www.news9ontime.com Open in urlscan Pro
199.231.86.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.news9ontime.com/
Effective URL:
https://www.news9ontime.com/
Submission: On March 04 via manual (March 4th 2021, 9:18:52 pm UTC) from US

Summary HTTP 121 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 11 domains to perform 121 HTTP transactions. The main IP is 199.231.86.13, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is www.news9ontime.com.
TLS certificate: Issued by R3 on February 10th 2021. Valid for: 3 months.

This is the only time www.news9ontime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	199.231.86.13 199.231.86.13	53755 (IOFLOOD) (IOFLOOD)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
39	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
9	88.85.66.229 88.85.66.229	35415 (WEBZILLA) (WEBZILLA)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
13	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	216.21.13.17 216.21.13.17	53334 (TUT-AS) (TUT-AS)
7	35.212.210.170 35.212.210.170	15169 (GOOGLE) (GOOGLE)
121	17

30 199.231.86.13 (Phoenix, United States) 1 redirects

ASN53755 (IOFLOOD, US)
PTR: easyhosting123.com

www.news9ontime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

tharbadir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 88.85.66.229 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 88.85.66.229.webazilla.com

vistoolr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

9x6zkhc5up5i.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

9x6zkhc5up5i.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

9x6zkhc5up5i.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.17 (United States)

ASN53334 (TUT-AS, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.212.210.170 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 170.210.212.35.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	media.net contextual.media.net lg3.media.net navvy.media.net	475 KB
30	news9ontime.com 1 redirects www.news9ontime.com	901 KB
14	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re 9x6zkhc5up5i.l4.adsco.re 9x6zkhc5up5i.n4.adsco.re 9x6zkhc5up5i.s4.adsco.re	41 KB
13	gstatic.com fonts.gstatic.com	135 KB
9	vistoolr.net vistoolr.net	47 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	popads.net c1.popads.net serve.popads.net	10 KB
2	tharbadir.com tharbadir.com
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
0	chitika.net Failed cdn.chitika.net Failed
121	11

	Domain	Requested by
30	www.news9ontime.com	1 redirects www.news9ontime.com
22	contextual.media.net	www.news9ontime.com contextual.media.net
17	lg3.media.net	www.news9ontime.com contextual.media.net
13	fonts.gstatic.com	fonts.googleapis.com
9	vistoolr.net	www.news9ontime.com vistoolr.net
7	navvy.media.net	contextual.media.net
3	4.adsco.re	www.news9ontime.com c.adsco.re
3	6.adsco.re	www.news9ontime.com c.adsco.re
3	c.adsco.re	c1.popads.net c.adsco.re
2	adsco.re	c.adsco.re
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tharbadir.com	www.news9ontime.com
1	serve.popads.net	c1.popads.net
1	9x6zkhc5up5i.s4.adsco.re	c.adsco.re
1	9x6zkhc5up5i.n4.adsco.re	c.adsco.re
1	9x6zkhc5up5i.l4.adsco.re	c.adsco.re
1	c1.popads.net	www.news9ontime.com
1	fonts.googleapis.com	www.news9ontime.com
1	www.googletagmanager.com	www.news9ontime.com
0	cdn.chitika.net Failed	www.news9ontime.com
121	20

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.facebook.com
www.cyberprosconsulting.com

Subject Issuer	Validity	Valid
news9ontime.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
tharbadir.com R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
vistoolr.net R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
1355769017.rsc.cdn77.org R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.l4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
*.n4.adsco.re R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.s4.adsco.re R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.popads.net Sectigo RSA Domain Validation Secure Server CA	`2019-10-29` - `2021-10-29`	2 years	crt.sh

This page contains 16 frames:

Primary Page: https://www.news9ontime.com/
Frame ID: 258B976D696890893E734B3FA0B210F4
Requests: 88 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: EF50645828EC770FB1F6A02E6C49F6EA
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: E958C8681B5AE70E1611278A6264A228
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: EDD56F79EE6436810D98BFDA3E5E4E20
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 5D2F5721A7930B1BD946E545417092C1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 8FC970580730D5464CBF21165FDFF12F
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 678D2C2C3C327E9D0270EFF663C37ACE
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: 2BDC8BA29EAF78F5844738F396B0969E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
Frame ID: B1CCB2A2273D1F81FC40B84A00DCEC13
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: D3EB65AEEDF34B259C2E192BA11FA25A
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: 3E37CD02001B34443699B0F593700488
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: 47D244E45290F9596849632035602145
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: 8C1D4033937E6BB60D01D65C724A3834
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: 6ECBA3D6E63F97B3A9C56DAB19B3CF5E
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: 48761DABFCF53DB2B793C5EEBDEB1A8E
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2159.js
Frame ID: D5CDCDDBC20F68EE1001234647422569
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.news9ontime.com/ HTTP 301
https://www.news9ontime.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

121
Requests

98 %
HTTPS

38 %
IPv6

11
Domains

20
Subdomains

17
IPs

5
Countries

1667 kB
Transfer

4938 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/News9OnTime-187505455306520
Title: Like

Search URL Search Domain Scan URL

URL: https://www.cyberprosconsulting.com/
Title: Cyber Pros Consulting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.news9ontime.com/ HTTP 301
https://www.news9ontime.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

121 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.news9ontime.com/
Redirect Chain

http://www.news9ontime.com/
https://www.news9ontime.com/

1 MB
147 KB

1218ms
196ms

Document
text/html

199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 9840aefd03a6a682b2942d0c8bee066477534d9669c5846f5e3736af57a50b30

Request headers

:method: GET
:authority: www.news9ontime.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
etag: "957615-1614890800;br"
x-litespeed-cache: hit
content-encoding: br
date: Thu, 04 Mar 2021 21:18:31 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-Redirect-By: WordPress
Location: https://www.news9ontime.com/
Vary: Accept-Encoding,User-Agent
X-LiteSpeed-Cache: hit
Content-Encoding: gzip
Content-Length: 20
Date: Thu, 04 Mar 2021 21:18:30 GMT
Server: LiteSpeed

GET
H3-Q050 200 webfontloader.min.js Show response
www.news9ontime.com/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 2039ms
1864ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:31 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 07:56:16 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4649
expires: Sat, 03 Apr 2021 21:18:31 GMT

GET
H3-Q050 200 jquery.js Show response
www.news9ontime.com/wp-includes/js/jquery/ 95 KB
32 KB 628ms
628ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:32 GMT
content-encoding: br
last-modified: Wed, 04 Dec 2019 04:19:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 32853
expires: Sat, 03 Apr 2021 21:18:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117511567-1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b542b5681ad35c519434bc0d4896887ba037b127583c795d26a9029ebb99cd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39434
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 21:18:33 GMT

GET
H3-Q050 200 News9OnTime-300x62.png
www.news9ontime.com/wp-content/uploads/2019/12/ 13 KB
13 KB 183ms
181ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/12/News9OnTime-300x62.png
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: fbe0b1b485c9c32c61a86f441e860cc35b7d5342a2de762b356b04180009744f

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
last-modified: Wed, 04 Dec 2019 05:42:17 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 13437
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ 138 KB
47 KB 142ms
72ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f25464e55da572bf2b7b1d7eedd0193556b605c79f29e90ba3bb8f16f502586

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h: 8-9
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "a7015e97f44b3c77d74aff587af18329"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:33 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-15
expires: Thu, 04 Mar 2021 21:23:33 GMT

GET getads.js
cdn.chitika.net/ 0
0

GET
H2 404 2
tharbadir.com/ 0
0 118ms
44ms Script
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tharbadir.com/2?z=2352359
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
x-sc: 4KdnrdofxFOHMlcU
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers: X-Sc
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7

