www.news9.com Open in urlscan Pro
2600:9000:214f:3e00:7:fd1f:ea00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.news9.com/weather/notifications
Submission: On May 01 via api (May 1st 2024, 7:01:09 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 61 HTTP transactions. The main IP is 2600:9000:214f:3e00:7:fd1f:ea00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.news9.com. The Cisco Umbrella rank of the primary domain is 139495.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 15th 2024. Valid for: a year.

This is the only time www.news9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2600:9000:214... 2600:9000:214f:3e00:7:fd1f:ea00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	104.16.160.145 104.16.160.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	18.244.18.27 18.244.18.27	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.120.1.7 3.120.1.7	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:280... 2a02:26f0:280:6::213:7ad0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1901:0:3... 2600:1901:0:328a::1	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2	3.91.125.223 3.91.125.223	14618 (AMAZON-AES) (AMAZON-AES)
1	3.5.17.132 3.5.17.132	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:2800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
6	35.244.133.240 35.244.133.240	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	26

14 2600:9000:214f:3e00:7:fd1f:ea00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.news9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.1.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-1-7.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:280:6::213:7ad0 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

griffin-communications.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.91.125.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-125-223.compute-1.amazonaws.com

baron.kwtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.17.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

hot-town-closings.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.133.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.133.244.35.bc.googleusercontent.com

voraciousgrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1231 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	news9.com 1 redirects www.news9.com — Cisco Umbrella Rank: 139495	400 KB
8	voraciousgrip.com voraciousgrip.com — Cisco Umbrella Rank: 133375	256 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	172 KB
4	akamaized.net griffin-communications.akamaized.net — Cisco Umbrella Rank: 117459	60 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
3	gstatic.com fonts.gstatic.com	64 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	294 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 183	3 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4672 onesignal.com — Cisco Umbrella Rank: 1533	74 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7278	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2	316 B
2	kwtv.com baron.kwtv.com — Cisco Umbrella Rank: 166334	31 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 34230	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 586	481 B
1	amazonaws.com hot-town-closings.s3.amazonaws.com — Cisco Umbrella Rank: 152761	557 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3015	18 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 717	554 B
1	taboola.com c2.taboola.com — Cisco Umbrella Rank: 8648	17 KB
61	21

	Domain	Requested by
14	www.news9.com	1 redirects www.news9.com
8	voraciousgrip.com	www.news9.com voraciousgrip.com
4	griffin-communications.akamaized.net	www.news9.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.news9.com www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.news9.com
3	securepubads.g.doubleclick.net	www.news9.com securepubads.g.doubleclick.net
2	www.google.de	www.news9.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	baron.kwtv.com	www.news9.com
2	fonts.googleapis.com	www.news9.com
2	connect.facebook.net	www.news9.com connect.facebook.net
2	cdn.onesignal.com	www.news9.com cdn.onesignal.com
1	images.getadmiral.com	www.news9.com
1	www.google.com	www.news9.com
1	region1.google-analytics.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.facebook.com	www.news9.com
1	static.adsafeprotected.com	www.news9.com
1	onesignal.com	cdn.onesignal.com
1	hot-town-closings.s3.amazonaws.com	www.news9.com
1	stackpath.bootstrapcdn.com	www.news9.com
1	d.agkn.com	www.news9.com
1	c2.taboola.com	www.news9.com
61	25

This site contains links to these domains. Also see Links.

Domain
www.griffin.news
www.paycomonline.net
www.google.com
www.newson6.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
griffin-communications.akamaized.net
optout.aboutads.info
publicfiles.fcc.gov
getadmiral.com

Subject Issuer	Validity	Valid
*.news9.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
onesignal.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-09` - `2024-05-09`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
voraciousgrip.com R3	`2024-04-24` - `2024-07-23`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.kwtv.com Amazon RSA 2048 M03	`2023-10-31` - `2024-11-27`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
getadmiral.com GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.news9.com/weather/notifications
Frame ID: DC1785DA9330B7803E2C05A798F8C8EB
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News 9

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

58 %
IPv6

21
Domains

25
Subdomains

26
IPs

4
Countries

1488 kB
Transfer

4986 kB
Size

13
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.griffin.news/videosales
Title: Video Sales

Search URL Search Domain Scan URL

URL: https://www.paycomonline.net/v4/ats/web.php/jobs?clientkey=1AA1DF477FCA3329008D91C281B69764
Title: Job Listings

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/KWTV+News+9/@35.5481854,-97.4986936,17z/data=!3m1!4b1!4m5!3m4!1s0x87b219a733117a87:0x86cf9395c7f1cb3e!8m2!3d35.5481854!4d-97.4965049

Search URL Search Domain Scan URL

URL: https://www.newson6.com/about-us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NEWS9/

Search URL Search Domain Scan URL

URL: https://twitter.com/News9
Title: svg{fill:#fff;padding-top:4px;}

Search URL Search Domain Scan URL

URL: https://www.instagram.com/news9/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NEWS9OklahomaCity

Search URL Search Domain Scan URL

URL: http://www.griffin.news/
Title: Griffin Media.

