urlscan.io logo urlscan.io
SecurityTrails logo

newsonline.biz Open in urlscan Pro
2606:4700:3032::6815:17f5  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsonline.biz/
Submission: On December 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3032::6815:17f5, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsonline.biz.
TLS certificate: Issued by WE1 on October 14th 2024. Valid for: 3 months.
This is the only time newsonline.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    2606:4700:3032::6815:17f5 (United States)

ASN13335 (CLOUDFLARENET, US)
newsonline.biz
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700:20::ac43:47b6 (United States)

ASN13335 (CLOUDFLARENET, US)
doisongviet.net
media.doisongviet.net
7    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep1.adtrafficquality.google
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
Apex Domain
Subdomains		 Transfer
28 newsonline.biz
newsonline.biz
352 KB
8 doisongviet.net
doisongviet.net
media.doisongviet.net
649 KB
7 gstatic.com
fonts.gstatic.com
154 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com
250 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
189 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
210 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
323 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
8 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
2 KB
1 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9340
126 KB
60 12
Domain Requested by
28 newsonline.biz 7 redirects newsonline.biz
7 fonts.gstatic.com fonts.googleapis.com
newsonline.biz
6 media.doisongviet.net newsonline.biz
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 pagead2.googlesyndication.com newsonline.biz
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 securepubads.g.doubleclick.net newsonline.biz
securepubads.g.doubleclick.net
3 www.googletagmanager.com newsonline.biz
www.googletagmanager.com
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 doisongviet.net 2 redirects
2 fonts.googleapis.com newsonline.biz
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 lh3.googleusercontent.com newsonline.biz
1 jsc.mgid.com newsonline.biz
60 15

This site contains no links.

Subject Issuer Validity Valid
newsonline.biz
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
mgid.com
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://newsonline.biz/
Frame ID: 64D89FE227FD8BB8982278432AFB0366
Requests: 60 HTTP requests in this frame

Frame: https://bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39B4696008844C54311EFBCA1E9F1122
Requests: 1 HTTP requests in this frame

Frame: https://bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E60BABC4BA36601AEF2279E1D05A6FB8
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: F8DD545855E3679B2CACE5255C160312
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - GMT

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

60
Requests

85 %
HTTPS

100 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

2276 kB
Transfer

6969 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://doisongviet.net/wp-content/uploads/2024/10/GMT-272-x-90-px.png HTTP 301
  • https://newsonline.biz/wp-content/uploads/2024/10/GMT-272-x-90-px.png HTTP 301
  • https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
Request Chain 26
  • https://doisongviet.net/wp-content/uploads/2024/10/mobile_menu_bg.jpg HTTP 301
  • https://newsonline.biz/wp-content/uploads/2024/10/mobile_menu_bg.jpg HTTP 301
  • https://media.doisongviet.net/uploads/2024/10/mobile_menu_bg.jpg
Request Chain 54
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-44.jpg HTTP 301
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-44.jpg
Request Chain 56
  • https://newsonline.biz/favicon.ico HTTP 302
  • https://newsonline.biz/wp-includes/images/w-logo-blue-white-bg.png
Request Chain 57
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-43.jpg HTTP 301
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-43.jpg
Request Chain 60
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-42.jpg HTTP 301
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-42.jpg
Request Chain 61
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-41.jpg HTTP 301
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-41.jpg

