www.news9ontime.com Open in urlscan Pro
199.231.86.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.news9ontime.com/
Effective URL:
https://www.news9ontime.com/
Submission: On October 03 via manual (October 3rd 2022, 8:23:10 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 110 HTTP transactions. The main IP is 199.231.86.13, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is www.news9ontime.com.
TLS certificate: Issued by R3 on September 7th 2022. Valid for: 3 months.

This is the only time www.news9ontime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	199.231.86.13 199.231.86.13	53755 (IOFLOOD) (IOFLOOD)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
15	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.25 13.32.99.25	16509 (AMAZON-02) (AMAZON-02)
1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
9	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:400a:808::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
16	2.18.68.23 2.18.68.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
11	104.83.4.209 104.83.4.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
110	20

29 199.231.86.13 (Phoenix, United States) 1 redirects

ASN53755 (IOFLOOD, US)
PTR: easyhosting123.com

www.news9ontime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-25.fra60.r.cloudfront.net

cdn.chitika.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

tharbadir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

itweepinbelltor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.68.23 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.83.4.209 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-209.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	media.net contextual.media.net — Cisco Umbrella Rank: 841 lg3.media.net — Cisco Umbrella Rank: 4956	331 KB
29	news9ontime.com 1 redirects www.news9ontime.com	2 MB
11	akamaihd.net res-a.akamaihd.net — Cisco Umbrella Rank: 8176	42 KB
9	gstatic.com fonts.gstatic.com	203 KB
9	itweepinbelltor.com itweepinbelltor.com — Cisco Umbrella Rank: 160648	54 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	206 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 7253	547 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 5221	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	647 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	tharbadir.com tharbadir.com
1	chitika.net cdn.chitika.net — Cisco Umbrella Rank: 847448	317 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	42 KB
110	16

	Domain	Requested by
29	www.news9ontime.com	1 redirects www.news9ontime.com
16	lg3.media.net	www.news9ontime.com
15	contextual.media.net	www.news9ontime.com contextual.media.net
11	res-a.akamaihd.net	www.news9ontime.com
9	fonts.gstatic.com	fonts.googleapis.com
9	itweepinbelltor.com	www.news9ontime.com itweepinbelltor.com
6	pagead2.googlesyndication.com	www.news9ontime.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	my.rtmark.net	www.news9ontime.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	www.news9ontime.com
1	tharbadir.com	www.news9ontime.com
1	cdn.chitika.net	www.news9ontime.com
1	www.googletagmanager.com	www.news9ontime.com
110	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.cyberprosconsulting.com

Subject Issuer	Validity	Valid
news9ontime.com R3	`2022-09-07` - `2022-12-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
cdn.chitika.net Amazon	`2022-02-22` - `2023-03-23`	a year	crt.sh
tharbadir.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
itweepinbelltor.com R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.news9ontime.com/
Frame ID: 458725485DF79B93F384089CA6DA66C5
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 2738BE7A7E8679F49D909E367567FD3C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 6B8891205C59B7FC0EEC21FD311C5401
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4016474277036525&output=html&adk=1812271804&adf=3025194257&lmt=1664828584&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.news9ontime.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664828584560&bpp=4&bdt=633&idt=181&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3982810011303&frm=20&pv=2&ga_vid=149348632.1664828585&ga_sid=1664828585&ga_hid=236661798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C44772927%2C31062930%2C31068920&oid=2&pvsid=362576336783947&tmod=111139996&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205
Frame ID: 84D0CF2A3CEB764EDC45E69A2DAA9F81
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 92E51121EA2EEC021704132D461CCED7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: CE466ACA07B50045A1B17D3FFE686A65
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: C8ABB7513B49502FCE6F696BB0904034
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 92C28CEDAC53540B9E344E0C81D88BAB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 43730475216070620F58589BC997E578
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: AD8ABAC734729C57C9FE81CF2C7CA544
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 85B8CD9471230BC514C75A1375AA2D79
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1F64C83B9C6790C6713CCFE4EE3CC7DA
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 871013E714BA9B11423E99EBCFC054AE
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5C776E9874DE4EC9A01A01F39DE49AF2
Requests: 4 HTTP requests in this frame

Frame: https://res-a.akamaihd.net/__media__/pics/800028474/1x1.gif
Frame ID: B8E74114DCAEE2DE853E5C3953228327
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 593CC9CA0A6541207BF580831A3BF2B6
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3E54709434D00E75D95A89F409EEE66E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 317AF10EB35A8AD27ED40C162A7933EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5536031A2F95F0954E1A779E629EE41
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News 9 On Time | News 9 On Time

Page URL History Show full URLs

http://www.news9ontime.com/ HTTP 301
https://www.news9ontime.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

19
Subdomains

20
IPs

6
Countries

3147 kB
Transfer

5719 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/News9OnTime-187505455306520
Title: Like

Search URL Search Domain Scan URL

URL: https://www.cyberprosconsulting.com/
Title: Cyber Pros Consulting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.news9ontime.com/ HTTP 301
https://www.news9ontime.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.news9ontime.com/
Redirect Chain

http://www.news9ontime.com/
https://www.news9ontime.com/

1 MB
146 KB

646ms
318ms

Document
text/html

199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 69676bc70516c9217cc70379539cb8d36407c2ef506de71c1f2ddfc663c668fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 148954
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:03 GMT
vary: Accept-Encoding,User-Agent
x-litespeed-cache: hit

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:03 GMT
location: https://www.news9ontime.com/
vary: Accept-Encoding,User-Agent
x-litespeed-cache: miss
x-redirect-by: WordPress

GET
H2 200 webfontloader.min.js Show response
www.news9ontime.com/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 314ms
313ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Thu, 08 Sep 2022 07:56:17 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4649
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H2 200 jquery.js Show response
www.news9ontime.com/wp-includes/js/jquery/ 95 KB
32 KB 160ms
159ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Wed, 04 Dec 2019 04:19:47 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 32853
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 81ms
31ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117511567-1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bdf6712e0647bd1eac7c28c1f7e8f229e53bbe2ae48ba1b939b1e6fd0225c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42376
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 19:03:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 20:23:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
54 KB 104ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09700ed0383df8da728e83d821c1e1591e044f4b8b0514face223e2bd073e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54372
x-xss-protection: 0
server: cafe
etag: 16613978786304367328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:23:04 GMT

GET
H3 200 News9OnTime-300x62.png
www.news9ontime.com/wp-content/uploads/2019/12/ 13 KB
13 KB 408ms
406ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/12/News9OnTime-300x62.png
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: fbe0b1b485c9c32c61a86f441e860cc35b7d5342a2de762b356b04180009744f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
last-modified: Wed, 04 Dec 2019 05:42:17 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 13437
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ 157 KB
53 KB 384ms
306ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2cd2df31bacd62486cee25e0734bab7213f959dab750a6f80717a0fa58326e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-mnt-h: 21-5r4q
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 03 Oct 2022 20:23:04 GMT
server: Apache
etag: "c068dcc4c4fc734b245c602a5aee3667"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-34
expires: Mon, 03 Oct 2022 20:28:04 GMT

GET
H2 200 getads.js Show response
cdn.chitika.net/ 0
317 B 66ms
16ms Script
application/javascript 13.32.99.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chitika.net/getads.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 02:20:08 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
last-modified: Fri, 19 Apr 2019 16:40:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 64982
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 0
x-amz-cf-id: 9WPQcLPOmcP-LL8eTgKufgh27GOOBluEMO21RHFaE4Yy5idFuPM7Kw==

GET
H2 404 2
tharbadir.com/ 0
0 257ms
27ms Script
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tharbadir.com/2?z=2352359
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-trace-id: 648b30ae8912cf482383dac3fee31e3d
date: Mon, 03 Oct 2022 20:23:04 GMT
x-sc: 4KdnrdofxFOHMlcU
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers: X-Sc
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7