Search URL Search Domain Scan URL

URL: https://griffin-communications.akamaized.net/legal/kwtv_eeoReport.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/#!/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KWTV-DT
Title: KWTV Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KSBI
Title: KSBI Public Inspection File

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.news9.com&utm_medium=pb&session=5-48f5e146213ca28411724c3657732057-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://sb.scorecardresearch.com/cs/35895192/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 33

https://www.news9.com/views/utilityBelt?v=1714590064111 HTTP 302
https://www.news9.com/login

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request notifications Show response
www.news9.com/weather/ 349 KB
67 KB 383ms
267ms Document
text/html 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4027da40c95ffa3feb92afc00c790ecc412fe35ed6467bc2b1e3b130bbe26f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cache-control: public, max-age=6000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 19:01:03 GMT
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-id: MeLBy9brXXcEiB7CQvPx_7pbXECozJ25SfvcmPB11fiCB6xHd5YyjQ==
x-amz-cf-pop: FRA53-C1
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bundle-kwtv-production.js Show response
www.news9.com/js/ 361 KB
111 KB 56ms
55ms Script
application/javascript 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/bundle-kwtv-production.js?v=1712263273489

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

47786783b7e72f61f8ad1192c767af47858c66d57100b733884deaa1957486ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 18:59:20 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 103
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"5a49b-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1714510268043
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 8WfzKmxWd4obMA9UPrI84TUiQZa8UMK_dWlBvDXZlUYR45puLW_VNw==

GET
H2 200 below-the-fold-bundle-kwtv.css
www.news9.com/css/ 100 KB
18 KB 47ms
46ms Stylesheet
text/css 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/css/below-the-fold-bundle-kwtv.css?v=1712263273489

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcdf7d90b4c59135581b107025b9b96862d6bdeac53ec24179d2b5c17da0b7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 18:43:54 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1038
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"18f9f-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1714510229533
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: Aj49T4E-dCwsHZS1VmKoMmrbqhTjBSxZ6eJnX7p3BD3VEwTPslyePQ==

GET
H2 200 above-the-fold-bundle-kwtv.css
www.news9.com/css/ 217 KB
40 KB 44ms
43ms Stylesheet
text/css 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/css/above-the-fold-bundle-kwtv.css?v=1712263273489

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6d217b0dd4295b6c02c6aae4e588dce5a12b7df273cbc27a93c8cdbcaf4e617a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 18:58:34 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 149
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"36284-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1714510762053
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: Tp7KdDexh9mOGMcfFfbEfffBDj7OOBJI1qZokSl9LkXQMow031h41A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 94 KB
30 KB 178ms
84ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa8268b5460aeeed6fbbf6de883a05189eddd1238c7577c43f69794703af9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29974
x-xss-protection: 0
server: cafe
etag: 325 / 19844 / 31083293 / config-hash: 9682613174235192706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 May 2024 19:01:03 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/griffin-news9/ 60 KB
17 KB 379ms
251ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/griffin-news9/newsroom.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2faab373fe09d6c83c6a9078b19021b0049667bf730edf7a4c2f3c98678ad3ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 May 2024 19:01:04 GMT
x-amz-request-id: RQHP9VQQJ8XD0S62
age: 0
x-cache: HIT
content-length: 17285
x-amz-id-2: GYXOqXSyqJ8irdG1RJRvDQqiHaHt5SkHEJl8diMyEwU7YtgwTMEP08JoJ+98IC+1JyigbV69l58=
x-served-by: cache-fra-etou8220027-FRA
last-modified: Fri, 14 Jan 2022 19:44:10 GMT
server: AmazonS3
x-timer: S1714590064.026473,VS0,VE210
etag: "88921d7f1ddf7db14f6040a9980a4690"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 134ms
72ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2386
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87d2049bcbb2fbea-WAW
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 04 May 2024 19:01:03 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/35895192/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

41ms
41ms

Script
application/javascript

18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: H2
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 01 May 2024 05:53:32 GMT
content-encoding: gzip
via: 1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 50216
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: T_nDsK8JYqSXze5uSNBYYWZQiPVpQUVAptvFx8KzZ1bNJS4PUC7cvg==