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsonline.biz/ 		183 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
df306cdcd1361b9d6fd1c10c03a7a1eac0477daf74d39c19b780e68996546e18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f054d5eca04d223-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 11:58:20 GMT
link
<https://newsonline.biz/wp-json/>; rel="https://api.w.org/" <https://newsonline.biz/wp-json/wp/v2/pages/38>; rel="alternate"; title="JSON"; type="application/json" <https://newsonline.biz/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xiZ1tr15wUqSLmsut%2FByC%2BoAuXXJicx0KywdYcToEOETOk4IMMiw0UmsP%2Bc7IBRTgqOluG18tUet8BMBEJ0Kzjsaw3vrN%2FsogohEBYhUlaAJsVQ0bZc7BxsuazOl1y8hHefvTxq1AvU96WQpPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6409&min_rtt=6200&rtt_var=1200&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4239&recv_bytes=4473&delivery_rate=877&cwnd=12000&unsent_bytes=0&cid=5e2358d603ba22c7&ts=363&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by
PHP/8.0.28
style.css
newsonline.biz/wp-content/plugins/td-composer/td-multi-purpose/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=def8edc4e13d95bdf49953a9dce2f608
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-9828"
age
5463
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KX9Zdv%2FXAqperfaBIlCtlNssYCTuQN7ULySVFoqZQDxN0uBauXPlCUsj4kWsKlaeRpbQ8tQF83YnX9DWGxGzqOZp3235IZOBFA3AxMphI%2BNKrzvrz13xLnmlgWUEIbsWsdwb6RYfXQQ%2BlYpK4A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6257&min_rtt=6000&rtt_var=441&sent=25&recv=22&lost=0&retrans=0&sent_bytes=13951&recv_bytes=7092&delivery_rate=128642&cwnd=12000&unsent_bytes=0&cid=5e2358d603ba22c7&ts=421&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/css
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d612ff7d223-FRA
server
cloudflare
1adef45b-ea98-4a2c-b126-1540466f79bc
https://newsonline.biz/ Frame 		0
0
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d7a12f959b9a040bc5de3087bc4620621be703e426c411d289d92959d7bfcd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:58:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 11:58:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
newsonline.biz/wp-content/themes/Newspaper/ 		155 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/themes/Newspaper/style.css?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b82485edb800f0ea228c54dd7b2138e0fb824ce939cd34034f613bd93625710

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e4b-26b46"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ju8%2BC%2FADrSpir3mTFUv%2Fymvf%2FWHerATUDi7pfqCZUrvC1DLPrNGsH%2FkI8aOUItMrWjpTTss98CIeE9dI7K3jZaou8y4Q3ixt2lcF94tqJlTKPQISpJOkS5GJ4jzlB%2Fp%2FcLYkG7q4N4qS3IRVaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d612fffd223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6915&min_rtt=5953&rtt_var=678&sent=196&recv=78&lost=0&retrans=0&sent_bytes=190684&recv_bytes=11053&delivery_rate=7005277&cwnd=44400&unsent_bytes=0&cid=5e2358d603ba22c7&ts=913&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/css
last-modified
Fri, 04 Oct 2024 15:48:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
td_legacy_main.css
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		169 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=def8edc4e13d95bdf49953a9dce2f608
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-2a52f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3vjec7D7Bm29rYpF89zFuyyb%2BOrPdjwuyn9JzKIegvir3CaoWInoek8aLyRUNPfJQQiUVnmVwrvgFbq4v2kuyU%2F6igwzoeKuJ8PtR6Xli2jFmPwHv9aEcE%2FYUg8RyIBM2Rv07CsCUdhUxnesA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d612802d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7349&min_rtt=5953&rtt_var=2482&sent=98&recv=55&lost=0&retrans=0&sent_bytes=82628&recv_bytes=9139&delivery_rate=134178&cwnd=34800&unsent_bytes=0&cid=5e2358d603ba22c7&ts=591&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/css
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
td_standard_pack_main.css
newsonline.biz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		718 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=1b3d5bf2c64738aa07b4643e31257da9
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ae3217a2320983ff3aa0cd0665dc5c32d8ed32400dd17dc5e7b82c8422333b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6700cadd-b37f0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4EPE%2F6sNikZgJZa4qqn%2BS3g9U03WerG6colhrUEoOywxFaLTjbDjniHK%2FaLnsmP4hbH2%2BY1gCLWxFTqmpYUHqT51Y5nT0CraZ5Z2ukQyAjJ3sgfm0kXk2K9BlvM%2Bh2mzdO2x7nncdnRNLq1qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d612807d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6682&min_rtt=5953&rtt_var=487&sent=222&recv=82&lost=0&retrans=0&sent_bytes=221368&recv_bytes=11231&delivery_rate=251049&cwnd=44400&unsent_bytes=0&cid=5e2358d603ba22c7&ts=941&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/css
last-modified
Sat, 05 Oct 2024 05:13:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
tdb_main.css
newsonline.biz/wp-content/plugins/td-cloud-library/assets/css/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=b33652f2535d2f3812f59e306e26300d
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2143754326c96d8d845f202477e7749564794b31273e6ecc869d6f881be36213