GET
H2 200 tag.min.js Show response
itweepinbelltor.com/pfe/current/ 14 KB
6 KB 82ms
21ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/pfe/current/tag.min.js?z=2352380
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c8a0fb0320831047a2276f2759bd6650de39079719e9f0486329532239236d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
server: nginx
etag: W/"6332f869-39be"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 fe047adbb03f5cb7416e79d369ef473f.js Show response
www.news9ontime.com/wp-content/litespeed/js/ 11 KB
3 KB 165ms
163ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/js/fe047adbb03f5cb7416e79d369ef473f.js?ver=f473f
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: e43e586b1111c96f3c51b8bc12dd9ffd6c902cd94071fdc5a0c9abfe2ded7ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 20:22:36 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3097
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H3 200 7ca6d4006ce9f0eed8124b30a90090e0.js Show response
www.news9ontime.com/wp-content/litespeed/js/ 2 KB
847 B 200ms
197ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/js/7ca6d4006ce9f0eed8124b30a90090e0.js?ver=090e0
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: c152453db4b8c67ebf3ef75aa1f31c4b588d00fe4d8ff4e6e5499c8af602387f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 20:22:36 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 826
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H3 200 84c7a61412b6f08137ad63c0edccba9e.js Show response
www.news9ontime.com/wp-content/litespeed/js/ 3 KB
936 B 204ms
202ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/js/84c7a61412b6f08137ad63c0edccba9e.js?ver=cba9e
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 9bf04274516def769daa9e7110fca6ee420167b5fbf07accc991172ac1b21aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 20:22:36 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 915
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H3 200 bc84b4cb0ee615df9d5c337f024beba5.js Show response
www.news9ontime.com/wp-content/litespeed/js/ 582 B
330 B 204ms
202ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/js/bc84b4cb0ee615df9d5c337f024beba5.js?ver=beba5
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 2109de697a13ffc5a7a266564babe6e6c1078a8d685e040a7a0892732f541acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 20:22:36 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 309
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H3 200 5417651aa305a989aabae3ac761daa9b.js Show response
www.news9ontime.com/wp-content/litespeed/js/ 203 KB
46 KB 205ms
202ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/js/5417651aa305a989aabae3ac761daa9b.js?ver=daa9b
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: c6bdb1dc8ea8639ecb6757a21dc679727e90014c9c3ce92aeef16c4d37012c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 20:22:36 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 47166
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 100ms
43ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 18:45:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 20:23:04 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 62ms
18ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:37 GMT
x-content-type-options: nosniff
age: 5547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 78ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 5560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 89ms
45ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 13399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 16:39:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 109ms
65ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 284135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:27:29 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 106ms
63ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:01:08 GMT
x-content-type-options: nosniff
age: 15716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 16:01:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 97ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 26819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 12:56:05 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 110ms
67ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 16:59:59 GMT
x-content-type-options: nosniff
age: 271385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 16:59:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 100ms
57ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 13092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 103ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 405832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 03:39:12 GMT

GET
H3 404 back.jpg
www.news9ontime.com/wp-content/uploads/2019/02/ 40 KB
40 KB 164ms
163ms Image
text/html 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/02/back.jpg
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 20ef4c3d355b21169aaf8bce0e0c7ad477f6a82221bbdda0db3532e9e4dc7bf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: gzip
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
content-length: 128641
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 newspaper.woff
www.news9ontime.com/wp-content/themes/Newspaper/images/icons/ 19 KB
19 KB 177ms
176ms Font
font/woff 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
last-modified: Tue, 10 Apr 2018 19:57:48 GMT
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 19432
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H3 200 newspaper-icons.woff
www.news9ontime.com/wp-content/themes/Newspaper/images/icons/ 6 KB
6 KB 185ms
185ms Font
font/woff 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/icons/newspaper-icons.woff?1
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
last-modified: Tue, 10 Apr 2018 19:57:48 GMT
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5956
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
30ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117511567-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 18:27:31 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 20:27:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ 348 KB
114 KB 91ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4016474277036525&plah=www.news9ontime.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

138cdceb3ab617acf19542d816118a4f66c831dba30dcf4e64fe75e7052e00f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117019
x-xss-protection: 0
server: cafe
etag: 5910281854373517064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:23:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 2738 10 KB
5 KB 59ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 20:43:53 GMT
etag: 9671129459699598864
expires: Sun, 16 Oct 2022 20:43:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 113ms
52ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=236661798&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9ontime.com%2F&ul=en-us&de=UTF-8&dt=News%209%20On%20Time%20%7C%20News%209%20On%20Time&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1509099150&gjid=1925648201&cid=149348632.1664828585&tid=UA-117511567-1&_gid=336970407.1664828585&_r=1&gtm=2ou9s0&z=939163796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 20:23:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9ontime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 smtr Show response
contextual.media.net/ 97 KB
34 KB 451ms
451ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584198787827&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b1e29f890f4a510d92c9ba5d548e24b8fb76de23d4c8d112573073b3e66ee7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-hlbp
content-length: 34551
x-sc-w: 21-ss21

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6B88 15 KB
6 KB 239ms
239ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:04 GMT
expires: Wed, 05 Oct 2022 17:30:19 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 111ms
29ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1664828584198787827&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584707&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=1&vgd_uspa=0&hvsid=00001664828584700032397757449629&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 137ms
51ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.news9ontime.com&callback=_gfp_s_&client=ca-pub-4016474277036525

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4016474277036525&plah=www.news9ontime.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a51f3437db24ad6794d416713c941741b96893ebe605557177776fbce91d1d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 79ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.news9ontime.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 383ms
58ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.news9ontime.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84D0 603 B
68 B 87ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4016474277036525&output=html&adk=1812271804&adf=3025194257&lmt=1664828584&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.news9ontime.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664828584560&bpp=4&bdt=633&idt=181&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3982810011303&frm=20&pv=2&ga_vid=149348632.1664828585&ga_sid=1664828585&ga_hid=236661798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C44772927%2C31062930%2C31068920&oid=2&pvsid=362576336783947&tmod=111139996&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 20:23:04 GMT
expires: Mon, 03 Oct 2022 20:23:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 smtr Show response
contextual.media.net/ 89 KB
33 KB 1017ms
1008ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=801896542&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584869413324&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

5516a922df8e7a1f7665843b005b171f791955953939a1f09c5b551528a431d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-2wxs
content-length: 33506
x-sc-w: 21-w8qk

GET
H3 200 elements.png
www.news9ontime.com/wp-content/themes/Newspaper/images/sprite/ 4 KB
4 KB 172ms
163ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/sprite/elements.png
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:04 GMT
last-modified: Tue, 10 Apr 2018 19:57:49 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4324
expires: Wed, 02 Nov 2022 20:23:04 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 92E5 15 KB
6 KB 188ms
184ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:05 GMT
expires: Wed, 05 Oct 2022 17:30:20 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 32ms
29ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&vi=1664828584869413324&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584785&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=2&vgd_uspa=0&hvsid=00001664828584783032397757446742&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
H2 200 smtr Show response
contextual.media.net/ 91 KB
33 KB 969ms
968ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=801896542&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584562545997&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

39ab243ed596bcf21e25ab361429330ab04f65561bb819957a36ec740ae86fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-dvgn
content-length: 33828
x-sc-w: 21-vgtm

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame CE46 15 KB
6 KB 203ms
200ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4ef8f6b18c51eb8180a29bf6a900b0e4b37fa13df6885260b48226fc83b63cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:05 GMT
expires: Wed, 05 Oct 2022 17:30:20 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 29ms
27ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&vi=1664828584562545997&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584864&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=2&vgd_uspa=0&hvsid=00001664828584862032397757447077&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
H2 200 smtr Show response
contextual.media.net/ 93 KB
33 KB 974ms
962ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584506479962&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

db7e181044df215d619b31f279701922425ce47dda4852cb2f9ce8914bb51986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-lzm8
content-length: 33937
x-sc-w: 21-hdrx

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C8AB 15 KB
6 KB 190ms
188ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:05 GMT
expires: Wed, 05 Oct 2022 17:30:20 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 35ms
33ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1664828584506479962&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584878&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=2&vgd_uspa=0&hvsid=00001664828584876032397757449988&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
H2 200 smtr Show response
contextual.media.net/ 97 KB
34 KB 281ms
281ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584158486077&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

da1df5ce2583c977a0a233ed45d77d64993fe37cdb41d40045378374742a3ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-f2rh
content-length: 34534
x-sc-w: 21-ss21

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 92C2 15 KB
6 KB 45ms
45ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:04 GMT
expires: Wed, 05 Oct 2022 17:30:19 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 30ms
30ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1664828584158486077&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584906&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=2&vgd_uspa=0&hvsid=00001664828584905032397757443510&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
H2 200 smtr Show response
contextual.media.net/ 90 KB
33 KB 476ms
475ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=801896542&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584680477833&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

7188aa7cd9949619041b52601fa51f79303e54880cd5a940f905d95457c26e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-qh2k
content-length: 33600
x-sc-w: 21-wrck

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4373 15 KB
6 KB 51ms
49ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:04 GMT
expires: Wed, 05 Oct 2022 17:30:19 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 33ms
31ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&vi=1664828584680477833&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584932&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=2&vgd_uspa=0&hvsid=00001664828584931032397757446205&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
H2 200 smtr Show response
contextual.media.net/ 99 KB
34 KB 427ms
427ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1664828584588528470&lw=1&ugd=4&pgid=p01977924732t202210032023&goent=1&nb=1&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a633a6a74f48bb56b862398e8a23a259f250bfc039b541e96cd6f751e12654e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 03 Oct 2022 20:23:05 GMT
pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-2wxs
content-length: 34642
x-sc-w: 21-vgtm

GET
H3 404 8.jpg
www.news9ontime.com/wp-content/uploads/2018/04/ 79 KB
79 KB 161ms
161ms Image
text/html 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2018/04/8.jpg
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 4d33573ed1168a27d4bdbf7199c57c467346744c55310a568f429f6a8180e63c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
content-length: 128644
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AD8A 15 KB
6 KB 45ms
44ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=162435
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:23:04 GMT
expires: Wed, 05 Oct 2022 17:30:19 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 15 B
15 B 30ms
30ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=479&&vgd_cdv=806&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1664828584588528470&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1664828584963&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1664828584192769806&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01977924732t202210032023&vgd_pgids=2&vgd_uspa=0&hvsid=00001664828584961032397757442585&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:04 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=15007
Connection: keep-alive
Content-Length: 15

GET
H2 200 zone Show response
itweepinbelltor.com/ 663 B
953 B 25ms
23ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/zone?pub=0&zone_id=2352380&is_mobile=false&domain=www.news9ontime.com&var=&ymid=&var_3=