Redirect headers

date: Wed, 01 May 2024 19:01:03 GMT
via: 1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 9KXFzxCt41GOrkHU7fVFIccAQavyBA-CSrr6-sqjlhXyGlGcb_ZcBA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 136ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 19:01:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57855
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: VSw0LHXh9sPreHQKOkX6DCMG7oYkY80yeljdIY3Umd657CcmzShd5RETIakrIcK/ed5sQHzmGPpxPXjewxur8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 /
d.agkn.com/pixel/15835/ 43 B
554 B 189ms
40ms Image
image/gif 3.120.1.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/15835/?che=1714590063604
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.1.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-1-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 01 May 2024 19:01:03 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK station-logo.png
griffin-communications.akamaized.net/Marketing/ott/wx-vault/ 3 KB
3 KB 1226ms
1102ms Image
image/png 2a02:26f0:280:6::213:7ad0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/Marketing/ott/wx-vault/station-logo.png
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:6::213:7ad0 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0586ae8844d448a4b3fa723848f412629898d3656c0201e7e6f0e83352d5cdab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 19:01:05 GMT
Last-Modified: Tue, 31 Aug 2021 16:18:40 GMT
Server: AkamaiNetStorage
ETag: "235e039be0fb688637089112378b71bf:1630426720.253858"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 3028

GET
H/1.1 200
OK to_top.png
griffin-communications.akamaized.net/NEWSon6/Web/ 1 KB
2 KB 591ms
467ms Image
image/png 2a02:26f0:280:6::213:7ad0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/NEWSon6/Web/to_top.png
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:6::213:7ad0 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1aaccdfa63224a896bdf8ec89c8573cd258121989ae84e9e23b3b5a491b31159

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 19:01:04 GMT
Last-Modified: Fri, 22 Apr 2022 01:25:07 GMT
Server: AkamaiNetStorage
ETag: "9dce678ec2876ae6719811da209f519e:1650590707.596563"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1423

GET
H2 200 scroll-top.png
www.news9.com/img/ 5 KB
5 KB 44ms
43ms Image
image/png 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.news9.com/img/scroll-top.png

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

75afa6c2adf5a73d480d205074b598692041ac0e9fd9f1ce917c101a372db6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 May 2024 18:41:24 GMT
x-content-type-options: nosniff
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1179
x-cache: Hit from cloudfront
content-length: 4984
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"1378-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1714524698866
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: OevdJQmoLcFMxJSH7zZJipN5usKWIMpt0CAguFAPfl2eMjQc3FmpTw==

GET
H2 200 v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0 Show response
voraciousgrip.com/ 203 KB
49 KB 277ms
179ms Script
text/javascript 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1197d9f6292d72602befb697c9dd9abd29019ce8580bd470850ab7cf19b4d382

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Wed, 01 May 2024 19:01:04 GMT
x-datacenter: gce-europe-west1
etag: "03a007e2e7e5d615e6980ba011d610bddd92a187088dcafa84a955c336510baa"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-zrv9
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2jpqj01_LZBPOXEnCWmbz7K5_afJUlyJuPzHGWSIJ-V_AIGa1UvYuxeezyafRhVybsfOHbTp Show response
voraciousgrip.com/ 9 KB
4 KB 136ms
55ms Script
text/javascript 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/v2jpqj01_LZBPOXEnCWmbz7K5_afJUlyJuPzHGWSIJ-V_AIGa1UvYuxeezyafRhVybsfOHbTp

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6c52b141862325abbce7323cdc5fa07f795589da3d6ffe7afed48077acd27e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Wed, 01 May 2024 19:01:04 GMT
x-datacenter: gce-europe-west1
etag: "c76540121fa0242f38bbb7a556acf91a367992806918ebbf260f1fbf0a3e49fc"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-zrv9
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK kwtv_map.png
griffin-communications.akamaized.net/NEXGEN_Images/ 53 KB
53 KB 559ms
457ms Image
image/png 2a02:26f0:280:6::213:7ad0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/NEXGEN_Images/kwtv_map.png
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:6::213:7ad0 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f80369922473178468a9580792a2e31bd20457b361e46aec4e6fe658c17362b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 19:01:04 GMT
Last-Modified: Tue, 13 Feb 2024 17:10:46 GMT
Server: AkamaiNetStorage
ETag: "96c8f610c0b6fe4a6d5a93d14ec9a898:1707844246.019147"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 53858

GET
H3 200 glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 124ms
71ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1049
age: 1281728
cdn-cachedat: 10/31/2023 18:59:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18028
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "448c34a56d699c29117adc64c43affeb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 77d94d67df84197f2745e44fa56686ad
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87d2049bffdafc73-WAW
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
www.news9.com/webfonts/ 74 KB
75 KB 45ms
43ms Font
font/woff2 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-brands-400.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 May 2024 18:41:20 GMT
x-content-type-options: nosniff
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1183
x-cache: Hit from cloudfront
content-length: 75936
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"128a0-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1714509961327
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: lQxQKKNoyau713OYpjtGbsDo8KtzC7phoXgMUiKAlaBHXnph9AzNvA==

GET
H2 200 fa-regular-400.woff2
www.news9.com/webfonts/ 13 KB
14 KB 57ms
56ms Font
font/woff2 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/webfonts/fa-regular-400.woff2