GET
H/1.1 200
OK tag.min.js Show response
vistoolr.net/pfe/current/ 14 KB
6 KB 116ms
35ms Script
application/javascript 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/pfe/current/tag.min.js?z=2352380
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.229.webazilla.com
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 21:18:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:05 GMT
Server: nginx
ETag: W/"602bc9cd-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-Q050 200 70664.js Show response
www.news9ontime.com/wp-content/litespeed/cssjs/ 11 KB
3 KB 174ms
172ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/cssjs/70664.js?98fb8
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: cd72ba564a1e89dd422f5c176668c70d518d654e49e650fdc88013d3a17ece23

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 17:22:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3117
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H3-Q050 200 76df4.js Show response
www.news9ontime.com/wp-content/litespeed/cssjs/ 2 KB
851 B 182ms
180ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/cssjs/76df4.js?285c7
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: c152453db4b8c67ebf3ef75aa1f31c4b588d00fe4d8ff4e6e5499c8af602387f

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 17:22:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 826
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H3-Q050 200 97b6d.js Show response
www.news9ontime.com/wp-content/litespeed/cssjs/ 3 KB
940 B 183ms
180ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/cssjs/97b6d.js?25281
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 9bf04274516def769daa9e7110fca6ee420167b5fbf07accc991172ac1b21aa3

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 17:22:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 915
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H3-Q050 200 4a400.js Show response
www.news9ontime.com/wp-content/litespeed/cssjs/ 582 B
334 B 183ms
181ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/cssjs/4a400.js?2b8ab
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 2109de697a13ffc5a7a266564babe6e6c1078a8d685e040a7a0892732f541acb

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 17:22:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 309
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H3-Q050 200 7e229.js Show response
www.news9ontime.com/wp-content/litespeed/cssjs/ 203 KB
46 KB 183ms
181ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/cssjs/7e229.js?94bc8
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: c6bdb1dc8ea8639ecb6757a21dc679727e90014c9c3ce92aeef16c4d37012c55

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 17:22:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 47166
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H3-Q050 200 57134.js Show response
www.news9ontime.com/wp-content/litespeed/cssjs/ 5 KB
2 KB 183ms
181ms Script
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/litespeed/cssjs/57134.js?6210a
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: aefc4c20a5b7c02c881634341f6e1dcceb24cdbe63da122876f2dd783d3cfd62

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 17:22:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2141
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf4d3b7b6736d9b3b8dfa99fe837c6275125e26fa1b5ba8054ade550478ede15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:17:16 GMT
server: ESF
date: Thu, 04 Mar 2021 21:18:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 21:18:33 GMT

GET
H2 200 pop.js Show response
c1.popads.net/ 30 KB
9 KB 119ms
29ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.popads.net/pop.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 425a7a9b9f10f9809288169af01695376da8b90b3e957f4987c4dad263403d49

Request headers

Origin: https://www.news9ontime.com
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzImD9DvMFUOAA==
date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
etag: W/"6022edb9-77fd"
last-modified: Tue, 09 Feb 2021 20:16:57 GMT
server: CDN77-Turbo
x-77-nzt-ray: Tdgdcqjn7MA=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic="195.181.175.50:443"; ma=2592000; v="44,43,39"
x-cache: HIT
x-age: 939312
x-77-pop: frankfurtDE
expires: Sat, 06 Mar 2021 00:23:21 GMT

GET
H3-Q050 404 back.jpg
www.news9ontime.com/wp-content/uploads/2019/02/ 64 KB
64 KB 201ms
200ms Image
text/html 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/02/back.jpg
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 6db50623edf687a7fbebd61bba94bcf7ef9d029c20aad2c4919975b61d49eed5

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-Q050 200 newspaper.woff
www.news9ontime.com/wp-content/themes/Newspaper/images/icons/ 19 KB
19 KB 200ms
200ms Font
font/woff 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334

Request headers

Origin: https://www.news9ontime.com
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
last-modified: Tue, 10 Apr 2018 19:57:48 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 19432
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H3-Q050 200 newspaper-icons.woff
www.news9ontime.com/wp-content/themes/Newspaper/images/icons/ 6 KB
6 KB 200ms
200ms Font
font/woff 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/icons/newspaper-icons.woff?1
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Origin: https://www.news9ontime.com
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:33 GMT
last-modified: Tue, 10 Apr 2018 19:57:48 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5956
expires: Sat, 03 Apr 2021 21:18:33 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:45:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 268370
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:45:43 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 270181
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 573959
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 05:52:34 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 23:46:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 77543
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 03 Mar 2022 23:46:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:59:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 87516
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 03 Mar 2022 20:59:57 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 03:14:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 65065
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 04 Mar 2022 03:14:08 GMT

GET
H3-Q050 200 KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 09:04:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:53 GMT
server: sffe
age: 130446
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12668
x-xss-protection: 0
expires: Thu, 03 Mar 2022 09:04:27 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 76 KB
27 KB 882ms
881ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713223567749&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3f393ad21ff280221b80529f4958efc8ff6d03e7a51ae6b2ae1d00122b880555

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 8-3, 8-14
content-length: 27634
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame EF50 14 KB
6 KB 59ms
59ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:33 GMT
date: Thu, 04 Mar 2021 21:18:33 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 45ms
43ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1614892713223567749&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892713876&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892713872013824209925537&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:33 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:33 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 5827
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:26 GMT

GET
H3-Q050 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 579179
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:34 GMT

GET
H3-Q050 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 10:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
age: 469949
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Sun, 27 Feb 2022 10:46:04 GMT

GET
H3-Q050 200 memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 22:24:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:46 GMT
server: sffe
age: 82423
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9684
x-xss-protection: 0
expires: Thu, 03 Mar 2022 22:24:50 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:43:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 131713
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 03 Mar 2022 08:43:20 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,400italic,600,600italic,700%7CRoboto:300,400,400italic,500,500italic,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.news9ontime.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:56:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 94948
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Thu, 03 Mar 2022 18:56:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117511567-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4557
date: Thu, 04 Mar 2021 20:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 04 Mar 2021 22:02:36 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
390 B 48ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1494116572&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news9ontime.com%2F&ul=en-us&de=UTF-8&dt=News%209%20On%20Time%20%7C%20News%209%20On%20Time&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=220668563&gjid=1001336543&cid=540114469.1614892714&tid=UA-117511567-1&_gid=391614003.1614892714&_r=1&gtm=2ou2o0&z=1125634741

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.news9ontime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 69 KB
23 KB 910ms
908ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=801896542&size=300x250&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713592470835&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5d7961f2cde880e022687d21c7652f33721f1f5791434e010a41a85e447455bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 8-10, 8-21
content-length: 23081
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H3-Q050 200 elements.png
www.news9ontime.com/wp-content/themes/Newspaper/images/sprite/ 4 KB
4 KB 182ms
182ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/sprite/elements.png
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
last-modified: Tue, 10 Apr 2018 19:57:49 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4324
expires: Sat, 03 Apr 2021 21:18:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame E958 14 KB
6 KB 51ms
51ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:34 GMT
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 43ms
42ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&vi=1614892713592470835&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892713989&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892713987013824209925755&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:34 GMT

GET
H2 200 / Show response
c.adsco.re/ 35 KB
12 KB 32ms
16ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 521797
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 62ae2346ad653240-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a0b4602c000032408c342000000001
expires: Sun, 04 Apr 2021 21:18:34 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 69 KB
23 KB 714ms
712ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=801896542&size=300x250&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713983831435&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