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/tag.min.js?z=2352380

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a77a10174c58edea31a8a39d757cac97af0595510eb5996d919a3f44bd6aef04

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-trace-id: 6031b97541e5ea1508e97e823a0258dc
date: Mon, 03 Oct 2022 20:23:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9ontime.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 663

GET
H2 200 universal.min.js Show response
itweepinbelltor.com/pfe/current/ 127 KB
46 KB 67ms
22ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.396
Requested by: Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/tag.min.js?z=2352380
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dbcf2d2489fe991f2567d769d6cbb194799facf40660cc3eac7e1624f3cf746c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
server: nginx
etag: W/"6332f869-1fafa"
content-type: application/javascript
access-control-allow-origin: https://www.news9ontime.com
cache-control: no-cache
access-control-allow-credentials: true

OPTIONS
H2 200 custom
itweepinbelltor.com/ Frame 0
0 21ms
21ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.news9ontime.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.news9ontime.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 03 Oct 2022 20:23:05 GMT
server: nginx

POST
H2 200 custom Show response
itweepinbelltor.com/ 39 B
328 B 24ms
23ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/custom

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1ef77a5b8a8bbb389f63e726e8392656
date: Mon, 03 Oct 2022 20:23:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9ontime.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sw.js Show response
www.news9ontime.com/ 5 KB
2 KB 163ms
162ms Fetch
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/sw.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 4cf1e09e7629c41bc1168da45872f3dcfd072fb88e03f8a0d9b34719fcb7b323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:05 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 20:18:26 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2319
expires: Wed, 02 Nov 2022 20:23:05 GMT

GET
DATA 200
OK truncated
/ Frame 85B8 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 85B8 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet11.woff
res-a.akamaihd.net/__media__/fonts/bullet11/ Frame 85B8 2 KB
2 KB 135ms
27ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet11/bullet11.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c300b6a2877bb5b77918987020634e2c4981146589638e918bc4de730d19df90

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-6d4"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1748

GET
H/1.1 200
OK bullet13.woff
res-a.akamaihd.net/__media__/fonts/bullet13/ Frame 85B8 2 KB
2 KB 135ms
28ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet13/bullet13.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-69c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1692

GET
DATA 200
OK truncated
/ Frame 1F64 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1F64 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet11.woff
res-a.akamaihd.net/__media__/fonts/bullet11/ Frame 1F64 2 KB
2 KB 105ms
27ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet11/bullet11.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c300b6a2877bb5b77918987020634e2c4981146589638e918bc4de730d19df90

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-6d4"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1748

GET
H/1.1 200
OK bullet13.woff
res-a.akamaihd.net/__media__/fonts/bullet13/ Frame 1F64 2 KB
2 KB 114ms
29ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet13/bullet13.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-69c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1692

POST
H2 200 custom Show response
itweepinbelltor.com/ 39 B
328 B 22ms
21ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/custom

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a52f4744d16313af751383de506cd6d1
date: Mon, 03 Oct 2022 20:23:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9ontime.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
itweepinbelltor.com/ Frame 0
0 21ms
21ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.news9ontime.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.news9ontime.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 03 Oct 2022 20:23:05 GMT
server: nginx

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 85B8 15 B
285 B 30ms
30ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4332&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3kI4vWCeSr--C3y5UAvIkqbgyxm2H_CkPkVEOKiLZMHdF_CHuiapiywkojqx-pYaOBvQicdZU8YJ&cme=Y5ZWG9L1xl7ZKl04A4d0g3LkTrNRjRyDFj18qtXGdkJWqOsIRPCUL_oOm8XfSFbYWLIJkfGZdym23x-ImiXR3LOcPUlYilFptaO9g5OscMSuw_1JRF_bEp7c1CK0ytCOZmOYqApSc5THKh0fRmXiRMl2XzANqKruVGx0A8YogWKky4StcMyUhaChIlcHLVGTLk5Igphv74ZE_zmwjjMYrqmBHnAF5Ubh%7C%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7C6u-tA0u4XOeI0JBIJWx24Uk6elFXGz1c4sb6CN-weyG7pWEU2p9iAg%3D%3D%7CQdVxhdDUScX9XktBqmzEc8M0A_SNG9zKy_JZ1Fiu7ebq9B2PWZ5r4_z7Rn_Hc_RZJ4vExlXAEvqq-Isn8w4jgba4Wj13F2UfBBq-_5WQWhaIilMedEbDz-XwtVEBDDNKg3EhQ-WRntwKMkJLy7frdsyPVM-S34FcY0GE7o5MJnXpTNsAfFdil6dt1tYIBVg9fZA_hD2TdiDosau8VXQrDx4y97SCcIHkYB1FcSkWYlw%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170722241&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Offers+on+Sports+Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=329734968&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D0.35%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.37%7Cps%3D0.983%7C3%3D0.66%7C4%3D1.00&ktd[]=274895077632&kwd[]=Top+Legal+Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734970&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.56%7C12%3D0.37%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.54%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Cheap+NBA+Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=5672731&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D0.37%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.38%7Cps%3D0.983%7C3%3D0.41%7C4%3D1.00&ktd[]=274911854848&kwd[]=Smartphones+for+Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=321185319&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.26%7C12%3D0.14%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.35%7C4%3D1.00&ktd[]=274911854848&kwd[]=Latest+Movie+Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=17128500&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.17%7C12%3D0.41%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.23%7Cps%3D0.983%7C3%3D0.01%7C4%3D1.00&ktd[]=274911854848&kwd[]=Smart+Fitness+Bands&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=6&kid[]=329734969&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.29%7C12%3D0.48%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.36%7Cps%3D0.983&ktd[]=274895077632&cid=8CUIG0E7H&vi=1664828584198787827&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_kalog=TPTD%3D1269523655296004%7C%7CSID%3D9%7C%7CMPTD%3D656%7C%7CMI%3D2845%7C%7CCI%3D2845%7C%7CUUID%3D338SqAkbpV3G7eLZrU%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CHID%3D1&vgd_katid=801333011&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10007%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170722241&vgd_nrrv=17795&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584700&upk=1664828585.20813&hvsid=00001664828584700032397757449629&verid=3111299&vgd_isiolc=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=200214&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584700032397757449629&rc=0&rand=1664828585190&matm=1664828585190&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=606&vgd_y_pos=56&vgd_ren_page_h=8850&vgd_ltimesrc=2&vgd_ltime=642&vgd_rtime=506&vgd_etm=7&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=786&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=1%3A44412%2C4%3A62187&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:05 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9937
Connection: keep-alive
Content-Length: 15

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 83ms
24ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=afcb38f616c640a7ab267bbb9dcaedfd&zoneId=2352380&checkDuplicate=true&ymid=&var=

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

18984e06d667caec33bacded7f35ba5451df004d17983295d4775932a179b633

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9ontime.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 1F64 15 B
285 B 28ms
28ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4341&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3kI4vWCeSr--C3y5UAvIkqbgyxm2H_CkPkVEOKiLZMHdF_CHuiapiywkojqx-pYaOBvQicdZU8YJ&cme=KphaapzUaONgLMJ6ifSmM17HwyDG38F5UiVDPIfqeCKf_D6m8RImvDCTtCqngDnhJaqni1-tDNKL65nuTbSS9pWXadVbHzUCnyI1dDuy32_1UzIpqA4-k1_EfQq6rWI1OlCUO1gia3IL0s379I4M_V8yIC-VL0hOqH9xcYTobnQwR0jvoT-4q103h2bABvOVAS003I6b9m7ghzOiHpD_8heyp--1fxk7%7C%7C6u-tA0u4XOeI0JBIJWx24Uk6elFXGz1c4sb6CN-weyG7pWEU2p9iAg%3D%3D%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7CQdVxhdDUScX9XktBqmzEc8M0A_SNG9zKy_JZ1Fiu7ebq9B2PWZ5r4_z7Rn_Hc_RZJ4vExlXAEvqq-Isn8w4jgba4Wj13F2UfBBq-_5WQWhaIilMedEbDz-XwtVEBDDNKg3EhQ-WRntwKMkJLy7frdsyPVM-S34FcY0GE7o5MJnXpTNsAfFdil6dt1tYIBVg9fZA_hD2TdiDosau8VXQrDx4y97SCcIHkYB1FcSkWYlw%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170722241&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Offers+on+Sports+Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=329734968&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D0.35%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.37%7Cps%3D0.983%7C3%3D0.66%7C4%3D1.00&ktd[]=274895077632&kwd[]=Top+Legal+Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734970&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.56%7C12%3D0.37%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.54%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Cheap+NBA+Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=5672731&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D0.37%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.38%7Cps%3D0.983%7C3%3D0.41%7C4%3D1.00&ktd[]=274911854848&kwd[]=Smartphones+for+Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=321185319&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.26%7C12%3D0.14%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.35%7C4%3D1.00&ktd[]=274911854848&kwd[]=Latest+Movie+Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=17128500&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.17%7C12%3D0.41%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.23%7Cps%3D0.983%7C3%3D0.01%7C4%3D1.00&ktd[]=274911854848&kwd[]=Smart+Fitness+Bands&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=6&kid[]=329734969&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.29%7C12%3D0.48%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.36%7Cps%3D0.983&ktd[]=274895077632&cid=8CUIG0E7H&vi=1664828584158486077&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_katid=801333011&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10007%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_kalog=TPTD%3D1269523655296004%7C%7CSID%3D9%7C%7CMPTD%3D656%7C%7CMI%3D2845%7C%7CCI%3D2845%7C%7CUUID%3D338SqAkbpV3G7eLZrU%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CHID%3D1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170722241&vgd_nrrv=17795&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D3%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584905&upk=1664828585.20813&hvsid=00001664828584905032397757443510&verid=3111299&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D3%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=200214&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=1&vgd_rensize=300_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=2&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584905032397757443510&rc=0&rand=1664828585220&matm=1664828585220&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=650&vgd_y_pos=5564&vgd_ren_page_h=8850&vgd_ltimesrc=2&vgd_ltime=434&vgd_rtime=319&vgd_etm=3&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=793&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=1%3A44412%2C4%3A62187&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:05 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9937
Connection: keep-alive
Content-Length: 15