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 May 2024 18:58:34 GMT
x-content-type-options: nosniff
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 149
x-cache: Hit from cloudfront
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"3508-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-timestamp: 1714509961478
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: xopBRlQsIeXicTu8vpdM_6QggRIqqvtaqbsHf22juSPCm9iPbI3wfA==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 144ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 19:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 18:57:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 142ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 19:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 18:31:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H2 200 jquery.min.js Show response
www.news9.com/js/ 85 KB
30 KB 60ms
58ms Script
application/javascript 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/jquery.min.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 18:32:29 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1740
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"15283-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1714509964385
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: FtTk2-pnoVH2tr_EvvFIpI1nFW36baa00mIfpA43vu8IDV0kOt9LQA==

GET
H2 200 bootstrap.min.js Show response
www.news9.com/js/ 36 KB
10 KB 65ms
62ms Script
application/javascript 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/js/bootstrap.min.js

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 18:58:34 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 149
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Apr 2024 20:32:00 GMT
server: nginx
etag: W/"90b5-18f30b50200"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-timestamp: 1714511205723
cache-control: public, max-age=1800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: wXwP1rIbL62fYoMhujO9US2K_qgcaEOoJLRpnLE9KF39uhA_rW8mvg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
85 KB 173ms
78ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d402c4796b5a019c7b0f3386c02bbc43bddfc1e2afabd977cc84398e1a81867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86896
x-xss-protection: 0
last-modified: Wed, 01 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 62ms
62ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1762
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87d2049c3c7dfbea-WAW
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 04 May 2024 19:01:04 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 44ms
43ms Image
text/plain 18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=35895192&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1714590064056&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.news9.com%2Fweather%2Fnotifications&c8=News%209&c9=
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
via: 1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: ifSTnC-EevH_er5BznbHCIhynJ3My8zOyNgZjieRnF95rwagtIe5Bg==
x-cache: Miss from cloudfront

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 134ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 178020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 17:34:04 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/ 452 KB
141 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js?cb=31083293

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d984ca6d8941a42d14d72840922ab456749ffe0fbfc734cd583b8a0b095386fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:31:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30596
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144216
x-xss-protection: 0
server: cafe
etag: 9149044719003253135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 May 2025 10:31:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
545 B 152ms
73ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.news9.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5d5f8a3d530857dc3594012852a82fbcc527ed40129713ffc6f8e041d119ab99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 520
x-xss-protection: 0
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H2 200 ppid Show response
www.news9.com/ads/ 44 B
690 B 228ms
228ms XHR
text/plain 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/ads/ppid

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1712263273489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

39d5ff768ae031ef7149cc86ab3f4b3393d9959c958a86152c76882e5baf5830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: MRDp4m4BJ2aAy2TZAoLyGuforJb94DhtjUVLQL11Bde6BBDtKrEGbA==

GET
H2 200 ppid Show response
www.news9.com/ads/ 44 B
0 228ms
228ms XHR
text/plain 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/ads/ppid

Requested by

Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1712263273489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

39d5ff768ae031ef7149cc86ab3f4b3393d9959c958a86152c76882e5baf5830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: MRDp4m4BJ2aAy2TZAoLyGuforJb94DhtjUVLQL11Bde6BBDtKrEGbA==

GET
H2 200 73179 Show response
baron.kwtv.com/reports/metar/zip/ 1 KB
1 KB 490ms
235ms XHR
application/json 3.91.125.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kwtv.com/reports/metar/zip/73179
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1712263273489
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.125.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-125-223.compute-1.amazonaws.com
Software: nginx/1.22.0 / Express
Resource Hash: 68bfdd356f34bf812edaafb5a5e59e7e35faf319d18c880ba3ad0c462e25dce8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
server: nginx/1.22.0
x-powered-by: Express
etag: W/"441-q9H/5AWDlZRBNDU6wYUB/pJnT8g"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1089

GET
H2 200 oklahoma Show response
baron.kwtv.com/nws/alerts/ 29 KB
30 KB 373ms
118ms XHR
application/json 3.91.125.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://baron.kwtv.com/nws/alerts/oklahoma
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1712263273489
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.125.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-125-223.compute-1.amazonaws.com
Software: nginx/1.22.0 / Express
Resource Hash: 5d6bdbee8c9c774bc7ee629e5804434e4a4cfa2b05bb29883438963136914e36

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
server: nginx/1.22.0
x-powered-by: Express
etag: W/"756d-1r0D3DjPXGHLhiNOOJt0Uq7J520"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 30061