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e79-bc79"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sewnqqvAqBbl1IRPF0d07GtnzgeeAHbELoBLljWxMyJ0r80QCXyu%2FwgD9TCPCTB6my8Owopd14D8pMazqbi5DXBfN1czxs9XIk2HDpBTKBiJUOZz8hGvW1rbnvUp1Pgw3X1KZYcZnvq5mfPecg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d61280ad223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7349&min_rtt=5953&rtt_var=2482&sent=87&recv=54&lost=0&retrans=0&sent_bytes=72086&recv_bytes=8817&delivery_rate=134178&cwnd=34800&unsent_bytes=0&cid=5e2358d603ba22c7&ts=585&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/css
last-modified
Fri, 04 Oct 2024 15:49:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
jquery.min.js
newsonline.biz/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64ecd5ef-15601"
age
5463
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwWpzfasRJ6A2YjLYyVu5rKC3jCYVlwWEmlLuHVEBYPS2I2X%2FBg7eknywWwUFJIf5to%2B5KvNf6MndCDLXIUsq0%2F6HdDV5I1L4ViITs2sXtyppr%2By%2BpzJ9Ejr%2BjyhxRUxCsjz%2B%2BnWXoFjxFRgGw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6257&min_rtt=6000&rtt_var=441&sent=31&recv=22&lost=0&retrans=0&sent_bytes=20364&recv_bytes=7092&delivery_rate=128642&cwnd=12000&unsent_bytes=0&cid=5e2358d603ba22c7&ts=424&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d61280bd223-FRA
server
cloudflare
jquery-migrate.min.js
newsonline.biz/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6482bd64-3509"
age
5463
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0q7QUNlkn0Jc%2FIy5agOnE%2BOKu7VIxwfKCk%2F%2F2AEskjFwDHYBLyuJBkNlcWjT4kAr5vHNgrRibX2xi6NtpRz2RSqamFvrKk61ud%2BxJieXts8KWDskHuOCEidbsQt1XbrbXJSCx%2BKM8ZS8DG9HiA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6257&min_rtt=6000&rtt_var=441&sent=37&recv=22&lost=0&retrans=0&sent_bytes=25951&recv_bytes=7092&delivery_rate=128642&cwnd=12000&unsent_bytes=0&cid=5e2358d603ba22c7&ts=426&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d61280cd223-FRA
server
cloudflare
989840.js
jsc.mgid.com/site/ 		505 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/site/989840.js
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d848cc17b04be60c57121111290c2aeaf2097d2df1e6226f06ba636d4b5663d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-cntry
content-encoding
gzip
cf-cache-status
HIT
etag
"5ffeee67ed532ba573ac0ed54f961cab"
x-amz-version-id
DckeNVL8HYBArAwoZ4MvUvg_QE8ntz5r
age
6201
expires
Wed, 11 Dec 2024 14:58:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/javascript
last-modified
Wed, 11 Dec 2024 10:13:36 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
hyWrj3DrqvDHAhfbd79yaVA2tYl3BqmGXHmTEF1wgLbuES8vo6w4utRYZGD6zyqcAVBKcBAdeDY=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=10800
x-cntry
DE
x-amz-request-id
N08GN364BEHJXTEK
cf-ray
8f054d64cb7537f5-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
127927
server
cloudflare
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-27Q9Z6GM34
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f36d3e7235b5eafc2efa8b38d41360b0f5ad010c18c485935873c6e723b1675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 11:58:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109881
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WQQS8Y7GT5
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bbe239f922c3a2458444f99e5c8ad045449263051e27adbd631cb61244d7925f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 11:58:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109884
x-xss-protection
0
server
Google Tag Manager
GMT-272-x-90-px.png
media.doisongviet.net/uploads/2024/10/
Redirect Chain
  • https://doisongviet.net/wp-content/uploads/2024/10/GMT-272-x-90-px.png
  • https://newsonline.biz/wp-content/uploads/2024/10/GMT-272-x-90-px.png
  • https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H2
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4170397ccf837c0b9829340f507239a2d0225ed0eacb13ab4ff4e3c17dd4b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"6700cc07-1662"
age
10816
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Re1wCQ5YfDoIf3s5O8p712JlzGzIxHZ1x9HlUIOZyN%2BgzbmEeoyfpdj3Mx7e4QylDGn4HHpp2YLpyz3AmA3O9A5aSC%2BWUDcdgKOY3CKQA8c4HWRa59hwTy61%2FJic1tvzGpQeb3dA4vXZSGSJCWZyyegBOgY%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 12 Dec 2024 18:50:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=5887&min_rtt=5855&rtt_var=955&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3989&recv_bytes=2350&delivery_rate=676515&cwnd=253&unsent_bytes=0&cid=4045e686c6278ce4&ts=24&x=0"
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
image/png
last-modified
Sat, 05 Oct 2024 05:17:59 GMT
vary
Accept-Encoding
cache-control
public, max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d622bdfdbf3-FRA
accept-ranges
bytes
content-length
5730