GET
DATA 200
OK truncated
/ Frame 8710 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8710 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet13.woff
res-a.akamaihd.net/__media__/fonts/bullet13/ Frame 8710 2 KB
2 KB 27ms
27ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet13/bullet13.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-69c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1692

GET
DATA 200
OK truncated
/ Frame 5C77 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5C77 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet3.woff
res-a.akamaihd.net/__media__/fonts/bullet3/ Frame 5C77 2 KB
2 KB 29ms
29ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet3/bullet3.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-698"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1688

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 8710 15 B
285 B 28ms
28ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4347&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3hlPS5W5Lc8TuxORGMpZgSSqho-51giDbv4eg1SgQHLo7Qn-dehB41n8cUToUbFavEqCl_GN0NcK&cme=7C0IqmL24Mvfqtt5u8peikPUKCXAB8OnAZEvf01aRAr5a2dVKM0qv2SRdNL0Zef53Ym1qp5J0JdNJ7GiYaYx7i6ooDTt1Ud-taPnE7zIV7JhCrfDRbCeGT3eJz_uSuv4cXGp4onUvbxaqIzzLDdf1aUMLDdFvovcFtFalfyhgNOGr1ZEEIRm4Tp03UHIwGYrydoBl3HCYYfWdmpk36zaTX6RAyo_73P8o-Bg73oNLDw%3D%7C%7CNOqgouk5V9SKHVH4yBKQcxD-gNakKgmmogQBW9c7fDk5rBDjQ2IMlACF_30JnFI3TGnlTpvi_gRlnqEm9DUjM1G332NpjzngALlseeN1irnnJyFUyToL7iUuAG-JEgShWcar52gbb4ahMNIAGCZ6svLnsnkOu7pTODsAwBk91WP7VQ-gJc0g2gNXO5Bub6rfM3KJL5TYDf0fEYkJYA-883KvC2VP9S5EcNcIj7aL6IE%3D%7C6u-tA0u4XOeI0JBIJWx24Uk6elFXGz1c4sb6CN-weyG7pWEU2p9iAg%3D%3D%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721646&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=390&vgde_kbbh=fuoyxQBuG&kwd[]=Multiple+Myeloma+Signs&kwt[]=390&kbc[]=281%3A%3A250153&kwp[]=1&kid[]=126744159&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.72%7C12%3D0.56%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.70%7Cps%3D0.961%7C3%3D1.58%7C4%3D1.17&ktd[]=274911592704&kwd[]=Best+Vitamins+for+Memory&kwt[]=390&kbc[]=281%3A%3A250153&kwp[]=2&kid[]=3494166&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D1.02%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.77%7Cps%3D0.961%7C3%3D0.34%7C4%3D1.57&ktd[]=274894815488&kwd[]=Best+Smart+Home+Gadgets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=324634347&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D0.43%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.39%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Electronic+Gadget+Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=77757437&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.39%7C12%3D0.48%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.43%7Cps%3D0.983%7C3%3D0.02%7C4%3D1.00&ktd[]=274895077632&kwd[]=Smartphones+for+Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=321185319&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.26%7C12%3D0.14%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.35%7C4%3D1.00&ktd[]=274911854848&kwd[]=Offers+on+Sports+Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=6&kid[]=329734968&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C60%3D0.34%7C12%3D0.35%7C66%3D1.84%7C10%3D4.79%7C63%3D0.25%7C1%3D0.37%7Cps%3D0.983%7C3%3D0.66%7C4%3D1.00&ktd[]=274895077632&cid=8CUIG0E7H&vi=1664828584588528470&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_katid=801333013&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10007%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_kalog=TPTD%3D1269523655296004%7C%7CSID%3D9%7C%7CMPTD%3D656%7C%7CMI%3D2845%7C%7CCI%3D2845%7C%7CUUID%3D338SqAkbpV3G7eLZrU%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CHID%3D1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721646&vgd_nrrv=17795&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D4%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584961&upk=1664828585.20813&hvsid=00001664828584961032397757442585&verid=3111299&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D4%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=220425&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=300_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=2&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584961032397757442585&rc=0&rand=1664828585412&matm=1664828585412&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=650&vgd_y_pos=8072&vgd_ren_page_h=8945&vgd_ltimesrc=2&vgd_ltime=489&vgd_rtime=457&vgd_etm=5&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=793&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=4%3A62187%2C1%3A44412&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:05 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9937
Connection: keep-alive
Content-Length: 15

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 5C77 15 B
285 B 30ms
29ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4043&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3hlPS5W5Lc8TuxORGMpZgSSqho-51giDbv4eg1SgQHLo7Qn-dehB41mXdUQgGJRV1iqpL7BXRZCa&cme=zdhpl9XxytrJaGv0KXECvMgFL-NAH6ywBGp-Ns0rbuDSJrL2LihO00n_yWTLgBb9m-fNiWgyl7dCoiI-eFjDLmu9LkeSRuFKV5XmGMwM3wi1iPvyIRseikTxOwfX9Ks452i8w8XAdeixwyMZqA7O-8IC9Bqkjwav0EBbmdMtnzF6gbJcr9rnraH21sf3ao47_HHjAvJdn9urj-DwOlS8byQ1lX6E8OcV%7C%7CPRfD8C5X6m0xAXUsVGPhQU2FVO9EY20YZRiGqgbFlOTE1dKBFGVyDZFX_2hONK8Y%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7CEBqDnlFco0ifmS1AQREJje855pcgyfAeyx68q2epAIdY_pK1zJ2HRoi6AlIIr5-MeZG1xW-3sLQgD49B-3BbTcMkPwcul6cNb5ceEmKYzhc7opepfNZkrlZc_q12txqIgIhM0eG8S7urMlmIpb50_39PWPINxUdIRQUqT9D8fPqzg-_lqBQGAlXg3_-bMaiz4n2Ma2NrV1nfWacxJxKGHfoQxtEoYhE8qOXzn_v_2jM%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721645&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=390&vgde_kbbh=fuoyxQBuG&kwd[]=Multiple+Myeloma+Signs&kwt[]=390&kbc[]=281%3A%3A250153&kwp[]=1&kid[]=126744159&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.25%7C66%3D1.84%7C62%3D1.06%7C60%3D0.72%7C10%3D4.79%7C12%3D0.56%7C1%3D0.70%7Cps%3D0.961%7C3%3D1.58%7C4%3D1.17&ktd[]=274911592704&kwd[]=Best+Vitamins+for+Memory&kwt[]=390&kbc[]=281%3A%3A250153&kwp[]=2&kid[]=3494166&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.25%7C66%3D1.84%7C62%3D1.06%7C60%3D0.34%7C10%3D4.79%7C12%3D1.02%7C1%3D0.77%7Cps%3D0.961%7C3%3D0.33%7C4%3D1.57&ktd[]=274894815488&kwd[]=Cheap+NFL+Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=5673023&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.25%7C66%3D1.84%7C62%3D1.06%7C60%3D0.23%7C10%3D4.79%7C12%3D0.35%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.31%7C4%3D1.00&ktd[]=274911854848&kwd[]=Best+Smart+Home+Gadgets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=324634347&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.25%7C66%3D1.84%7C62%3D1.06%7C60%3D0.34%7C10%3D4.79%7C12%3D0.43%7C1%3D0.39%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Electronic+Gadget+Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=77757437&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.25%7C66%3D1.84%7C62%3D1.06%7C60%3D0.39%7C10%3D4.79%7C12%3D0.48%7C1%3D0.43%7Cps%3D0.983%7C3%3D0.02%7C4%3D1.00&ktd[]=274895077632&cid=8CUIG0E7H&vi=1664828584680477833&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10002%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_kalog=CI%3D2840%7C%7CMI%3D2845%7C%7CTPTD%3D779141469340676%7C%7CHID%3D2%7C%7CMPTD%3D400%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CSID%3D9%7C%7CUUID%3D338SrljwgzpZgdR7Lo&vgd_katid=801355563&vgd_katbid=-21&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721645&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D3%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584931&upk=1664828585.20813&hvsid=00001664828584931032397757446205&verid=3111299&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D3%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=220407&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=324_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=2&&tdAdd[]=uiparams%3D%3Brend_w%3A324%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584931032397757446205&rc=0&rand=1664828585436&matm=1664828585436&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=1010&vgd_y_pos=5724&vgd_ren_page_h=8945&vgd_ltimesrc=2&vgd_ltime=540&vgd_rtime=513&vgd_etm=6&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=793&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=1%3A44412%2C4%3A62187&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:05 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9937
Connection: keep-alive
Content-Length: 15