663431d802f0d14dff07d79e5abc2eb0221893684c59327e9f8431b47da9dae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 12-8, 12-15
content-length: 23069
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame EDD5 14 KB
6 KB 113ms
113ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:34 GMT
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 52ms
51ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&vi=1614892713983831435&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892714018&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892714017013824209928755&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:34 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 76 KB
27 KB 740ms
736ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713181185460&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2bafa3da281755ad3f577dce29e2d3ee5c3a082d77359f728c3bfe60e52760ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 8-16, 8-14
content-length: 27668
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 5D2F 14 KB
6 KB 97ms
96ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:34 GMT
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 81ms
79ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1614892713181185460&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892714033&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892714030013824209925635&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:34 GMT

GET
H2 200 /
6.adsco.re/ 0
130 B 44ms
21ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.news9ontime.com
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.news9ontime.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 62ae2346f999d6c1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a0b4605e0000d6c1d6223000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
467 B 118ms
27ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.news9ontime.com
Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.news9ontime.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 76 KB
27 KB 709ms
709ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713538289413&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a7025945886c88803f105453505219a5062550c2c92b11156606f7c853c4edce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 8-3, 8-14
content-length: 27648
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8FC9 14 KB
6 KB 75ms
75ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:34 GMT
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 74ms
73ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1614892713538289413&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892714055&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892714054013824209921673&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:34 GMT

GET getads.js
cdn.chitika.net/ 0
0

POST
H/1.1 200
OK p Show response
adsco.re/ 0
421 B 105ms
27ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
467 B 103ms
26ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 79c7b1ba349dd28d50e66165091337c61d7631168888e457901a9246e6d549d3

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.news9ontime.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 53 B
475 B 28ms
21ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.news9ontime.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 62ae2346f997d6c1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a0b4605e0000d6c1193d9000000001

POST
H/1.1 200
OK /
9x6zkhc5up5i.l4.adsco.re/ 0
464 B 103ms
26ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://9x6zkhc5up5i.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
9x6zkhc5up5i.n4.adsco.re/ 0
464 B 373ms
94ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://9x6zkhc5up5i.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
9x6zkhc5up5i.s4.adsco.re/ 0
464 B 1047ms
233ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://9x6zkhc5up5i.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 / Show response
c.adsco.re/ Frame 678D 35 KB
12 KB 16ms
15ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: text/html
cache-control: public, max-age=2678400
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires: Sun, 04 Apr 2021 21:18:34 GMT
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
cf-cache-status: HIT
age: 521797
cf-request-id: 08a0b4605a00003240a38a7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 62ae2346fdda3240-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 69 KB
23 KB 512ms
512ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=801896542&size=300x250&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713337585623&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc52615c14307205ad4357736bbea930f6b3afecbec015bcb0cf520c1f5f6130

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 8-10, 8-21
content-length: 23079
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2BDC 14 KB
6 KB 78ms
78ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:34 GMT
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 65ms
65ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&vi=1614892713337585623&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892714260&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892714258013824209923738&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:34 GMT

GET
H2 200 /
6.adsco.re/ Frame 678D 0
144 B 13ms
12ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://c.adsco.re
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://c.adsco.re
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 62ae23482af9d6c1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a0b4611e0000d6c11488b000000001

GET
H/1.1 200
OK /
4.adsco.re/ Frame 678D 0
458 B 29ms
28ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://c.adsco.re
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 21:18:34 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3-Q050 404 8.jpg
www.news9ontime.com/wp-content/uploads/2018/04/ 33 KB
33 KB 194ms
194ms Image
text/html 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2018/04/8.jpg
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: da4f9d94aa8f302d6bebd3017a494d0d11acdb87573111a4ac7017e34ca0ddb9

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 76 KB
27 KB 422ms
422ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CUIG0E7H&cpcd=r44KCdXiOX5Y4h1ggmmzkg%3D%3D&crid=852638897&size=728x90&cc=FR&https=1&vif=1&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&nse=5&vi=1614892713883421514&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

519e6ff88206459c88a5ff96233f97fecc9aff0d60ff4962e7658fecf81abd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-9
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 04 Mar 2021 21:18:34 GMT
x-mnt-w: 8-3, 8-14
content-length: 27647
expires: Thu, 04 Mar 2021 21:23:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B1CC 14 KB
6 KB 113ms
113ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIG0E7H&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.news9ontime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.news9ontime.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 05 Sep 2021 21:18:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 06 Mar 2021 21:18:34 GMT
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 5529

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 44ms
43ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&vi=1614892713883421514&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886780971&r=1614892714317&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001614892714315013824209927204&gdpr=1&vgd_end=1

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:34 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:34 GMT

GET
H2 200 / Show response
c.adsco.re/ Frame 678D 35 KB
12 KB 14ms
14ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 521797
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 62ae23489fcd3240-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a0b4615d0000324022abb000000001
expires: Sun, 04 Apr 2021 21:18:34 GMT

GET
H2 404 2
tharbadir.com/ 0
0 39ms
38ms Script
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tharbadir.com/2?z=2352359
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:34 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers: X-Sc
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7

GET
H/1.1 200
OK zone Show response
vistoolr.net/ 684 B
1 KB 37ms
35ms Fetch
application/json 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://vistoolr.net/zone?pub=0&zone_id=2352380&is_mobile=false&domain=www.news9ontime.com&var=&ymid=&var_3=

Requested by

Host: vistoolr.net
URL: https://vistoolr.net/pfe/current/tag.min.js?z=2352380

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.229.webazilla.com

Software

nginx /

Resource Hash

3f2a8e41d0797af5153fdf29f5f48cf84cae1af131b4ffc8e2b1b049ed81ed30

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 316d84084e8bd06d2dfc515d04ca83d3
Date: Thu, 04 Mar 2021 21:18:30 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 684

GET
H/1.1 200
OK universal.min.js Show response
vistoolr.net/pfe/current/ 106 KB
38 KB 127ms
56ms Fetch
application/javascript 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/pfe/current/universal.min.js?v=3.1.282
Requested by: Host: vistoolr.net
URL: https://vistoolr.net/pfe/current/tag.min.js?z=2352380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.229.webazilla.com
Software: nginx /
Resource Hash: 976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 21:18:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:05 GMT
Server: nginx
ETag: W/"602bc9cd-1a972"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.news9ontime.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200
OK p Show response
adsco.re/ 364 B
864 B 40ms
40ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 7676693c97418df59f83a6a331c9992fbc149862ba9fcfbc93af55efce6e1486

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 04 Mar 2021 21:18:34 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://www.news9ontime.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK c Show response
serve.popads.net/ 44 B
245 B 328ms
133ms Script
text/javascript 216.21.13.17
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.popads.net/c?_=BAoAYEFOqgFgQU6qgAGBAsAAIAB3vjbXj0_-bAqQVYSQXSMtUimJDdqnFbujIZPf-Q-XwQBIMEYCIQDZvtFWHbvr9dt6ljGiHbFcCb0lM4pb6s2rI-CnAAWeNwIhAKYPCw3vKX2dVelKIyor0Of4mRxTbLzu0iv_MgjxBew4wgAgpakVm4sXyqAGs4fgdYk85R2kQwF_ZjrJpE8n6EhNzSjEABAqAQT4ASETGgAAAAAAAAACxQAQyhTiDFN2_as4-IeQMfxUvMMARzBFAiAvYDIgkLrRJqCjqX6PGMAQhUbp12iAYx8KUjY7r_igmgIhAJ3rCskQGwq4-9tvXUSRmI8b55sapLg-IizOZYygMG9w&v=4&siteId=3826536&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by: Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 216.21.13.17 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 04 Mar 2021 21:18:34 GMT
PopAds-EC: ASB
ASF: 9
Connection: Keep-Alive
Content-Length: 44
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame D3EB 88 KB
29 KB 46ms
46ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:34 GMT