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
cf-cache-status
HIT
age
189
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8jUEl44CJY4RRKd8z2YGFa7sLmqS%2Bz6DgGCBcIYrt2%2FkOEe8%2BMdSP5VPRGQ2tOO%2Fcm1fnDrQNqMBQRPqwT6nswvq1YQ680P7HiiUNtg8yjRheHs7ANZ9NEz%2BoAxaGnKildM2RgD09BiH9MXkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d61c9bed223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8871&min_rtt=5995&rtt_var=5094&sent=76&recv=48&lost=0&retrans=0&sent_bytes=63364&recv_bytes=8542&delivery_rate=361328&cwnd=34800&unsent_bytes=0&cid=5e2358d603ba22c7&ts=520&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=2,i
email-decode.min.js
newsonline.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6751d1d7-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hazaBPFG0aTcdItDy8XiUnXJ4%2BFOw%2Br8Mlp3IF3PE99I8SPATanIXPvXeEMQMoVapxzKY1VBvp1Vs83h4lFZDuP6iVaDBhJN4KcVMcU434zvFnWOiOkN3evduSQbEtXkkOXYubnIT3WKbsgg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f054d623aa9d223-FRA
expires
Fri, 13 Dec 2024 11:58:20 GMT
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 16:16:23 GMT
server
cloudflare
vary
Accept-Encoding
tagdiv_theme.min.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		156 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-27170"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVPrny0eADcWjcQ386zK%2FWpY9B2cHlhyc4v8kUKN61LQkVnPHEhJFnnEi0RUm%2FcPDX1CVWwcqlCnrth%2BU2p%2BvK3yWq%2BCpHymSx7ivM%2FWGsJACvApx4YE4NsK8jCVcpG90MRFZRRkMgYDQvYfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d624ad1d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7021&min_rtt=5953&rtt_var=1279&sent=158&recv=73&lost=0&retrans=0&sent_bytes=146570&recv_bytes=10535&delivery_rate=484617&cwnd=44400&unsent_bytes=0&cid=5e2358d603ba22c7&ts=783&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
tdPostImages.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-991"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3a%2F6h1IibPaLNytaujGMbJ9BiGx3B%2BmnE8jH6KSajGJ6C3oq%2FBhSe5jpshHIKRpzCtZUIzZ5jQASRpXsP6%2Bxmr6FsHbRwnOevtzUheMJurfVcpAcsFrt69uJGXSJjXKYSi266goYAAYk3P7%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d624adcd223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6582&min_rtt=5953&rtt_var=135&sent=299&recv=99&lost=0&retrans=0&sent_bytes=305484&recv_bytes=14038&delivery_rate=332720&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1091&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
tdSocialSharing.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-a48"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLsRDuUDKH5dh6Pavc6GqcOPVkfxf%2FIoJ3h2BzLjZWOpQFUij2VeLz%2BrEbhPdBJi4zFysxAkUGq1wtbeuP5P7Wc%2B9WlAO2HnBtDbHI3Si18WbtiZWlxLGiOEXXOqk0yDWsGkUKNsrGzWJJsBjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d638e25d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6595&min_rtt=5953&rtt_var=256&sent=293&recv=95&lost=0&retrans=0&sent_bytes=301488&recv_bytes=13532&delivery_rate=7944680&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=988&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
tdModalPostImages.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-22bc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQJm1rvr5xUOiCt7kp2qEeJhvk%2Fgl3OUSIpCF13ac6Df%2F70wSv8AWknbEZ9jIGj05dH4YDr%2BIxymOYUJMkZHoyZ4VIqzuF%2F0Ih6AyZcY4owJ54aMu6Jw5lLhFIgjcYCMsJEQthn35X57upvjoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d64a906d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6538&min_rtt=5953&rtt_var=190&sent=301&recv=100&lost=0&retrans=0&sent_bytes=306910&recv_bytes=14083&delivery_rate=14078&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1144&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
comment-reply.min.js
newsonline.biz/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-includes/js/comment-reply.min.js?ver=6.7.1
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67350932-bd2"
age
5462
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFGnG%2B4GSvpd%2Bq%2BsTPbwxLntLr8Wo6dPWEkn3kkudc15e8BgT%2B3FMMVIi8SBZEr3a7bYxh%2FsHI56LQVCmijLJFy1P2fMwHVaxoiqV5ag5v%2FoCTwTcBio7smS%2FP0PCD4Jm86aV9xBVfeg99yB2A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6595&min_rtt=5953&rtt_var=256&sent=295&recv=95&lost=0&retrans=0&sent_bytes=303253&recv_bytes=13532&delivery_rate=7944680&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=990&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 20:16:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d64a912d223-FRA
server
cloudflare
js_files_for_front.min.js
newsonline.biz/wp-content/plugins/td-cloud-library/assets/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b33652f2535d2f3812f59e306e26300d
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d099103502b4063574eb2ba0dd2b8e3c0d6362c8036c337f5571a11716ef5781