GET
H/1.1 200
OK 1x1.gif
res-a.akamaihd.net/__media__/pics/800028474/ Frame B8E7 42 B
369 B 91ms
27ms Image
image/gif 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/800028474/1x1.gif
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 04 Jun 2018 10:04:19 GMT
Server: nginx
ETag: "5b150ea3-2a"
Content-Type: image/gif
Cache-Control: public, max-age=793523
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 13 Oct 2022 00:48:28 GMT

GET
DATA 200
OK truncated
/ Frame B8E7 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B8E7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet3.woff
res-a.akamaihd.net/__media__/fonts/bullet3/ Frame B8E7 2 KB
2 KB 29ms
28ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet3/bullet3.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-698"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1688

GET
DATA 200
OK truncated
/ Frame 593C 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 1x1.gif
res-a.akamaihd.net/__media__/pics/800028474/ Frame 593C 42 B
369 B 64ms
26ms Image
image/gif 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/800028474/1x1.gif
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 04 Jun 2018 10:04:19 GMT
Server: nginx
ETag: "5b150ea3-2a"
Content-Type: image/gif
Cache-Control: public, max-age=793523
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 13 Oct 2022 00:48:28 GMT

GET
DATA 200
OK truncated
/ Frame 593C 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 593C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK OpenSans-ExtraBold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans-ExtraBold/ Frame 593C 25 KB
26 KB 431ms
431ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans-ExtraBold/OpenSans-ExtraBold.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b3a4ee9a3f3c08cbc3d0ed68b9b18c98b544075e2d5827e2e26be781870a63dd

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 20:23:06 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-6554"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25940

GET
H/1.1 200
OK bullet13.woff
res-a.akamaihd.net/__media__/fonts/bullet13/ Frame 593C 2 KB
2 KB 27ms
27ms Font
application/font-woff 104.83.4.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet13/bullet13.woff
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.209 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7

Request headers

Referer: https://www.news9ontime.com/
Origin: https://www.news9ontime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 03 Oct 2022 20:23:05 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-69c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1692

GET
DATA 200
OK truncated
/ Frame 3E54 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E54 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 3E54 15 B
285 B 28ms
28ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4357&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3hlPS5W5Lc8TuxORGMpZgSSqho-51giDbv4eg1SgQHLo7Qn-dehB41n8cUToUbFavEqCl_GN0NcK&cme=tuqw5MhNXcjpN69jwZRVdPx8cjndQGX1jX5pVmRZFjCJ01zTiX4WxhKkVonJRZsuECsXUduliYzOun2_xnvHdPuJj5ujGq_J7E9gQrEA3mrP8dylSYemlwB9BslbbElqSp9KVBfqbaK872xb8YhfewEsMQUD27eaC5GRGz7DFj56jSod1l3kpqAi39YlED_EwsKoqndKBIvQ8DvTqTR7MN63gYuvxEhIkFz2OEc0plM%3D%7C%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7C6u-tA0u4XOeI0JBIJWx24Uk6elFXGz1c4sb6CN-weyG7pWEU2p9iAg%3D%3D%7CF52QYSiWHgFHV33Ac_ip6nV3lajCg5SO7vg-p4COipRrs5cxnmte3INcvU79qFDkWTubpNVq3ttctfm8gOC1gjtxhy4l5Y4dpCbdFNZYXQndksxBiB1Y7D5IlRl7HieXXdET459WtBuwuC8VRO4UKTED0jQbZBmzDPqnHwQnNGmGFg5sJdZrMkIY7B02UPTfCkS78mc6A6F2Qgh2HSt_imxAUuIz4BodHhMG9sd8afmviozF0-5Liw%3D%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721658&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Best+Smart+Home+Gadgets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=324634347&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C10%3D4.79%7C12%3D0.43%7C63%3D0.25%7C60%3D0.34%7C66%3D1.84%7C1%3D0.39%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Offers+on+Sports+Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734968&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C10%3D4.79%7C12%3D0.35%7C63%3D0.25%7C60%3D0.34%7C66%3D1.84%7C1%3D0.37%7Cps%3D0.983%7C3%3D0.66%7C4%3D1.00&ktd[]=274895077632&kwd[]=Top+Legal+Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=329734970&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C10%3D4.79%7C12%3D0.37%7C63%3D0.25%7C60%3D0.56%7C66%3D1.84%7C1%3D0.54%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Cheap+NFL+Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=5673023&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C10%3D4.79%7C12%3D0.35%7C63%3D0.25%7C60%3D0.23%7C66%3D1.84%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.31%7C4%3D1.00&ktd[]=274911854848&kwd[]=Offers+on+Women%27s+Clothing&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=329695454&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C10%3D4.79%7C12%3D0.19%7C63%3D0.25%7C60%3D0.65%7C66%3D1.84%7C1%3D0.59%7Cps%3D0.983%7C3%3D0.24%7C4%3D1.00&ktd[]=274895077632&kwd[]=Smart+Fitness+Bands&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=6&kid[]=329734969&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.06%7C10%3D4.79%7C12%3D0.48%7C63%3D0.25%7C60%3D0.29%7C66%3D1.84%7C1%3D0.36%7Cps%3D0.983&ktd[]=274895077632&cid=8CUIG0E7H&vi=1664828584506479962&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_kalog=TPTD%3D1269523655296004%7C%7CSID%3D9%7C%7CMPTD%3D656%7C%7CMI%3D2845%7C%7CCI%3D2845%7C%7CUUID%3D338SqAkbpV3G7eLZrU%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CHID%3D1&vgd_katid=801355568&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10002%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721658&vgd_nrrv=17795&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584876&upk=1664828585.20813&hvsid=00001664828584876032397757449988&verid=3111299&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=200219&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=300_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=2&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584876032397757449988&rc=0&rand=1664828585889&matm=1664828585889&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=650&vgd_y_pos=4643&vgd_ren_page_h=9040&vgd_ltimesrc=2&vgd_ltime=1023&vgd_rtime=1016&vgd_etm=2&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=793&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=4%3A62187%2C1%3A44412&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:05 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9937
Connection: keep-alive
Content-Length: 15

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame B8E7 15 B
285 B 28ms
28ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4125&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3hlPS5W5Lc8TuxORGMpZgSSqho-51giDbv4eg1SgQHLo7Qn-dehB41mXdUQgGJRV1iqpL7BXRZCa&cme=o5xLsshSN1FWNiUiG8qKFcLXZSk42yP-zQczMzo4g-eU8UWjqhoye4ZneZahBSwiGKr9kt4We_z57mJ9GJ7y6f9zhyrn-6re22XxlhTiy2-PFJ84zRjoDyIjbNOodOvKF0Q50aBNjTujjyHQrvifAbXLgeHH2T220RytXlao5X-ytngJNuT01H4XmQvIUlvEewYshj_dSr3WUac67hHpce50PTu-ZUk4spZKuttLO54%3D%7C%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7CPRfD8C5X6m0xAXUsVGPhQU2FVO9EY20YZRiGqgbFlOTE1dKBFGVyDZFX_2hONK8Y%7CLKH5XIfeG7hwKHojd7_FvPZqGNMZbM1odIT20eeaXINeu0sMGvMfjWGBvIyALganFuuyIMnJ73H6wtxaxSdwyVlMtSrd8RvOcTf_5VlEaCEYlwB7_hS4jFO6Xy8ZJzCME8sKfy9Eiga6_4VfPJV7v1qJfLBG0fVe4FqyqxijBhHqDhbtkwyLT7kajGuMUl5hrD8cMMx-6xQuJztk2_mcVWehDZ9XCRq5LRJASqpofn-k8K6Jk_ezIw%3D%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721326&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Cheap+NFL+Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=5673023&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C63%3D0.25%7C12%3D0.35%7C62%3D1.06%7C10%3D4.79%7C60%3D0.23%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.31%7C4%3D1.00&ktd[]=274911854848&kwd[]=Top+Legal+Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734970&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C63%3D0.25%7C12%3D0.37%7C62%3D1.06%7C10%3D4.79%7C60%3D0.56%7C1%3D0.54%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Offers+on+Sports+Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=329734968&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C63%3D0.25%7C12%3D0.35%7C62%3D1.06%7C10%3D4.79%7C60%3D0.34%7C1%3D0.37%7Cps%3D0.983%7C3%3D0.66%7C4%3D1.00&ktd[]=274895077632&kwd[]=Latest+Movie+Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=17128500&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C63%3D0.25%7C12%3D0.41%7C62%3D1.06%7C10%3D4.79%7C60%3D0.17%7C1%3D0.23%7Cps%3D0.983%7C3%3D0.01%7C4%3D1.00&ktd[]=274911854848&kwd[]=Offers+on+Women%27s+Clothing&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=329695454&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C63%3D0.25%7C12%3D0.19%7C62%3D1.06%7C10%3D4.79%7C60%3D0.65%7C1%3D0.59%7Cps%3D0.983%7C3%3D0.24%7C4%3D1.00&ktd[]=274895077632&cid=8CUIG0E7H&vi=1664828584869413324&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_katid=801333009&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10007%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_kalog=CI%3D2840%7C%7CMI%3D2845%7C%7CTPTD%3D779141469340676%7C%7CHID%3D2%7C%7CMPTD%3D400%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CSID%3D9%7C%7CUUID%3D338SrljwgzpZgdR7Lo&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721326&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584783&upk=1664828585.20813&hvsid=00001664828584783032397757446742&verid=3111299&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=200219&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=2&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584783032397757446742&rc=0&rand=1664828585820&matm=1664828585820&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=1022&vgd_y_pos=1003&vgd_ren_page_h=9040&vgd_ltimesrc=2&vgd_ltime=1132&vgd_rtime=1042&vgd_etm=3&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=793&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=4%3A62187%2C1%3A44412&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:05 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9937
Connection: keep-alive
Content-Length: 15