GET
DATA 200
OK truncated
/ Frame D3EB 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D3EB 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame 3E37 88 KB
29 KB 71ms
71ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:34 GMT

GET
DATA 200
OK truncated
/ Frame 3E37 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E37 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3E37 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame 47D2 88 KB
29 KB 65ms
64ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:34 GMT

GET
DATA 200
OK truncated
/ Frame 47D2 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 47D2 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 47D2 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame 8C1D 88 KB
29 KB 64ms
64ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:34 GMT

GET
DATA 200
OK truncated
/ Frame 8C1D 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8C1D 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8C1D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame 6ECB 88 KB
29 KB 56ms
55ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:34 GMT

GET
DATA 200
OK truncated
/ Frame 6ECB 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6ECB 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame 4876 88 KB
29 KB 49ms
48ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:34 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:34 GMT

GET
DATA 200
OK truncated
/ Frame 4876 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4876 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4876 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV2159.js Show response
contextual.media.net/4a/ Frame D5CD 88 KB
29 KB 64ms
64ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2159.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIG0E7H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "ddd9dda6bfaf0bb1525a8a27c3ee6131"
vary: Accept-Encoding
x-mnet-h: 8-4
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 04 Mar 2021 21:18:35 GMT
content-length: 29201
expires: Thu, 18 Mar 2021 21:18:35 GMT