GET
H/1.1 200
OK kwtv-production.js Show response
hot-town-closings.s3.amazonaws.com/ 2 B
557 B 398ms
138ms XHR
application/json 3.5.17.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hot-town-closings.s3.amazonaws.com/kwtv-production.js
Requested by: Host: www.news9.com
URL: https://www.news9.com/js/bundle-kwtv-production.js?v=1712263273489
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.5.17.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 19:01:05 GMT
Last-Modified: Wed, 01 May 2024 18:57:34 GMT
Server: AmazonS3
x-amz-request-id: 6APQC9B7B53FKZ6P
ETag: "d751713988987e9331980363e24189ce"
x-amz-server-side-encryption: AES256
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2
x-amz-id-2: iEjj7XcwhBZkoEKxbtocrQUBDE7IkRpokVuk4DYxnV+KafF984kTUFkA8nUOK/OLybhdz5FbT7tEsQdH6q2fsQ==

GET
H2

200

https://www.news9.com/views/utilityBelt?v=1714590064111
https://www.news9.com/login

134 KB
27 KB

232ms
232ms

XHR
text/html

2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news9.com/login

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Server

2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e489324e8e9c80d4618b3d63feaf85e89860047f4622df9330219acdc0e9626c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.news9.com/weather/notifications
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: LKTVeQxcEYrHIrqy-s8QlvfyGmpOl1MepTaGNxWjGXSaPDe4AlfHxg==

Redirect headers

date: Wed, 01 May 2024 19:01:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 28
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /login
cache-control: no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: Xju-HOuwq0jmzd9CtkWBBYq-V-1mrXzkC91SE62k2yhtcxzRx95Syw==

GET
H2 200 1077383675996983 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 109ms
108ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1077383675996983?v=2.9.154&r=stable&domain=www.news9.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

376d9feb66a36fe421c136947d3ba783a103168d5072c41efe6cd50a18865416

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 19:01:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=64, mss=1294, tbw=63311, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: public
x-fb-debug: xIShf+hZ6/pcS3ba1ovnbXYsh8R3ZCvJXvWo3FoAZX4+uqtcTFCn+pip3twtptNwhR6IzNsdjtnMHL/L/7qSgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/70fb90f6-23df-4ae6-88d1-34b8cd96c63f/ 5 KB
2 KB 156ms
146ms Script
text/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/70fb90f6-23df-4ae6-88d1-34b8cd96c63f/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc988b5a49da827307f18ff3fa21a0e06c2060f24b4880cafee7d8d32b253dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a2e8414d-8cb3-455c-984c-b69469c9a491
x-runtime: 0.043603
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fc988b5a49da827307f18ff3fa21a0e0"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 87d2049d5e33fbea-WAW
access-control-allow-headers: SDK-Version
expires: Wed, 01 May 2024 20:01:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
110 KB 72ms
70ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZGYE47TBQ6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8507b849731dbc2f5ba448472eacf2f127f2a8c51344383c7bfdb8f5ee2ea687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
42ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 18:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 May 2024 20:07:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
99 KB 88ms
87ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PF0Z97EKLV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NXTXTZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae12f808dd52e61e6c813fb62033ebb5b74a1b0c6b40a9c4adabe9f8b6679b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 143ms
39ms Image
image/gif 2600:9000:223f:2800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=gmjcp_728x90_
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 22:31:27 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 73778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: z1aivQpMo5mywSYxqgKmD8kBpYEt2hpqXT68N1TBXMR3vxwa1Bdh1w==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 133ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1077383675996983&ev=PageView&dl=https%3A%2F%2Fwww.news9.com%2Fweather%2Fnotifications&rl=&if=false&ts=1714590064275&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714590064273.210958620&cs_est=true&ler=empty&cdl=API_unavailable&it=1714590064138&coo=false&rqm=GET

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 May 2024 19:01:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 139ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZGYE47TBQ6&gtm=45je44t0v9103743332z877863514za200&_p=1714590064091&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=2135662023.1714590064&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714590064&sct=1&seg=0&dl=https%3A%2F%2Fwww.news9.com%2Fweather%2Fnotifications&dt=News%209&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1070
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZGYE47TBQ6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 153ms
49ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZGYE47TBQ6&cid=2135662023.1714590064&gtm=45je44t0v9103743332z877863514za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZGYE47TBQ6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 112ms
63ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZGYE47TBQ6&cid=2135662023.1714590064&gtm=45je44t0v9103743332z877863514za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1429085884

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 47ms
47ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1084523097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9.com%2Fweather%2Fnotifications&ul=de-de&de=UTF-8&dt=News%209&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1480088642&gjid=652173692&cid=2135662023.1714590064&tid=UA-572554-6&_gid=970953644.1714590064&_r=1&_slc=1&gtm=45Xe44t0n81NXTXTZNv77863514za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&npa=1&z=1890879714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 141ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PF0Z97EKLV&gtm=45je44t0v9127123240za200&_p=1714590064091&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=2135662023.1714590064&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714590064&sct=1&seg=0&dl=https%3A%2F%2Fwww.news9.com%2Fweather%2Fnotifications&dt=News%209&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1111
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PF0Z97EKLV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 90ms
48ms XHR
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-572554-6&cid=2135662023.1714590064&jid=1480088642&gjid=652173692&_gid=970953644.1714590064&npa=1&_u=YADAAEAAAAAAACAAI~&z=449768648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 May 2024 19:01:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 166ms
84ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-572554-6&cid=2135662023.1714590064&jid=1480088642&npa=1&_u=YADAAEAAAAAAACAAI~&z=562584891