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 29ms
28ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=1521&lf=3&&vgd_l2type=sca&pid=8PO2E81UX&kalog=TPTD=1269523655296004||SID=9||MPTD=656||MI=2845||CI=2845||UUID=338SqAkbpV3G7eLZrU||TLID=6||SI=2840||HID=1&kals=ttype=10007||pt=1||lmid=v701||aghl=1||ttd=8&kasts=tstype=-10408||gbid=-1&kata=aton&katbid=-21&katen=1&katid=801333011&pc=7&cme=Y5ZWG9L1xl7ZKl04A4d0g3LkTrNRjRyDFj18qtXGdkJWqOsIRPCUL_oOm8XfSFbYWLIJkfGZdym23x-ImiXR3LOcPUlYilFptaO9g5OscMSuw_1JRF_bEp7c1CK0ytCOZmOYqApSc5THKh0fRmXiRMl2XzANqKruVGx0A8YogWKky4StcMyUhaChIlcHLVGTLk5Igphv74ZE_zmwjjMYrqmBHnAF5Ubh||a0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg==|6u-tA0u4XOeI0JBIJWx24Uk6elFXGz1c4sb6CN-weyG7pWEU2p9iAg==|QdVxhdDUScX9XktBqmzEc8M0A_SNG9zKy_JZ1Fiu7ebq9B2PWZ5r4_z7Rn_Hc_RZJ4vExlXAEvqq-Isn8w4jgba4Wj13F2UfBBq-_5WQWhaIilMedEbDz-XwtVEBDDNKg3EhQ-WRntwKMkJLy7frdsyPVM-S34FcY0GE7o5MJnXpTNsAfFdil6dt1tYIBVg9fZA_hD2TdiDosau8VXQrDx4y97SCcIHkYB1FcSkWYlw=|&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vi=1664828584198787827&ugd=4&cc=DE&sc=HE&startTime=1664828584692&vgd_l1rakh=1664828584192769806&l1ch=0&sttm=1664828584700&upk=1664828585.20813&hvsid=00001664828584700032397757449629&verid=3111299&vgd_sc=HE&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!O5r4q|6520&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&l2ch=0&vgd_pgid=p01977924732t202210032023&vgd_pgids=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:06 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=12482
Connection: keep-alive
Content-Length: 15

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 593C 15 B
285 B 28ms
27ms Script
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4036&&&vgd_l2type=sca&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkOUftMZxbAS3hlPS5W5Lc8TuxORGMpZgSSqho-51giDbv4eg1SgQHLo7Qn-dehB41mXdUQgGJRV1iqpL7BXRZCa&cme=u0mWqGvnxJW6bRDtR0IOVvrRaLJR7hun_1MmL_6ammVXB4RycxnmdHVC45tBBCCMxk-YWVNRedAmCK4LO1odz8kfO9ZDqijE38r-iYfnlYz1vy0vFNHjmgB9_LCF5N1Yey9w5K5mJzuEZPeG0s58gZj9xI_RwtAj0bb9I5HVpKNRp0EBxa3IRnFF8k-V2dztMQq9LOQ98j-1s0m2gFw_N1f4jaaN7D0x%7C%7CPRfD8C5X6m0xAXUsVGPhQU2FVO9EY20YZRiGqgbFlOTE1dKBFGVyDZFX_2hONK8Y%7Ca0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg%3D%3D%7CKN-Sq1F8jTMaPjV0Un0iPIkvsfTi4ZQEsIlc12XsvyU4t5xWFtGEeNJaQ9Wev4xIQX1tzApemjV7196a6VtAWbwrGAwxXZgdwtz2jAr3l4aOGjOhXdNxFwucqPnlTxWgdUD2KqOZPjOA6QJnvLVGWRXWddzUbvNqqbADFis-c9RQiUmwBUBpHpo6ZU5giJRNizgUP8FpKRaaaoHU1b-unNIEnQX7HU_dCsEwUeht9gw%3D%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=25&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721646&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=390&vgde_kbbh=fuoyxQBuG&kwd[]=Multiple+Myeloma+Signs&kwt[]=390&kbc[]=281%3A%3A250153&kwp[]=1&kid[]=126744159&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C12%3D0.56%7C62%3D1.06%7C63%3D0.25%7C60%3D0.72%7C10%3D4.79%7C1%3D0.70%7Cps%3D0.961%7C3%3D1.58%7C4%3D1.17&ktd[]=274911592704&kwd[]=Best+Vitamins+for+Memory&kwt[]=390&kbc[]=281%3A%3A250153&kwp[]=2&kid[]=3494166&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C12%3D1.02%7C62%3D1.06%7C63%3D0.25%7C60%3D0.34%7C10%3D4.79%7C1%3D0.77%7Cps%3D0.961%7C3%3D0.33%7C4%3D1.57&ktd[]=274894815488&kwd[]=Latest+Movie+Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=17128500&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C12%3D0.41%7C62%3D1.06%7C63%3D0.25%7C60%3D0.17%7C10%3D4.79%7C1%3D0.23%7Cps%3D0.983%7C3%3D0.01%7C4%3D1.00&ktd[]=274911854848&kwd[]=Smart+Fitness+Bands&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329734969&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C12%3D0.48%7C62%3D1.06%7C63%3D0.25%7C60%3D0.29%7C10%3D4.79%7C1%3D0.36%7Cps%3D0.983&ktd[]=274895077632&kwd[]=Cheap+NFL+Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=5673023&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.84%7C12%3D0.35%7C62%3D1.06%7C63%3D0.25%7C60%3D0.23%7C10%3D4.79%7C1%3D0.27%7Cps%3D0.983%7C3%3D0.31%7C4%3D1.00&ktd[]=274911854848&cid=8CUIG0E7H&vi=1664828584562545997&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_katid=801550322&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10007%7C%7Cpt%3D1%7C%7Clmid%3Dv701%7C%7Caghl%3D1%7C%7Cttd%3D8&vgd_kalog=CI%3D2840%7C%7CMI%3D2845%7C%7CTPTD%3D779141469340676%7C%7CHID%3D2%7C%7CMPTD%3D400%7C%7CTLID%3D6%7C%7CSI%3D2840%7C%7CSID%3D9%7C%7CUUID%3D338SrljwgzpZgdR7Lo&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721646&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO2E81UX&&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&vgd_l1rakh=1664828584192769806&sttm=1664828584862&upk=1664828585.20813&hvsid=00001664828584862032397757447077&verid=3111299&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&&abpl=2&&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D9009&&vgd_vstrid=DefVid&vgd_optout=0&vgd_cfud=220708&vgd_scsver=326&vgd_icat=379&vgd_spcat=500996&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=324_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=2&&tdAdd[]=uiparams%3D%3Brend_w%3A324%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001664828584862032397757447077&rc=0&rand=1664828585874&matm=1664828585874&requrl=https%3A%2F%2Fwww.news9ontime.com&vgd_x_pos=1010&vgd_y_pos=3397&vgd_ren_page_h=9040&vgd_ltimesrc=2&vgd_ltime=1581&vgd_rtime=1018&vgd_etm=5&vgd_l1hcsd=O5r4q%7C6520&vgd_l1ch=0&vgd_lhl=793&vgd_pgid=p01977924732t202210032023&vgd_adprefflag=11&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=S%7CDIV&vgd_sgmt=4%3A62187%2C1%3A44412&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:06 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9936
Connection: keep-alive
Content-Length: 15

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 64ms
30ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a49122a61fde594612443b54831949e7066de192b62dde38b55b8b8a73d0f36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11155
x-xss-protection: 0

POST
H2 200 custom Show response
itweepinbelltor.com/ 39 B
328 B 23ms
22ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/custom

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 2193126bdba4298f9b4940a6c1a858c3
date: Mon, 03 Oct 2022 20:23:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9ontime.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
itweepinbelltor.com/ Frame 0
0 21ms
21ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.news9ontime.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.news9ontime.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 03 Oct 2022 20:23:06 GMT
server: nginx