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e79-742c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pf9jK3pgeqITRB6QBIOVPVZDxTB%2F07pFh9MejnkcbqCY6ekGgxN%2FoN0iQZ5VcyhxXkX9X9jWIVNwKcY42cqO7a79vrJ0aCPktKd3pRDQ6jEEWUT2X6Vt26GbIzdrZ3liUky5%2BkQ283SeRKvHZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d64a90ad223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6387&min_rtt=5953&rtt_var=322&sent=340&recv=107&lost=0&retrans=0&sent_bytes=348662&recv_bytes=14835&delivery_rate=3977&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1452&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:13 GMT
vary
Accept-Encoding
priority
u=2,i=?0
tdMenu.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdMenu.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-11b2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKnVbFr1Mac%2FDSpLiN%2FkHeH8hrgizw3Id6LGIB83FRMou6uJmE6e99bRZsY%2B6RaX09RaC8Plb8aUtovknt0w5MrAHtTU4pTi5nCmIwc3GBo8w0Nf8kIP%2B7tTKDcL0jmgBi49n%2BgFVhblIF5rBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d64a90cd223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6388&min_rtt=5953&rtt_var=243&sent=347&recv=108&lost=0&retrans=0&sent_bytes=356387&recv_bytes=14880&delivery_rate=978649&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1478&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
tdAjaxSearch.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-1801"
age
5462
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEn7dyvRAd0QusVT41vDVGRTBBbD7ZYWPTIKExepD8Ka2ANpuqQFroFtA3Ki1U64DAdkABe30yIaigrGtx8wfXlroT2TUUyrFgNxjL1c%2BWTfF6bvPEtfpoOoQn8dRkD%2FOyBi7NyIuAnnQenHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6595&min_rtt=5953&rtt_var=256&sent=290&recv=95&lost=0&retrans=0&sent_bytes=299084&recv_bytes=13532&delivery_rate=7944680&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=985&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:20 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d64a90ed223-FRA
server
cloudflare
tdSmartSidebar.js
newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.8
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52782ac293bb10b38779db0cb458edb581f2cd603d0aec4c30dd0ca6b6a9388b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67000e72-26ee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ikvEX0Px355npJdO7wEFBvIOAK54W5F9PU90x75hoVdvebPnLW0BUdZhaZzU%2BlNXNGkFsrEk0NH3oPN51Zr4G2TBw0%2F92E4nQCTCe0EfoQgo84ZTYyyWc3fCqcA3Q61PkRKVAz1Kf6jWJoSPWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d64a910d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6538&min_rtt=5953&rtt_var=190&sent=304&recv=100&lost=0&retrans=0&sent_bytes=309224&recv_bytes=14083&delivery_rate=14078&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1145&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript
last-modified
Fri, 04 Oct 2024 15:49:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
truncated
/ 		114 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed0e4b4604fb8e4f9098ee174009b27431bf69b82afe4ad2b907cb6fa03d9294