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
65ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-572554-6&cid=2135662023.1714590064&jid=1480088642&npa=1&_u=YADAAEAAAAAAACAAI~&z=562584891

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 19:01:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 111a5f19301f4cbaf2b23b7ba234c6a1c10db1 Show response
voraciousgrip.com/0/cae5e288a3a7ed/ 303 B
330 B 118ms
67ms Fetch
application/json 35.244.133.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/0/cae5e288a3a7ed/111a5f19301f4cbaf2b23b7ba234c6a1c10db1

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

240.133.244.35.bc.googleusercontent.com

Software

Resource Hash

aa5ac7faa7975109d7d61b095472cbc2a129537fb927c216bde21bbf18031a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 01 May 2024 19:01:04 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 01 May 2024 19:01:03 GMT

GET
H/1.1 200
OK clear.svg
griffin-communications.akamaized.net/baronIcons/day/ 1 KB
2 KB 619ms
619ms Image
image/svg+xml 2a02:26f0:280:6::213:7ad0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://griffin-communications.akamaized.net/baronIcons/day/clear.svg
Requested by: Host: www.news9.com
URL: https://www.news9.com/weather/notifications
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:6::213:7ad0 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bdbfd7103de44415a582357fe1360f93792aeb64d61ca2ea35d6b59d92d32b41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 19:01:05 GMT
Last-Modified: Wed, 26 Jun 2019 16:04:30 GMT
Server: AkamaiNetStorage
ETag: "b953377fbfcb22a9fb27ae741a598e43:1580959025.00369"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1502

POST
H3 200 b55349d64c47af1528a9554fa8d9a0f86589764bb Show response
voraciousgrip.com/3360c2692da/ 2 KB
808 B 58ms
58ms Fetch
application/json 35.244.133.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/3360c2692da/b55349d64c47af1528a9554fa8d9a0f86589764bb

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

240.133.244.35.bc.googleusercontent.com

Software

Resource Hash

4ca96ae356b15718968488e090ca96a013b4d71c38b6a32fd011ed78a00eeccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Wed, 01 May 2024 19:01:04 GMT
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 780
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 01 May 2024 19:01:03 GMT

GET
H3 200 ConsentManager,Sticky2 Show response
voraciousgrip.com/public/32e8072cdb1170b374d6f2e8db9a4960c702a431fe/ 349 KB
103 KB 66ms
66ms Script
text/javascript 35.244.133.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/public/32e8072cdb1170b374d6f2e8db9a4960c702a431fe/ConsentManager,Sticky2

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

240.133.244.35.bc.googleusercontent.com

Software

Resource Hash

5884a87fc04023a20c901f239351e71ce5f01ccf70d91ce258df2853128786c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Wed, 01 May 2024 19:01:04 GMT
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter: gce-europe-west1
etag: "e051ba1bf0854d54fb7eceb31d03e35e748bae7a4e86412fa7b6aba8e3dedafa"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.news9.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H3 200 acv.json Show response
voraciousgrip.com/ 81 KB
17 KB 53ms
53ms Fetch
application/json 35.244.133.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/acv.json

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

240.133.244.35.bc.googleusercontent.com

Software

Resource Hash

c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Wed, 01 May 2024 19:01:04 GMT
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 09 Apr 2024 18:41:47 GMT
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.news9.com
x-hostname: fen-hoothoot-europe-west1-06pp
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H3 200 fbd0a8f045f58967c279d6c075488f2a5e454a5c6ac3153a16bb6ada.min.js Show response
voraciousgrip.com/scripts/41dc2f/ 638 KB
81 KB 62ms
62ms Fetch
application/json 35.244.133.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/scripts/41dc2f/fbd0a8f045f58967c279d6c075488f2a5e454a5c6ac3153a16bb6ada.min.js

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

240.133.244.35.bc.googleusercontent.com

Software

Resource Hash

7e17b1d7c88032b01a862f52c9893b60fd94b6a681f1afe6364e99b33f225c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Wed, 01 May 2024 19:01:04 GMT
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter: gce-europe-west1
etag: "33e4575e83e1d80380e23e3a8b20dade3cc5c2867ceac0d5e7c04553aa5135d1"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 MSwwY2M0NjQ2ODllODM
images.getadmiral.com/ 3 KB
3 KB 713ms
64ms Image
image/png 2606:4700::6812:1231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MSwwY2M0NjQ2ODllODM