GET
H3 200 kitchener-resident-wins-3-8-million-in-50-50-draw-to-support-toronto-blue-jays-charity.jpg
www.news9ontime.com/wp-content/uploads/2022/10/ 47 KB
47 KB 163ms
162ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/10/kitchener-resident-wins-3-8-million-in-50-50-draw-to-support-toronto-blue-jays-charity.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 4e32e0d2f5a4dcd6d2e717a6e55ce97e1559a3e32b4733bc5be198080c3cc771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 03 Oct 2022 20:16:16 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 48208
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 man-54-charged-in-connection-with-indecent-acts-in-clarington-ont-police.png
www.news9ontime.com/wp-content/uploads/2022/10/ 314 KB
314 KB 255ms
253ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/10/man-54-charged-in-connection-with-indecent-acts-in-clarington-ont-police.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 275140cb898fb07d81097b30fdef8f262659e86610739d197b48798484158766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 03 Oct 2022 19:15:48 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 321581
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 man-damages-toronto-parking-enforcement-vehicle-after-being-issued-ticket-police.png
www.news9ontime.com/wp-content/uploads/2022/10/ 299 KB
300 KB 387ms
384ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/10/man-damages-toronto-parking-enforcement-vehicle-after-being-issued-ticket-police.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 39af59495971a57404f66b876aa9cef47ada74d1d6f2a38fc18e792a79842c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 03 Oct 2022 18:15:36 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 306564
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 police-warning-residents-after-aggressive-coyotes-reported-in-toronto-neighbourhood.jpg
www.news9ontime.com/wp-content/uploads/2022/10/ 71 KB
71 KB 227ms
225ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/10/police-warning-residents-after-aggressive-coyotes-reported-in-toronto-neighbourhood.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 9353678d1ee78ed1c3e095d45622a227f919abe4cbe77806ccc9902a28102597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 03 Oct 2022 17:05:48 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 73061
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 ex-nfl-rb-zac-stacy-brutalizes-ex-gf-in-front-of-5-month-old-son-terrifying-video.jpg
www.news9ontime.com/wp-content/uploads/2021/11/ 71 KB
71 KB 182ms
180ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/11/ex-nfl-rb-zac-stacy-brutalizes-ex-gf-in-front-of-5-month-old-son-terrifying-video.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: f4ec25ebf336b70d79cd5ad16937c54d07e5bb686b03f55d0dccfcdafe2a022f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Thu, 18 Nov 2021 13:45:10 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 72398
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 ema-in-subtle-swipe-at-germany-france-over-reaction-on-astrazeneca-is-not-unexpected.jpg
www.news9ontime.com/wp-content/uploads/2021/03/ 21 KB
21 KB 588ms
586ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/ema-in-subtle-swipe-at-germany-france-over-reaction-on-astrazeneca-is-not-unexpected.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: b0175edb1a9dcb3a6a6583fdc6f474732cafe552e9baab21e576bd35e969890a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Tue, 16 Mar 2021 14:35:09 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21726
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 man-in-his-40s-stabbed-at-scarborough-apartment-building.jpg
www.news9ontime.com/wp-content/uploads/2022/09/ 45 KB
46 KB 592ms
591ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/09/man-in-his-40s-stabbed-at-scarborough-apartment-building.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 532c50c649cea17678a476ba0b6e8f6ab0c0c21a241a5686fc9cf13fa5bcc5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Tue, 20 Sep 2022 12:06:14 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 46562
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 doug-fords-former-chief-of-staff-drops-libel-lawsuit-against-legislator-randy-hillier.jpg
www.news9ontime.com/wp-content/uploads/2019/07/ 19 KB
19 KB 216ms
215ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/07/doug-fords-former-chief-of-staff-drops-libel-lawsuit-against-legislator-randy-hillier.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: fd0d83084a4450ea85a279360b8c50fd1c6295017b84940b33c322f43eef09ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 22 Jul 2019 16:16:07 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 19279
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 hero-mum-punches-mountain-lion-after-it-dragged-young-son-45-yards-from-their-home.jpg
www.news9ontime.com/wp-content/uploads/2021/08/ 76 KB
76 KB 607ms
606ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/08/hero-mum-punches-mountain-lion-after-it-dragged-young-son-45-yards-from-their-home.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: b170c63bee6f0438f7dc2880650c9d2ae6049f786c1e6e3bf4aeb08d01083ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 30 Aug 2021 03:25:01 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 78114
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 10-most-impressive-humans-in-the-world.jpg
www.news9ontime.com/wp-content/uploads/2019/06/ 149 KB
149 KB 627ms
626ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/06/10-most-impressive-humans-in-the-world.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 51edf838fb66cd96b64e2ce23b96fa1e06a1c471dc2f1c04e461e44bda40985d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Wed, 19 Jun 2019 03:15:02 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 152763
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 why-are-french-bulldogs-are-so-expensive-218x150.jpg
www.news9ontime.com/wp-content/uploads/2020/03/ 10 KB
10 KB 659ms
658ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2020/03/why-are-french-bulldogs-are-so-expensive-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 977fdea46efda353b479f81037ebf5fe3a7e8f7dc7bfe1f2d9460d1dadee7531

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 02 Mar 2020 05:35:14 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 9853
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 157ms
70ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 20:23:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 317A 13 KB
5 KB 91ms
29ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 11:36:42 GMT
expires: Tue, 03 Oct 2023 11:36:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B553 783 B
1 KB 137ms
57ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2f2adc66f2c508bb6ba037a266dce952f80e64468fd0da09da8e0ed5a2fd29aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yak2_cmWPRMnneSpX5YhrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.news9ontime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Yak2_cmWPRMnneSpX5YhrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 20:23:06 GMT
expires: Mon, 03 Oct 2022 20:23:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 despite-hurricane-ians-punch-wedding-day-saved-on-wet-pawleys-island-s-c.jpg
www.news9ontime.com/wp-content/uploads/2022/10/ 333 KB
333 KB 220ms
219ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/10/despite-hurricane-ians-punch-wedding-day-saved-on-wet-pawleys-island-s-c.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: e705443c6a7ea5ea8309e723c4a673e2953f78fc552ad50584c99d2100a5f97a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Sun, 02 Oct 2022 00:56:39 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 340687
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 how-spam-became-cool-again-foodies-fine-dining-chefs-embrace-once-maligned-canned-meat.jpg
www.news9ontime.com/wp-content/uploads/2022/10/ 384 KB
384 KB 441ms
440ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2022/10/how-spam-became-cool-again-foodies-fine-dining-chefs-embrace-once-maligned-canned-meat.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: /
Resource Hash: 3a0630f80cf5cfcb17bd1b133ecdab8ece2dc4347821f13e7aa191879557908b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
last-modified: Mon, 03 Oct 2022 13:15:42 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 393404
expires: Wed, 02 Nov 2022 20:23:06 GMT

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame 317A 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 19:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 19:12:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B553 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=362576336783947&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 28ms
27ms Image
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=1559&lf=3&&vgd_l2type=sca&pid=8PO2E81UX&kalog=CI=2840||MI=2845||TPTD=779141469340676||HID=2||MPTD=400||TLID=6||SI=2840||SID=9||UUID=338SrljwgzpZgdR7Lo&kals=ttype=10007||pt=1||lmid=v701||aghl=1||ttd=8&kasts=tstype=-10408||gbid=-1&kata=aton&katbid=-21&katen=1&katid=801333009&pc=9&cme=o5xLsshSN1FWNiUiG8qKFcLXZSk42yP-zQczMzo4g-eU8UWjqhoye4ZneZahBSwiGKr9kt4We_z57mJ9GJ7y6f9zhyrn-6re22XxlhTiy2-PFJ84zRjoDyIjbNOodOvKF0Q50aBNjTujjyHQrvifAbXLgeHH2T220RytXlao5X-ytngJNuT01H4XmQvIUlvEewYshj_dSr3WUac67hHpce50PTu-ZUk4spZKuttLO54=||a0AmFUYXmD4sMeA9dTWjhJUsP_tgyDiheiU_NgJ3fXBjvye1QSsqwg==|PRfD8C5X6m0xAXUsVGPhQU2FVO9EY20YZRiGqgbFlOTE1dKBFGVyDZFX_2hONK8Y|LKH5XIfeG7hwKHojd7_FvPZqGNMZbM1odIT20eeaXINeu0sMGvMfjWGBvIyALganFuuyIMnJ73H6wtxaxSdwyVlMtSrd8RvOcTf_5VlEaCEYlwB7_hS4jFO6Xy8ZJzCME8sKfy9Eiga6_4VfPJV7v1qJfLBG0fVe4FqyqxijBhHqDhbtkwyLT7kajGuMUl5hrD8cMMx-6xQuJztk2_mcVWehDZ9XCRq5LRJASqpofn-k8K6Jk_ezIw==|&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vi=1664828584869413324&ugd=4&cc=DE&sc=HE&startTime=1664828584781&vgd_l1rakh=1664828584192769806&l1ch=0&sttm=1664828584783&upk=1664828585.20813&hvsid=00001664828584783032397757446742&verid=3111299&vgd_sc=HE&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!O5r4q|6520&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&npgv=1&pvl=%7B%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A2%7D&l2ch=0&vgd_pgid=p01977924732t202210032023&vgd_pgids=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Mon, 03 Oct 2022 20:23:06 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=12482
Connection: keep-alive
Content-Length: 15