GET
DATA 200
OK truncated
/ Frame D5CD 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D5CD 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame D3EB 15 B
216 B 47ms
47ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892714017013824209928755&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftVG7J_haTxBUZSZ0-SUGsVE&lpid=&tsid=1&q=&prv=&type=&ps=&cme=IswqYM0zmyqWMBv-s1nmmE7X33uHf0NZ1pdb7zEHziPs_yB94CA9sTCiZnqLYZYXISUiqO26rKUGmlVD7TpqHKSV9lrjZ5OaPEOwuqnw0MGIcbPxHvXv5pvD_qVywnfRl_KXpO2sHkeSrdjIF90bOg_PYSHeyYKeJLTwMPHgvskaigJ3AjQPptEafYuJ6aXDNMGBEToHdHsQtEW9137RkUPn8xgC7mz5%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7CpVu6LaRFuVxgk28d_Q7L1Anpe7HnYb8a6mlvvtLc2Y7tP3M0e45K234x36v_RDt2FjTIm5QkcXiVZEE_riRs34U5MU0e7VG7T8jYMPGXBFt_h1qtVqL3_bBEJe7lbA8kU0Q785tbiwlenQF9MUX0UOqsmDPzFZnneOWBC3PvkQPLiXC4b_xulOnjN-sEO_Qv4XvBMJi1MJZrBCHGP_Hz4A%3D%3D%7C&hint=&td=&cc=FR&wsip=2886937517&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=ufNoNufzNuN&vgde_setid=NufozNuN&&rc=0&ksu=224&fdkt=232&kwd[]=Offers%20on%20Women%27s%20Clothing&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=329695454&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.23%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Offers%20on%20Sports%20Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734968&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.66%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Electronic%20Gadget%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=77757437&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Smartphones%20for%20Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=321185319&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.35%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Cheap%20NFL%20Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=5673023&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.05%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1614892714980&cid=8CUIG0E7H&vwid=1614892713983831435&vi=1614892713983831435&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892714017&upk=1614892714.15387&hvsid=00001614892714017013824209928755&verid=3111299&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892714985&vgd_ltime=970&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886931942&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=1010&vgd_y_pos=3393&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=191220&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=324_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3ncc%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713983831435%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D801896542%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A324%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame D3EB 807 B
980 B 561ms
215ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 47D2 15 B
216 B 36ms
35ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892713872013824209925537&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftWrSGM8aFZ4idSE9VYo0svo&lpid=&tsid=4&q=&prv=&type=&ps=&cme=mdVJrQkhEVAcKTEYLvvv54sjY7cIq_nis6KW9y3rSCHbOOpOyN7YLUzaW4Yj-BAcGSj-H2Hf5eT0PXywVR2O2eQQW8ccXzKYnYioG-Pw_3Yc4slgcn-XNTsvexibiF1ME4v3lkkH_puyCGUxZACQdT6vHM5kYBt6mEaXv15W3we6gizjHuI4zTiN41gNsdTtCpVE7-0c6KxCDm-h1iNabkR1eczcKLaQ%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7C1lCohip8P4IE0j-myhAsA8vHIEIEq348_9QunTBY_qELLhoO9vHoEu-aFkzfBbVpO4gRhspGv5K6KHR24y0t9C4jMhkuf_ZYKT_6Qn7-DFBXQpK3e9cXY2Ow2YGKn7dIy5XElJCsFMVDeXXMLeGl7DkAVvGx1KxqxkLfFZ8tTzr5y7gufnLMHXHmYhZ6Z_i85aR2-h6XPMTNLyatbLhlMA%3D%3D%7C&hint=&td=&cc=FR&wsip=2886780938&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=232&kwd[]=Smartphones%20for%20Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=321185319&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.35%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Cheap%20NFL%20Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=5673023&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.05%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Electronic%20Gadget%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=77757437&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Offers%20on%20Sports%20Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329734968&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.66%7C%7Clvl%3D1.00&ktd[]=274895077632&rand=1614892715000&cid=8CUIG0E7H&vwid=1614892713223567749&vi=1614892713223567749&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892713872&upk=1614892714.15387&hvsid=00001614892713872013824209925537&verid=3111299&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892715004&vgd_ltime=1137&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886780970&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=606&vgd_y_pos=56&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=200317&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713223567749%26lw%3D1%26esi%3D1%26size%3D728x90%26crid%3D852638897%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A4&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame 47D2 807 B
869 B 669ms
341ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 3E37 15 B
216 B 39ms
38ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892714315013824209927204&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftWrSGM8aFZ4idSE9VYo0svo&lpid=&tsid=4&q=&prv=&type=&ps=&cme=mdVJrQkhEVAcKTEYLvvv54sjY7cIq_nis6KW9y3rSCHbOOpOyN7YLUzaW4Yj-BAcGSj-H2Hf5eT0PXywVR2O2eQQW8ccXzKYnYioG-Pw_3Yc4slgcn-XNTsvexibiF1ME4v3lkkH_puyCGUxZACQdT6vHM5kYBt6mEaXv15W3we6gizjHuI4zTiN41gNsdTtCpVE7-0c6KxCDm-h1iNabkR1eczcKLaQ%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7C1lCohip8P4IE0j-myhAsA8vHIEIEq348_9QunTBY_qELLhoO9vHoEu-aFkzfBbVpO4gRhspGv5K6KHR24y0t9C4jMhkuf_ZYKT_6Qn7-DFBXQpK3e9cXY2Ow2YGKn7dIy5XElJCsFMVDeXXMLeGl7DkAVvGx1KxqxkLfFZ8tTzr5y7gufnLMHXHmYhZ6Z_i85aR2-h6XPMTNLyatbLhlMA%3D%3D%7C&hint=&td=&cc=FR&wsip=2886780938&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=232&kwd[]=Smartphones%20for%20Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=321185319&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.35%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Cheap%20NFL%20Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=5673023&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.05%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Electronic%20Gadget%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=77757437&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Offers%20on%20Sports%20Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329734968&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.66%7C%7Clvl%3D1.00&ktd[]=274895077632&rand=1614892715009&cid=8CUIG0E7H&vwid=1614892713883421514&vi=1614892713883421514&l3ch=1&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D4%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892714315&upk=1614892714.15387&hvsid=00001614892714315013824209927204&verid=3111299&kbbq=%26sde%3D1%26adepth%3D4%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892715011&vgd_ltime=698&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=1&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886780970&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=650&vgd_y_pos=8347&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=200317&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713223567749%26lw%3D1%26esi%3D1%26size%3D728x90%26crid%3D852638897%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A2&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame 3E37 807 B
869 B 1406ms
1085ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 8C1D 15 B
216 B 37ms
36ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892714054013824209921673&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftWrSGM8aFZ4idSE9VYo0svo&lpid=&tsid=4&q=&prv=&type=&ps=&cme=mdVJrQkhEVAcKTEYLvvv54sjY7cIq_nis6KW9y3rSCHbOOpOyN7YLUzaW4Yj-BAcGSj-H2Hf5eT0PXywVR2O2eQQW8ccXzKYnYioG-Pw_3Yc4slgcn-XNTsvexibiF1ME4v3lkkH_puyCGUxZACQdT6vHM5kYBt6mEaXv15W3we6gizjHuI4zTiN41gNsdTtCpVE7-0c6KxCDm-h1iNabkR1eczcKLaQ%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7C1lCohip8P4IE0j-myhAsA8vHIEIEq348_9QunTBY_qELLhoO9vHoEu-aFkzfBbVpO4gRhspGv5K6KHR24y0t9C4jMhkuf_ZYKT_6Qn7-DFBXQpK3e9cXY2Ow2YGKn7dIy5XElJCsFMVDeXXMLeGl7DkAVvGx1KxqxkLfFZ8tTzr5y7gufnLMHXHmYhZ6Z_i85aR2-h6XPMTNLyatbLhlMA%3D%3D%7C&hint=&td=&cc=FR&wsip=2886780938&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=232&kwd[]=Smartphones%20for%20Business&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=321185319&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.35%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Cheap%20NFL%20Tickets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=5673023&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.05%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Electronic%20Gadget%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=77757437&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Offers%20on%20Sports%20Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329734968&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.66%7C%7Clvl%3D1.00&ktd[]=274895077632&rand=1614892715015&cid=8CUIG0E7H&vwid=1614892713538289413&vi=1614892713538289413&l3ch=1&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D3%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892714054&upk=1614892714.15387&hvsid=00001614892714054013824209921673&verid=3111299&kbbq=%26sde%3D1%26adepth%3D3%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892715017&vgd_ltime=964&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=1&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886780970&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=650&vgd_y_pos=5877&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=200317&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713223567749%26lw%3D1%26esi%3D1%26size%3D728x90%26crid%3D852638897%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A2&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame 8C1D 807 B
869 B 534ms
218ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 6ECB 15 B
216 B 36ms
35ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892714258013824209923738&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftVG7J_haTxBUZSZ0-SUGsVE&lpid=&tsid=1&q=&prv=&type=&ps=&cme=mtVR7E7hUqhILLJK5-n00e55ma6RetUy6KlSJ7bKSKtT5IiSGFW2G52Bb8cpkQ8bteRFNknLU1D1e_Nrmo1J4v8rv9CXDP6sAjU6cBpxqnZmOJSYL9iCuEAttZO6xmtdmqzeiMEWrUskOT2eWDcJba-MEm3RlW_NOFHH74oex_6qVPyblrNTgrH-5mLVwvVpy2TmgzdBT7ipGKlURWBAob3_LqcxPkXF%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7Cr5G5-O66ry4HOHxn7hS_YL3W0WvG_8t7RHyf00kl6TPbIEuLwtJxBMNIKy8R1_Kwtt859rPsq58iua8t0SJYjWQ4KQK3GzbufSumr48S4CQSfQUMnWtMxV5nCrWiDaQWhEK_p60l6UU60sL2cVc9TDLy5qIgYtcYFJw4EIZmxFmcNgzDSORBEzni6EOyWc4jHpNe-6WDNMmFXfuTUct4OA%3D%3D%7C&hint=&td=&cc=FR&wsip=2886781041&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=232&kwd[]=Best%20Smart%20Home%20Gadgets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=324634347&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&kwd[]=Smart%20Fitness%20Bands&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734969&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&kwd[]=Latest%20Movie%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=17128500&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Offers%20on%20Women%27s%20Clothing&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329695454&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.23%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Top%20Legal%20Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=329734970&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&rand=1614892715021&cid=8CUIG0E7H&vwid=1614892713337585623&vi=1614892713337585623&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D3%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892714258&upk=1614892714.15387&hvsid=00001614892714258013824209923738&verid=3111299&kbbq=%26sde%3D1%26adepth%3D3%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892715024&vgd_ltime=767&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=1&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781338&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=1010&vgd_y_pos=6037&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=191220&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=324_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713337585623%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D801896542%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A324%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame 6ECB 807 B
869 B 503ms
215ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 4876 15 B
216 B 39ms
39ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892714030013824209925635&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftWrSGM8aFZ4idSE9VYo0svo&lpid=&tsid=4&q=&prv=&type=&ps=&cme=sPsZFf8abFZlwfSp940A9EeF1BXpkyyIxxoEvm-Jpp5gmd_kg-HVLoIoTprnBT_ryqz_XVqTA_lqHaejAFrqlrQal8vTj7tse8SAPHhy8OnBZ50RrnbJf7M5NY_17KedQe73DgSm-dTgl1GuXcnLOCZdDxIeh-EzRxWOianV1jVogWceFf5tWtsFJvv1ZCmS_MIG07zriuLvzyv4dOefcUWrFbDYIwpo%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7CpVu6LaRFuVy6zLi27QEp1Wgl3pXb-JJXIG8dq3TcsDWKpiuiTF0YulCMD94A8NJZtIbeKTpD3amJJIYV4QFLjiy_fKdN1-DQlSnGJPwolAzUx02ZBUS8kWVawfbPnIWy3hI2FohOT8dLF5mu6vvPKkrHHrPM4sEr8m-q264rS8Xf3tPi8v6Wh4a5Ztl_tp77-Ii5ys3xyEm8lNcubT5usBpeDpraSTsc%7C&hint=&td=&cc=FR&wsip=2886781008&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=232&kwd[]=Offers%20on%20Women%27s%20Clothing&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=329695454&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.23%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Latest%20Movie%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=17128500&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Top%20Legal%20Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=329734970&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&kwd[]=Offers%20on%20Sports%20Merchandise&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329734968&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.66%7C%7Clvl%3D1.00&ktd[]=274895077632&rand=1614892715032&cid=8CUIG0E7H&vwid=1614892713181185460&vi=1614892713181185460&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892714030&upk=1614892714.15387&hvsid=00001614892714030013824209925635&verid=3111299&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892715034&vgd_ltime=1005&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=1&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886780970&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=650&vgd_y_pos=4861&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=200317&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713181185460%26lw%3D1%26esi%3D1%26size%3D728x90%26crid%3D852638897%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A2&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame 4876 807 B
869 B 608ms
347ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

OPTIONS
H/1.1 200
OK custom
vistoolr.net/ Frame 0
0 34ms
34ms Preflight
text/plain 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/custom
Protocol: HTTP/1.1
Server: 88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.229.webazilla.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.news9ontime.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 21:18:30 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
vistoolr.net/ 39 B
494 B 37ms
37ms Fetch
application/json 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://vistoolr.net/custom

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.229.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e299ec505d209bae517ded8ad383a141
Date: Thu, 04 Mar 2021 21:18:30 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H3-Q050 200 sw.js Show response
www.news9ontime.com/ 3 KB
1 KB 180ms
180ms Fetch
application/javascript 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news9ontime.com/sw.js
Requested by: Host: www.news9ontime.com
URL: https://www.news9ontime.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 6428a98867d7e43375d252606a333c0faca7031045b00036dc1170cb2a17a3d9