Requested by

Host: www.news9.com
URL: https://www.news9.com/weather/notifications

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1231 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b460056ee814c31634d52ab2725083363be94f487b706cddcc729aeacd7bec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:05 GMT
strict-transport-security: max-age=15552000; preload
via: 1.1 google
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-buildnumber: 953871864
content-length: 2579
server: cloudflare
x-datacenter: gce-europe-west1
etag: "c8a53abe"
x-buildname: dank
vary: Accept-Encoding
x-hostname: backend-europe-west1-spot-xpg3
content-type: image/png
cache-control: private, must-revalidate, max-age=3600
cf-ray: 87d204a63a2a5c68-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 00:45:23 GMT
x-content-type-options: nosniff
age: 411342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 00:45:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.news9.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 106402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 13:27:43 GMT

POST
H3 200 111a5f19301f4cbaf2b23b7ba234c6a1c10db1 Show response
voraciousgrip.com/0/cae5e288a3a7ed/ 290 B
317 B 101ms
101ms Fetch
application/json 35.244.133.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://voraciousgrip.com/0/cae5e288a3a7ed/111a5f19301f4cbaf2b23b7ba234c6a1c10db1

Requested by

Host: voraciousgrip.com
URL: https://voraciousgrip.com/v2elvcT5XEDi7twZDKMO1XTP_vspF2skqhue0Y5_mja7UuqC2RUec9B0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

240.133.244.35.bc.googleusercontent.com

Software

Resource Hash

d5a3a9a8f242a8d9b98a421c90afced83e050151aa5f394126ddb7d96b6c0551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 01 May 2024 19:01:05 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.news9.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 01 May 2024 19:01:04 GMT

GET
H2 200 favicon.ico
www.news9.com/ 894 B
1 KB 235ms
235ms Other
image/x-icon 2600:9000:214f:3e00:7:fd1f:ea00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3e00:7:fd1f:ea00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a24e1b05f6eea2128b035edbee7f234e9828f16ff14ddfda3f3a2122a097cef9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.news9.com/weather/notifications
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:01:05 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "37e-lpE0j1LHlHmIuPi6f9nl7lBvNEo"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/x-icon
cache-control: public, max-age=31536000
content-length: 894
x-amz-cf-id: 5lz0mxA7ewzyZ78H02vWJP1fovLa-q_wowzddfEYL5sT467zjqoAdQ==