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 317A 0
10 B 40ms
40ms Image
text/plain 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Mgci5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:23:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=362576336783947&bg=!aGulay_NAAYQgTJdMIE7ACkAdvg8WtITdFqKAIiVwd0wWEL2eHJwQRJ9L4cZCzoXtrJTcacx0pPF8AIAAABpUgAAAANoAQcKAJX8kFBaS6m285eMVEKs7175-9eD0p75zGH-NAALYbcSvC8YivIRfiVWASBioMC9Ignu1NEdiWlIpuf7FSJ4eGSIZI8p3A9N1R-nHDMESgf91XV209PGM3sXgsIPVDlBHYvzo0kWPl_7n_p1y5S2MLchxhZQdoVly1LHk1lXj5Jryr34TobBs2KvpS7ZKw802NMQst2Lw5kCo4U75-JZp4sJr5ihrlNY2aQHT1w4prh3G-YigExeTfWrr9RBRTMbgPdwFXmWcsijaHanraWBIOc3POaB-TZroZf1ueh-2dX4dCtvpccqQVLYziw1au1_HiUoUfs540hGaDm5w3V0y9j3X-5goyFrxB7EAvGrdPGlZCakyqfAu2OGfceOtVS8Lq6-1KZy2uJpMjaj4MROvB4VXHMRaIwFyzzSgx75vuvtwEFChyi71Z2foXXbw4WW5uVksSENAOWk17ump_77BuGbtTuv_exVlNrGtT_nkk61XOUXPGg3Yhp_UqSrA13az7Y6dLrty3ePphE-F5VG1558u3XeJD_HadfX-JusEYWD6bQTsH4jKFhmJgVpyQSIKQTmkqVRc5LBlkAR7iWraGTJyUzHJu4z7dZBaAH4cLZwllaEUYz3bQd6eJRK3_n-rgtNYJum5eBDYfwoc-_YPAZkUbZ1m5Sl22ByyfjpVqgbf0QznwKuZOVvgpREkBtjwcEob9K4X1p-OpCgQcwGeGb61tn66oJ_i1yKHYQuqaVgvDF6QM-Qe13FygXw8ooOTdVNsLQWuyF1hVUoi3NpQt7XEYiI_N57imkI1QEi2p5wo2_mtR_97oTBzWewjFSmZrugp7BMz4TbeQU3OTrIVAfsK2YDnFKe0XeXw5uLvuwaQPoSdlF1D7JhjnP06R_99pYat9wkO5NIgkNEhQCet_60cr81-N1b5EmwIkLflV3IABoh_s4amZ-ODBjUTYuVT9sCzLA8L99XgrGC9822fKBdqrP7ZNPC9iUNS0sBRumrUvET4grxyGRKSqYOvAnZIG8ZmDtnM0RKNUvUwSilSnabe6TT4SEJMmXApMl2ptFjIVKp3MfsQ1JwUlreKtOvXG8i6eh8B9X8klW1ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tharbadir.com/	1970-01-20 15:12:44	Name: scm Value: 1
.news9ontime.com/	1970-01-20 16:03:08	Name: _ga Value: GA1.2.149348632.1664828585
.news9ontime.com/	1970-01-20 06:28:34	Name: _gid Value: GA1.2.336970407.1664828585
.news9ontime.com/	1970-01-20 06:27:08	Name: _gat_gtag_UA_117511567_1 Value: 1
.doubleclick.net/	1970-01-20 06:27:09	Name: test_cookie Value: CheckForPermission
.news9ontime.com/	1970-01-20 15:48:44	Name: __gads Value: ID=3bf1499858f0d6f1-22c9e8863ace005f:T=1664828584:RT=1664828584:S=ALNI_MZOg7FdgmT4xtF7WTeuwjRq60FicA
www.news9ontime.com/	1970-01-20 06:27:10	Name: session_depth Value: www.news9ontime.com%3D1%7C852638897%3D4%7C801896542%3D3
my.rtmark.net/	1970-01-20 15:12:44	Name: ID Value: afcb38f616c640a7ab267bbb9dcaedfd

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.news9ontime.com/wp-content/uploads/2019/02/back.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tharbadir.com/2?z=2352359 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.news9ontime.com/wp-content/uploads/2018/04/8.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.chitika.net
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
itweepinbelltor.com
lg3.media.net
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
res-a.akamaihd.net
tharbadir.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.news9ontime.com
104.83.4.209
13.32.99.25
139.45.195.8
139.45.197.238
139.45.197.250
199.231.86.13
2.18.235.93
2.18.68.23
2a00:1450:4001:803::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:400a:808::200a
2a00:1450:400d:805::2002
2a00:1450:400d:806::2001
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f
138cdceb3ab617acf19542d816118a4f66c831dba30dcf4e64fe75e7052e00f7
18984e06d667caec33bacded7f35ba5451df004d17983295d4775932a179b633
1b1e29f890f4a510d92c9ba5d548e24b8fb76de23d4c8d112573073b3e66ee7f
1bdf6712e0647bd1eac7c28c1f7e8f229e53bbe2ae48ba1b939b1e6fd0225c95
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20ef4c3d355b21169aaf8bce0e0c7ad477f6a82221bbdda0db3532e9e4dc7bf1
2109de697a13ffc5a7a266564babe6e6c1078a8d685e040a7a0892732f541acb
275140cb898fb07d81097b30fdef8f262659e86610739d197b48798484158766
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2cd2df31bacd62486cee25e0734bab7213f959dab750a6f80717a0fa58326e14
2f2adc66f2c508bb6ba037a266dce952f80e64468fd0da09da8e0ed5a2fd29aa
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
39ab243ed596bcf21e25ab361429330ab04f65561bb819957a36ec740ae86fbe
39af59495971a57404f66b876aa9cef47ada74d1d6f2a38fc18e792a79842c42
3a0630f80cf5cfcb17bd1b133ecdab8ece2dc4347821f13e7aa191879557908b
4cf1e09e7629c41bc1168da45872f3dcfd072fb88e03f8a0d9b34719fcb7b323
4d33573ed1168a27d4bdbf7199c57c467346744c55310a568f429f6a8180e63c
4e32e0d2f5a4dcd6d2e717a6e55ce97e1559a3e32b4733bc5be198080c3cc771
4ef8f6b18c51eb8180a29bf6a900b0e4b37fa13df6885260b48226fc83b63cea
51edf838fb66cd96b64e2ce23b96fa1e06a1c471dc2f1c04e461e44bda40985d
532c50c649cea17678a476ba0b6e8f6ab0c0c21a241a5686fc9cf13fa5bcc5ea
5516a922df8e7a1f7665843b005b171f791955953939a1f09c5b551528a431d8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
69676bc70516c9217cc70379539cb8d36407c2ef506de71c1f2ddfc663c668fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
7188aa7cd9949619041b52601fa51f79303e54880cd5a940f905d95457c26e2a
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
82baba302bf1669d5de1f8f2855d426f955cf1150ab0474d1985988a98fc5d55
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9353678d1ee78ed1c3e095d45622a227f919abe4cbe77806ccc9902a28102597
977fdea46efda353b479f81037ebf5fe3a7e8f7dc7bfe1f2d9460d1dadee7531
9a633a6a74f48bb56b862398e8a23a259f250bfc039b541e96cd6f751e12654e
9bf04274516def769daa9e7110fca6ee420167b5fbf07accc991172ac1b21aa3
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a49122a61fde594612443b54831949e7066de192b62dde38b55b8b8a73d0f36a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a51f3437db24ad6794d416713c941741b96893ebe605557177776fbce91d1d67
a77a10174c58edea31a8a39d757cac97af0595510eb5996d919a3f44bd6aef04
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0175edb1a9dcb3a6a6583fdc6f474732cafe552e9baab21e576bd35e969890a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b170c63bee6f0438f7dc2880650c9d2ae6049f786c1e6e3bf4aeb08d01083ea7
b3a4ee9a3f3c08cbc3d0ed68b9b18c98b544075e2d5827e2e26be781870a63dd
b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
c09700ed0383df8da728e83d821c1e1591e044f4b8b0514face223e2bd073e49
c152453db4b8c67ebf3ef75aa1f31c4b588d00fe4d8ff4e6e5499c8af602387f
c300b6a2877bb5b77918987020634e2c4981146589638e918bc4de730d19df90
c6bdb1dc8ea8639ecb6757a21dc679727e90014c9c3ce92aeef16c4d37012c55
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a0fb0320831047a2276f2759bd6650de39079719e9f0486329532239236d3a
da1df5ce2583c977a0a233ed45d77d64993fe37cdb41d40045378374742a3ce5
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db7e181044df215d619b31f279701922425ce47dda4852cb2f9ce8914bb51986
dbcf2d2489fe991f2567d769d6cbb194799facf40660cc3eac7e1624f3cf746c
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e586b1111c96f3c51b8bc12dd9ffd6c902cd94071fdc5a0c9abfe2ded7ed1
e705443c6a7ea5ea8309e723c4a673e2953f78fc552ad50584c99d2100a5f97a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ec25ebf336b70d79cd5ad16937c54d07e5bb686b03f55d0dccfcdafe2a022f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
fbe0b1b485c9c32c61a86f441e860cc35b7d5342a2de762b356b04180009744f
fd0d83084a4450ea85a279360b8c50fd1c6295017b84940b33c322f43eef09ee
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.news9ontime.com Open in urlscan Pro 199.231.86.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

58 %IPv6

16 Domains

19 Subdomains

20 IPs

6 Countries

3147 kBTransfer

5719 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.news9ontime.com Open in urlscan Pro
199.231.86.13 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

19
Subdomains

20
IPs

6
Countries

3147 kB
Transfer

5719 kB
Size

8
Cookies

110 HTTP transactions
17 data transactions