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
content-encoding: br
last-modified: Thu, 04 Mar 2021 20:50:15 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1072
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame D5CD 15 B
216 B 39ms
39ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001614892713987013824209925755&geo=48.87|2.33&dlper=25&lper=100&fp=ESqywDd8Z_cmv1nlBTwCkjc86rhxlb0VIvUpJRKCUkNVRB3qaphEuY60M8lsHhZ4z1o08idar0quiCTuoe6C-L0bGbbor4tbUhgxVgsJftVG7J_haTxBUZSZ0-SUGsVE&lpid=&tsid=1&q=&prv=&type=&ps=&cme=mtVR7E7hUqhILLJK5-n00e55ma6RetUy6KlSJ7bKSKtT5IiSGFW2G52Bb8cpkQ8bteRFNknLU1D1e_Nrmo1J4v8rv9CXDP6sAjU6cBpxqnZmOJSYL9iCuEAttZO6xmtdmqzeiMEWrUskOT2eWDcJba-MEm3RlW_NOFHH74oex_6qVPyblrNTgrH-5mLVwvVpy2TmgzdBT7ipGKlURWBAob3_LqcxPkXF%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI%3D%7CN7fu2vKt8_s%3D%7Cr5G5-O66ry4HOHxn7hS_YL3W0WvG_8t7RHyf00kl6TPbIEuLwtJxBMNIKy8R1_Kwtt859rPsq58iua8t0SJYjWQ4KQK3GzbufSumr48S4CQSfQUMnWtMxV5nCrWiDaQWhEK_p60l6UU60sL2cVc9TDLy5qIgYtcYFJw4EIZmxFmcNgzDSORBEzni6EOyWc4jHpNe-6WDNMmFXfuTUct4OA%3D%3D%7C&hint=&td=&cc=FR&wsip=2886781041&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=232&kwd[]=Best%20Smart%20Home%20Gadgets&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=1&kid[]=324634347&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&kwd[]=Smart%20Fitness%20Bands&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=2&kid[]=329734969&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&kwd[]=Latest%20Movie%20Reviews&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=3&kid[]=17128500&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Offers%20on%20Women%27s%20Clothing&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=4&kid[]=329695454&kbc2[]=0%7C%7Cps%3D0.965%7C%7Crpc%3D0.23%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Top%20Legal%20Articles&kwt[]=232&kbc[]=de7df7d9c7ee6d8e3794525b157f320f.d2s&kwp[]=5&kid[]=329734970&kbc2[]=0%7C%7Cps%3D0.965&ktd[]=274895077632&rand=1614892715045&cid=8CUIG0E7H&vwid=1614892713592470835&vi=1614892713592470835&l3ch=1&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=IDF&vgd_l1rakh=1614892713185408123&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1614892713987&upk=1614892714.15387&hvsid=00001614892713987013824209925755&verid=3111299&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO2E81UX&katen=1&pc=100&matm=1614892715048&vgd_ltime=1065&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=IDF&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781338&vgd_nrrsf=nrr&vgd_nrrv=2159&vgd_nrrs=2159&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=1022&vgd_y_pos=1003&vgd_ren_page_h=9220&vgd_cty=PARIS&vgd_l1hcsd=A9%7C1503&vgd_sethcsd=N9%7C1437&vgd_cfud=191220&vgd_is_amp=0&vgd_icat=379&vgd_spcat=500996&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fwww.news9ontime.com&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DFR%26isOffice%3D0%26fvips%3D0%26vi%3D1614892713337585623%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D801896542%26vpf%3D000%26cid%3D8CUIG0E7H%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3Dr44KCdXiOX5Y4h1ggmmzkg%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO2E81UX%26requrl%3Dhttps%253a%252f%252fwww.news9ontime.com%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H2 200 log
navvy.media.net/ Frame D5CD 807 B
869 B 905ms
905ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Thu, 04 Mar 2021 21:18:35 GMT

OPTIONS
H/1.1 200
OK custom
vistoolr.net/ Frame 0
0 44ms
34ms Preflight
text/plain 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/custom
Protocol: HTTP/1.1
Server: 88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.229.webazilla.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.news9ontime.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 21:18:30 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 log
lg3.media.net/ 35 B
206 B 35ms
35ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/log?&logid=kfk&evtid=adPrvLog&otherprov=0&cid=8CUIG0E7H&crid=852638897&cc=FR&ugd=4&timeTaken=2&vi=1614892713223567749&r=1614892715053

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.35.v20201120) /

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 21:18:35 GMT
server: Jetty(9.4.35.v20201120)
strict-transport-security: max-age=21600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 04 Mar 2021 21:18:35 GMT

POST
H/1.1 200
OK custom Show response
vistoolr.net/ 39 B
494 B 40ms
38ms Fetch
application/json 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://vistoolr.net/custom

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.229.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f229dd09b94d1f6e822b0c374d7036e9
Date: Thu, 04 Mar 2021 21:18:30 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H3-Q050 200 coronavirus-some-ontario-universities-plan-for-in-person-learning-in-fall.jpg
www.news9ontime.com/wp-content/uploads/2021/03/ 121 KB
121 KB 182ms
179ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/coronavirus-some-ontario-universities-plan-for-in-person-learning-in-fall.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 263dc0f9258491c0c40f96eb9efa643c7e1ed40994a2ca02f568834cda34f2c9

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 04 Mar 2021 20:45:11 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 124178
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 covid-19-vaccine-pilot-at-some-ontario-pharmacies-to-begin-next-week-with-oxford-astrazeneca-scaled.jpg
www.news9ontime.com/wp-content/uploads/2021/03/ 362 KB
0 199ms
195ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/covid-19-vaccine-pilot-at-some-ontario-pharmacies-to-begin-next-week-with-oxford-astrazeneca-scaled.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 04 Mar 2021 19:45:06 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 495835
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 air-canada-agrees-to-refund-flights-not-taken-during-pandemic-in-exchange-for-bailout.jpg
www.news9ontime.com/wp-content/uploads/2021/03/ 2 KB
2 KB 199ms
195ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/air-canada-agrees-to-refund-flights-not-taken-during-pandemic-in-exchange-for-bailout.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 92bc5b73498490d5212cf79bfa91e7de1c8d0267a3369e187e3f3692b6543860

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 04 Mar 2021 18:35:21 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2206
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 ontario-doctor-cautioned-by-regulators-for-spreading-covid-19-misinformation.png
www.news9ontime.com/wp-content/uploads/2021/03/ 351 KB
0 198ms
195ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/ontario-doctor-cautioned-by-regulators-for-spreading-covid-19-misinformation.png
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 04 Mar 2021 17:35:06 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 934102
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 the-laundromat.jpg
www.news9ontime.com/wp-content/uploads/2019/09/ 18 KB
19 KB 198ms
194ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/09/the-laundromat.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 21cb14bf4f64713ef0c51dc416bc7b6f68fbcb36cc4c1aef8c6b99c1329df341

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 12 Sep 2019 18:25:56 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 18911
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 the-92-away-day-tracker.jpg
www.news9ontime.com/wp-content/uploads/2020/06/ 14 KB
14 KB 198ms
194ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2020/06/the-92-away-day-tracker.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 1691a756628546619e10390b1a85592a768a2546336b7b50eb0f0f195b3e8a55

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Mon, 22 Jun 2020 15:15:05 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 14086
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 us-china-tensions-erupt-after-trump-orders-go-ahead-of-300bn-tariffs-on-chinese-imports.jpg
www.news9ontime.com/wp-content/uploads/2019/05/ 42 KB
42 KB 198ms
194ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/05/us-china-tensions-erupt-after-trump-orders-go-ahead-of-300bn-tariffs-on-chinese-imports.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: e97d6e93fc84cf5e5d6a3517e4fae29fb13a64dea59d56051f537bf7ee25c649