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		99 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20d5956cbfc7535eb22b3962b7abbb4c6ebe8de2ae72cabceae90179e0e84a24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
mobile_menu_bg.jpg
media.doisongviet.net/uploads/2024/10/
Redirect Chain
  • https://doisongviet.net/wp-content/uploads/2024/10/mobile_menu_bg.jpg
  • https://newsonline.biz/wp-content/uploads/2024/10/mobile_menu_bg.jpg
  • https://media.doisongviet.net/uploads/2024/10/mobile_menu_bg.jpg
165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doisongviet.net/uploads/2024/10/mobile_menu_bg.jpg
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H2
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c87276bcc396f8ec92ed3c66996a851f21f54ea926742f3edba94f4eb7fe39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"67001134-29342"
age
20983
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wpk53llZ7fLKbkP1DdVI80FEyMaA7PStnt%2BhoqKEjJepsx%2FvspVULIl%2FwLlLADTNG4HX1YUzSiYTo4s2xET1s8jhV8EPbMH0pxnyrdd5LS81BeSDJoCyY4qOzOqCJ0k2c2ye5c3VPV7e8hVyJHlE39ZSWNI%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 12 Dec 2024 21:03:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=5948&min_rtt=5855&rtt_var=392&sent=16&recv=16&lost=0&retrans=0&sent_bytes=10572&recv_bytes=2431&delivery_rate=1726637&cwnd=257&unsent_bytes=0&cid=4045e686c6278ce4&ts=820&x=0"
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
image/jpeg
last-modified
Fri, 04 Oct 2024 16:00:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d67280fdbf3-FRA
accept-ranges
bytes
content-length
168770
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
location
https://media.doisongviet.net/uploads/2024/10/mobile_menu_bg.jpg
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BasXr1dhAKq9L1sokoBsCdfT%2BOWvPB%2Fh0dMXpDoJwaD3X3qZUnQc%2BniC4JCe%2FqnEcR%2Bl0bSz%2FhTV2cmKX18XRFYL3aTn0NYgCrLBhYUlCQfpqSLISUdiI5bdxX0XoOzioFdtw%2FLBWnVrv%2BRuyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d65dc69d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6488&min_rtt=5953&rtt_var=254&sent=338&recv=105&lost=0&retrans=0&sent_bytes=347733&recv_bytes=14733&delivery_rate=3406526&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1360&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
newspaper.woff
newsonline.biz/wp-content/themes/Newspaper/images/icons/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/wp-content/themes/Newspaper/style.css?ver=12.6.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://newsonline.biz/wp-content/themes/Newspaper/style.css?ver=12.6.8

