8511a0accc404a0a7ad451aa033f64d0adc30f455d905
eeab7e57e6b676e636c570ae4ebc00150e4007c9ae3a6aee42f4a608f58e3d1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.news9live.com Open in urlscan Pro 99.86.4.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

63 %IPv6

12 Domains

18 Subdomains

19 IPs

3 Countries

1704 kBTransfer

4938 kBSize

6 Cookies

18 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.news9live.com Open in urlscan Pro
99.86.4.73 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

18
Subdomains

19
IPs

3
Countries

1704 kB
Transfer

4938 kB
Size

6
Cookies

52 HTTP transactions
0 data transactions