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.news9.com/	1970-01-20 20:19:22	Name: connect.sid Value: s%3A3SaGEGum9r8_w5WHcJsjUNCrFSzpAmW9.mRon5izsI3lDUJMM0U%2B8nOQpunEBl58e9Br9qDEC9S4
.onesignal.com/	1970-01-20 20:16:31	Name: __cf_bm Value: PO3I9Y7rKrcyNdbKkonb0fAFTqm8nTIbJfoOvCfeF_M-1714590063-1.0.1.1-bBEPgv4JsUpwDCe1fzz9RyagQbBUQAGtComoA_18w8NXf4S5KgVm8c9gGzg0ziDIFRwGdHhZMXuSOq5uNi5m2Q
.agkn.com/	1970-01-21 05:02:06	Name: ab Value: 0001%3AHf1ouSmxumnLivC9IHwYy01EM1o6kX1O
.agkn.com/	1970-01-21 05:02:06	Name: u Value: C\|0AAAtxU3wLcVN8AAAAAAA
.news9.com/	1970-01-21 05:45:18	Name: usprivacy Value: 1---
.news9.com/	1970-01-20 22:26:06	Name: _fbp Value: fb.1.1714590064273.210958620
.news9.com/	1970-01-20 22:26:06	Name: _gcl_au Value: 1.1.1951582593.1714590064
.news9.com/	1970-01-21 05:52:30	Name: _ga_ZGYE47TBQ6 Value: GS1.1.1714590064.1.0.1714590064.60.0.0
.news9.com/	1970-01-20 20:17:56	Name: _gid Value: GA1.2.970953644.1714590064
.news9.com/	1970-01-20 20:16:30	Name: _gat_UA-572554-6 Value: 1
.news9.com/	1970-01-21 05:52:30	Name: _ga_PF0Z97EKLV Value: GS1.1.1714590064.1.0.1714590064.0.0.0
.news9.com/	1970-01-21 05:52:30	Name: _ga Value: GA1.1.2135662023.1714590064
.news9.com/	1970-01-21 05:45:18	Name: _awl Value: 2.1714590065.5-48f5e146213ca28411724c3657732057-6763652d6575726f70652d7765737431-0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.news9.com/weather/notifications Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.news9.com/weather/notifications(Line 1331) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.news9.com/weather/notifications(Line 1388) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.news9.com/weather/notifications(Line 1388) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.news9.com/weather/notifications Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1077383675996983?v=2.9.154&r=stable&domain=www.news9.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.news9.com/weather/notifications Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.news9.com/weather/notifications Message: The resource https://www.news9.com/css/above-the-fold-bundle-kwtv.css?v=1712263273489 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baron.kwtv.com
c2.taboola.com
cdn.onesignal.com
connect.facebook.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
griffin-communications.akamaized.net
hot-town-closings.s3.amazonaws.com
images.getadmiral.com
onesignal.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
voraciousgrip.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.news9.com
104.16.160.145
104.18.10.207
142.250.185.131
142.250.186.164
151.101.1.44
18.244.18.27
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:4860:4802:34::36
216.58.206.66
2600:1901:0:328a::1
2600:9000:214f:3e00:7:fd1f:ea00:93a1
2600:9000:223f:2800:8:48e:53c0:93a1
2606:4700::6812:1231
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:81d::2002
2a00:1450:400c:c1d::9c
2a02:26f0:280:6::213:7ad0
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.120.1.7
3.5.17.132
3.91.125.223
35.244.133.240
0586ae8844d448a4b3fa723848f412629898d3656c0201e7e6f0e83352d5cdab
1197d9f6292d72602befb697c9dd9abd29019ce8580bd470850ab7cf19b4d382
1aaccdfa63224a896bdf8ec89c8573cd258121989ae84e9e23b3b5a491b31159
1f80369922473178468a9580792a2e31bd20457b361e46aec4e6fe658c17362b
2faab373fe09d6c83c6a9078b19021b0049667bf730edf7a4c2f3c98678ad3ad
376d9feb66a36fe421c136947d3ba783a103168d5072c41efe6cd50a18865416
39d5ff768ae031ef7149cc86ab3f4b3393d9959c958a86152c76882e5baf5830
3b460056ee814c31634d52ab2725083363be94f487b706cddcc729aeacd7bec1
4027da40c95ffa3feb92afc00c790ecc412fe35ed6467bc2b1e3b130bbe26f18
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
47786783b7e72f61f8ad1192c767af47858c66d57100b733884deaa1957486ed
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4ca96ae356b15718968488e090ca96a013b4d71c38b6a32fd011ed78a00eeccb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5884a87fc04023a20c901f239351e71ce5f01ccf70d91ce258df2853128786c5
5d5f8a3d530857dc3594012852a82fbcc527ed40129713ffc6f8e041d119ab99
5d6bdbee8c9c774bc7ee629e5804434e4a4cfa2b05bb29883438963136914e36
68bfdd356f34bf812edaafb5a5e59e7e35faf319d18c880ba3ad0c462e25dce8
6c52b141862325abbce7323cdc5fa07f795589da3d6ffe7afed48077acd27e1b
6d217b0dd4295b6c02c6aae4e588dce5a12b7df273cbc27a93c8cdbcaf4e617a
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
75afa6c2adf5a73d480d205074b598692041ac0e9fd9f1ce917c101a372db6d0
7d402c4796b5a019c7b0f3386c02bbc43bddfc1e2afabd977cc84398e1a81867
7e17b1d7c88032b01a862f52c9893b60fd94b6a681f1afe6364e99b33f225c5a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8507b849731dbc2f5ba448472eacf2f127f2a8c51344383c7bfdb8f5ee2ea687
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
a24e1b05f6eea2128b035edbee7f234e9828f16ff14ddfda3f3a2122a097cef9
aa5ac7faa7975109d7d61b095472cbc2a129537fb927c216bde21bbf18031a5f
ae12f808dd52e61e6c813fb62033ebb5b74a1b0c6b40a9c4adabe9f8b6679b2a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdbfd7103de44415a582357fe1360f93792aeb64d61ca2ea35d6b59d92d32b41
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa8268b5460aeeed6fbbf6de883a05189eddd1238c7577c43f69794703af9fb
d5a3a9a8f242a8d9b98a421c90afced83e050151aa5f394126ddb7d96b6c0551
d984ca6d8941a42d14d72840922ab456749ffe0fbfc734cd583b8a0b095386fe
dcdf7d90b4c59135581b107025b9b96862d6bdeac53ec24179d2b5c17da0b7d8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e489324e8e9c80d4618b3d63feaf85e89860047f4622df9330219acdc0e9626c
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc988b5a49da827307f18ff3fa21a0e06c2060f24b4880cafee7d8d32b253dc0
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.news9.com Open in urlscan Pro 2600:9000:214f:3e00:7:fd1f:ea00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

58 %IPv6

21 Domains

25 Subdomains

26 IPs

4 Countries

1488 kBTransfer

4986 kBSize

13 Cookies

14 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.news9.com Open in urlscan Pro
2600:9000:214f:3e00:7:fd1f:ea00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

58 %
IPv6

21
Domains

25
Subdomains

26
IPs

4
Countries

1488 kB
Transfer

4986 kB
Size

13
Cookies

61 HTTP transactions
0 data transactions