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Sat, 11 May 2019 00:57:10 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 42963
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 theyve-done-nothing-economists-scathing-assessment-of-eus-coronavirus-response-100x70.jpg
www.news9ontime.com/wp-content/uploads/2020/04/ 3 KB
3 KB 198ms
194ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2020/04/theyve-done-nothing-economists-scathing-assessment-of-eus-coronavirus-response-100x70.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: cb75c7e1385cd1026f96f432c36833126763e685b8252d94b61e6a579171236e

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Wed, 08 Apr 2020 19:15:39 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3050
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 philadelphia-shooting-eight-wounded-in-horrific-daytime-attack-near-subway-station.jpg
www.news9ontime.com/wp-content/uploads/2021/02/ 43 KB
43 KB 197ms
194ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/02/philadelphia-shooting-eight-wounded-in-horrific-daytime-attack-near-subway-station.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 0de1c174f7f12b2ea3c59f04482a28c53ec878d46d29bf33d6aab50aec00fbd2

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 18 Feb 2021 02:04:58 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 44404
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 worlds-most-expensive-car-bugatti-la-voiture-noire.jpg
www.news9ontime.com/wp-content/uploads/2019/04/ 119 KB
119 KB 197ms
194ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2019/04/worlds-most-expensive-car-bugatti-la-voiture-noire.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 5431ccb29ca09bbea6a57b23d8470d9964c700fff1021be1cd68857430773197

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Tue, 09 Apr 2019 12:45:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 122278
expires: Sat, 03 Apr 2021 21:18:35 GMT

GET
H3-Q050 200 td_218x150.png
www.news9ontime.com/wp-content/themes/Newspaper/images/no-thumb/ 178 B
226 B 197ms
194ms Image
image/png 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/themes/Newspaper/images/no-thumb/td_218x150.png
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 404e95b8164594a41d386d11335edfdfec8532700308fade72adbc3c9c47622a

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:35 GMT
last-modified: Thu, 12 Apr 2018 07:15:58 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 178
expires: Sat, 03 Apr 2021 21:18:35 GMT

POST
H/1.1 200
OK custom Show response
vistoolr.net/ 39 B
494 B 36ms
36ms Fetch
application/json 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://vistoolr.net/custom

Requested by

Host: www.news9ontime.com
URL: https://www.news9ontime.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.229.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 5c2dabc3cfc7d37c7efc88d3387e17ec
Date: Thu, 04 Mar 2021 21:18:30 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
vistoolr.net/ Frame 0
0 36ms
36ms Preflight
text/plain 88.85.66.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/custom
Protocol: HTTP/1.1
Server: 88.85.66.229 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.229.webazilla.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.news9ontime.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 21:18:30 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.news9ontime.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 37ms
37ms Image
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO2E81UX&vgd_viab=1&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=mdVJrQkhEVAcKTEYLvvv54sjY7cIq_nis6KW9y3rSCHbOOpOyN7YLUzaW4Yj-BAcGSj-H2Hf5eT0PXywVR2O2eQQW8ccXzKYnYioG-Pw_3Yc4slgcn-XNTsvexibiF1ME4v3lkkH_puyCGUxZACQdT6vHM5kYBt6mEaXv15W3we6gizjHuI4zTiN41gNsdTtCpVE7-0c6KxCDm-h1iNabkR1eczcKLaQ||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI=|N7fu2vKt8_s=|1lCohip8P4IE0j-myhAsA8vHIEIEq348_9QunTBY_qELLhoO9vHoEu-aFkzfBbVpO4gRhspGv5K6KHR24y0t9C4jMhkuf_ZYKT_6Qn7-DFBXQpK3e9cXY2Ow2YGKn7dIy5XElJCsFMVDeXXMLeGl7DkAVvGx1KxqxkLfFZ8tTzr5y7gufnLMHXHmYhZ6Z_i85aR2-h6XPMTNLyatbLhlMA==|&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=852638897&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vi=1614892713223567749&ugd=4&cc=FR&sc=IDF&startTime=1614892713867&l2type=setting&vgd_l1rakh=1614892713185408123&l1ch=1&sttm=1614892713872&upk=1614892714.15387&hvsid=00001614892713872013824209925537&verid=3111299&vgd_sc=IDF&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A9|1503&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&l2ch=0&l2wsip=2886780970&sethcsd=set!N9%7C1437

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:35 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:35 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 52ms
52ms Image
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO2E81UX&vgd_viab=1&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=mtVR7E7hUqhILLJK5-n00e55ma6RetUy6KlSJ7bKSKtT5IiSGFW2G52Bb8cpkQ8bteRFNknLU1D1e_Nrmo1J4v8rv9CXDP6sAjU6cBpxqnZmOJSYL9iCuEAttZO6xmtdmqzeiMEWrUskOT2eWDcJba-MEm3RlW_NOFHH74oex_6qVPyblrNTgrH-5mLVwvVpy2TmgzdBT7ipGKlURWBAob3_LqcxPkXF||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaGnQXqDLyv3SdJSYOWesgxLB8yQoc3klRI=|N7fu2vKt8_s=|r5G5-O66ry4HOHxn7hS_YL3W0WvG_8t7RHyf00kl6TPbIEuLwtJxBMNIKy8R1_Kwtt859rPsq58iua8t0SJYjWQ4KQK3GzbufSumr48S4CQSfQUMnWtMxV5nCrWiDaQWhEK_p60l6UU60sL2cVc9TDLy5qIgYtcYFJw4EIZmxFmcNgzDSORBEzni6EOyWc4jHpNe-6WDNMmFXfuTUct4OA==|&gdpr=1&prid=8PRHGG6T9&cid=8CUIG0E7H&crid=801896542&requrl=https%3A%2F%2Fwww.news9ontime.com%2F&vi=1614892713592470835&ugd=4&cc=FR&sc=IDF&startTime=1614892713983&l2type=setting&vgd_l1rakh=1614892713185408123&l1ch=1&sttm=1614892713987&upk=1614892714.15387&hvsid=00001614892713987013824209925755&verid=3111299&vgd_sc=IDF&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A9|1503&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&l2ch=0&l2wsip=2886781338&sethcsd=set!N9%7C1437

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 04 Mar 2021 21:18:36 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 04 Mar 2021 21:18:36 GMT

GET
H3-Q050 200 virtual-is-here-to-stay-canadian-gyms-to-maintain-expand-online-offerings-as-facilities-reopen.jpg
www.news9ontime.com/wp-content/uploads/2021/03/ 84 KB
84 KB 179ms
179ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/virtual-is-here-to-stay-canadian-gyms-to-maintain-expand-online-offerings-as-facilities-reopen.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: 37556645edd8c71cdfb12800a8122f617ff3ec26bcb8383a2414637943dbaded

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:36 GMT
last-modified: Thu, 04 Mar 2021 10:35:10 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 86310
expires: Sat, 03 Apr 2021 21:18:36 GMT

GET
H3-Q050 200 a-phone-call-may-be-all-it-takes-to-ease-pandemic-loneliness-study.jpg
www.news9ontime.com/wp-content/uploads/2021/03/ 75 KB
75 KB 317ms
316ms Image
image/jpeg 199.231.86.13
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news9ontime.com/wp-content/uploads/2021/03/a-phone-call-may-be-all-it-takes-to-ease-pandemic-loneliness-study.jpg
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 199.231.86.13 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: easyhosting123.com
Software: LiteSpeed /
Resource Hash: ac53e3c9b67c496332b209cbabc91de8acfc6fd253009babd1ac15ef9f8ce84e

Request headers

Referer: https://www.news9ontime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:18:36 GMT
last-modified: Wed, 03 Mar 2021 22:35:09 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 77009
expires: Sat, 03 Apr 2021 21:18:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.chitika.net
URL: https://cdn.chitika.net/getads.js

Domain: cdn.chitika.net
URL: https://cdn.chitika.net/getads.js

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.media.net/	1970-01-19 21:01:16	Name: gdpr_status Value: 1
www.news9ontime.com/	1970-01-19 16:35:14	Name: _popprepop Value: 1
.news9ontime.com/	1970-01-19 16:36:19	Name: _gid Value: GA1.2.391614003.1614892714
www.news9ontime.com/	1970-01-19 16:34:54	Name: session_depth Value: www.news9ontime.com%3D1%7C852638897%3D4%7C801896542%3D3
www.news9ontime.com/	1970-01-19 16:35:17	Name: a Value: rH20l2bhv4DI8PfZE7c3sLcfChqeCMG2
www.news9ontime.com/	1970-01-19 16:35:14	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYEFOqgFgQU6qgAGBAsAAIAB3vjbXj0_-bAqQVYSQXSMtUimJDdqnFbujIZPf-Q-XwQBIMEYCIQDZvtFWHbvr9dt6ljGiHbFcCb0lM4pb6s2rI-CnAAWeNwIhAKYPCw3vKX2dVelKIyor0Of4mRxTbLzu0iv_MgjxBew4wgAgpakVm4sXyqAGs4fgdYk85R2kQwF_ZjrJpE8n6EhNzSjEABAqAQT4ASETGgAAAAAAAAACxQAQyhTiDFN2_as4-IeQMfxUvMMARzBFAiAvYDIgkLrRJqCjqX6PGMAQhUbp12iAYx8KUjY7r_igmgIhAJ3rCskQGwq4-9tvXUSRmI8b55sapLg-IizOZYygMG9w
.news9ontime.com/	1970-01-19 16:34:52	Name: _gat_gtag_UA_117511567_1 Value: 1
.news9ontime.com/	1970-01-20 10:06:04	Name: _ga Value: GA1.2.540114469.1614892714

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	debug	URL: https://c.adsco.re/(Line 15) Message:
console-api	log	(Line 1) Message: service worker path (u): /sw.js event domain: https://vistoolr.net

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
9x6zkhc5up5i.l4.adsco.re
9x6zkhc5up5i.n4.adsco.re
9x6zkhc5up5i.s4.adsco.re
adsco.re
c.adsco.re
c1.popads.net
cdn.chitika.net
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
lg3.media.net
navvy.media.net
serve.popads.net
tharbadir.com
vistoolr.net
www.google-analytics.com
www.googletagmanager.com
www.news9ontime.com
cdn.chitika.net
139.45.197.238
162.252.214.5
185.200.116.90
185.200.118.90
199.231.86.13
2.18.235.93
216.21.13.17
2606:4700::6811:a6ba
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a02:6ea0:c700::3
35.212.210.170
38.132.109.186
88.85.66.229
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0de1c174f7f12b2ea3c59f04482a28c53ec878d46d29bf33d6aab50aec00fbd2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3
1691a756628546619e10390b1a85592a768a2546336b7b50eb0f0f195b3e8a55
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2109de697a13ffc5a7a266564babe6e6c1078a8d685e040a7a0892732f541acb
21cb14bf4f64713ef0c51dc416bc7b6f68fbcb36cc4c1aef8c6b99c1329df341
23cc957bf5f475777df0c8b72c41c4be1fc293bc457af7d52431c13c117956d9
263dc0f9258491c0c40f96eb9efa643c7e1ed40994a2ca02f568834cda34f2c9
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2bafa3da281755ad3f577dce29e2d3ee5c3a082d77359f728c3bfe60e52760ce
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
37556645edd8c71cdfb12800a8122f617ff3ec26bcb8383a2414637943dbaded
393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3f2a8e41d0797af5153fdf29f5f48cf84cae1af131b4ffc8e2b1b049ed81ed30
3f393ad21ff280221b80529f4958efc8ff6d03e7a51ae6b2ae1d00122b880555
404e95b8164594a41d386d11335edfdfec8532700308fade72adbc3c9c47622a
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
425a7a9b9f10f9809288169af01695376da8b90b3e957f4987c4dad263403d49
519e6ff88206459c88a5ff96233f97fecc9aff0d60ff4962e7658fecf81abd12
5431ccb29ca09bbea6a57b23d8470d9964c700fff1021be1cd68857430773197
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7961f2cde880e022687d21c7652f33721f1f5791434e010a41a85e447455bb
5f25464e55da572bf2b7b1d7eedd0193556b605c79f29e90ba3bb8f16f502586
6428a98867d7e43375d252606a333c0faca7031045b00036dc1170cb2a17a3d9
663431d802f0d14dff07d79e5abc2eb0221893684c59327e9f8431b47da9dae4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db50623edf687a7fbebd61bba94bcf7ef9d029c20aad2c4919975b61d49eed5
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
7676693c97418df59f83a6a331c9992fbc149862ba9fcfbc93af55efce6e1486
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79c7b1ba349dd28d50e66165091337c61d7631168888e457901a9246e6d549d3
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b
82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92bc5b73498490d5212cf79bfa91e7de1c8d0267a3369e187e3f3692b6543860
976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d
9840aefd03a6a682b2942d0c8bee066477534d9669c5846f5e3736af57a50b30
9bf04274516def769daa9e7110fca6ee420167b5fbf07accc991172ac1b21aa3
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a7025945886c88803f105453505219a5062550c2c92b11156606f7c853c4edce
ac53e3c9b67c496332b209cbabc91de8acfc6fd253009babd1ac15ef9f8ce84e
aefc4c20a5b7c02c881634341f6e1dcceb24cdbe63da122876f2dd783d3cfd62
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334
b542b5681ad35c519434bc0d4896887ba037b127583c795d26a9029ebb99cd85
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c152453db4b8c67ebf3ef75aa1f31c4b588d00fe4d8ff4e6e5499c8af602387f
c6bdb1dc8ea8639ecb6757a21dc679727e90014c9c3ce92aeef16c4d37012c55
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cb75c7e1385cd1026f96f432c36833126763e685b8252d94b61e6a579171236e
cc52615c14307205ad4357736bbea930f6b3afecbec015bcb0cf520c1f5f6130
cd72ba564a1e89dd422f5c176668c70d518d654e49e650fdc88013d3a17ece23
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4d3b7b6736d9b3b8dfa99fe837c6275125e26fa1b5ba8054ade550478ede15
d037108150dd5c081dedd0f237869ddaf493605b6e3405ffc2b968fc6bf7af67
da4f9d94aa8f302d6bebd3017a494d0d11acdb87573111a4ac7017e34ca0ddb9
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97d6e93fc84cf5e5d6a3517e4fae29fb13a64dea59d56051f537bf7ee25c649
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
fbe0b1b485c9c32c61a86f441e860cc35b7d5342a2de762b356b04180009744f
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.news9ontime.com Open in urlscan Pro 199.231.86.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

98 %HTTPS

38 %IPv6

11 Domains

20 Subdomains

17 IPs

5 Countries

1667 kBTransfer

4938 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.news9ontime.com Open in urlscan Pro
199.231.86.13 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

98 %
HTTPS

38 %
IPv6

11
Domains

20
Subdomains

17
IPs

5
Countries

1667 kB
Transfer

4938 kB
Size

8
Cookies

121 HTTP transactions
20 data transactions