Response headers

cf-cache-status
HIT
etag
"67000e4b-8470"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVbOvY%2FfNLIPImZvByZ1LFtdGMplQ8FA4qOrslh9NZB1zadVGqm9Zpopex5PD0eIHnByzE%2FOsFV2qOuVzyYpNfJa6nYoKxFLreDCBnvjWoTwrcNimkH4I1EIvOqmeFG%2BX0n3ydSWg6UyvpiVgA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6594&min_rtt=5953&rtt_var=255&sent=308&recv=102&lost=0&retrans=0&sent_bytes=312344&recv_bytes=14601&delivery_rate=639958&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1166&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
font/woff
last-modified
Fri, 04 Oct 2024 15:48:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d64c969d223-FRA
accept-ranges
bytes
content-length
33904
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://fonts.googleapis.com/

Response headers

age
96722
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:06:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:06:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://fonts.googleapis.com/

Response headers

age
96243
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:14:17 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://fonts.googleapis.com/

Response headers

age
425449
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 13:47:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 13:47:31 GMT
last-modified
Wed, 31 Jan 2024 23:15:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
38372
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://fonts.googleapis.com/

Response headers

age
6434
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 10:11:06 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-27Q9Z6GM34&l=dataLayer&cx=c&gtm=45je4ca0v9196994927za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQQS8Y7GT5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b4cbb3a57038b31a1f0729c1c532cff9fdad9eeed59525c5eb7e1f79450916e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 11:58:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109802
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WQQS8Y7GT5&gtm=45je4ca0v9196994927za200&_p=1733918300899&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=988774620.1733918301&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733918301&sct=1&seg=0&dl=https%3A%2F%2Fnewsonline.biz%2F&dt=Home%20-%20GMT&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1117
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQQS8Y7GT5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newsonline.biz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-27Q9Z6GM34&gtm=45je4ca0v9196774250za200zb9196994927&_p=1733918300899&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=988774620.1733918301&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733918301&sct=1&seg=0&dl=https%3A%2F%2Fnewsonline.biz%2F&dt=Home%20-%20GMT&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1141
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27Q9Z6GM34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newsonline.biz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/plain
server
Golfe2
wp-emoji-release.min.js
newsonline.biz/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"667d6e6f-4926"
age
4984
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6m7wjJGH3fheCcssbJCN9xLjBkr5nPr72BRt2d%2BTlGZ%2Ba66%2Fkp%2FpMPRMlpWXyUum63H3gGHrsPRFNUbeVRkMIgaxqqS3%2BfqFn9Zz0Z7eYAtCB2PlA%2BVtFRekPTVznzE6rk88fajOk5JgW1OsA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6371&min_rtt=5953&rtt_var=216&sent=351&recv=110&lost=0&retrans=0&sent_bytes=358590&recv_bytes=15320&delivery_rate=259123&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=1500&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d67e9b0d223-FRA
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b2183b30479a3afbb387c2f7f62345dfcc8e6f37dcb8c080fc2cb7d6f888f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
etag
264 / 20068 / 31089265 / config-hash: 14732482054989088316
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:58:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34036
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3052636440995168
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbbc5875031300962bbf633fd044188ea6cb787f5889ad8eed7da48f2ffef83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://newsonline.biz/

Response headers

content-encoding
br
etag
11592711343940177800
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:58:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53676
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/ 		496 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
etag
2279107579115022503
age
34932
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 02:16:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 02:16:09 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157504
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3052636440995168&plah=newsonline.biz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3052636440995168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3543c82c00d4254180e2f9d71aba89643f6c74449dcfd0780446f4c1615a211a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
etag
16927790704986831207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:58:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147682
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
71246
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 16:10:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 10 Dec 2024 16:10:55 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
ads
pagead2.googlesyndication.com/gampad/ 		201 KB
54 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3042651800697763&correlator=1034351232553590&eid=31089342%2C31089348%2C31089265%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=23174336345%2Cnewsonline.biz%2Cnewsonline.biz_rewarded&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&fsfs=1&ists=1&fas=11&rbvs=1&sc=1&abxe=1&dt=1733918301521&lmt=1733918301&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnewsonline.biz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733918300302&idt=1201&adks=1362926053&frm=20&eoidce=1&td=1&egid=41114&tan=6e076f80-daf8-4de8-9201-3824817c848a&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
427cee184406c0f3c4604b0d6228ffa9ad03effca536b2ee77a3dbbd85cbbff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
br
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://newsonline.biz
content-length
54826
x-xss-protection
0
server
cafe
container.html
bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonline.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 11:58:21 GMT
expires
Wed, 11 Dec 2024 11:58:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-3052636440995168
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3052636440995168?href=https%3A%2F%2Fnewsonline.biz&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3052636440995168&plah=newsonline.biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5af82ad6cba572530debe898d65d5f088f6fd0e2df6a5332b8e78edd9c4a76bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q-z05fzBCKOrlfy90rAAFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_Fw3P3zdBebQMO2riNMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRgaWegbG8QVGAJoERds"
content-security-policy
script-src 'report-sample' 'nonce-q-z05fzBCKOrlfy90rAAFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXYajgw3b5GGfy0ADDo820h3iYEyIMwbbymbB9cTIZkJG8vo17AP_YwVte8MIU9i9w04NH7pdWpd4ZrggW4XU6pjwL1VPJ7FQrwQ65FTdOVBsHdvKsfbJKTmxsdZUWiFSt1M6Byvg==
fundingchoicesmessages.google.com/f/ 		1 MB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXYajgw3b5GGfy0ADDo820h3iYEyIMwbbymbB9cTIZkJG8vo17AP_YwVte8MIU9i9w04NH7pdWpd4ZrggW4XU6pjwL1VPJ7FQrwQ65FTdOVBsHdvKsfbJKTmxsdZUWiFSt1M6Byvg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTE4MzAxLDcyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXdzb25saW5lLmJpei8iLG51bGwsW1s4LCItQXVQSzd5Zm5wNCJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxxB1utYn2RmNB4-_Mlk5xCL6DPJw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f801531ef2cf9e9543b26a913800134cafda9b35a2b0af7f3636e0003059092d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-S6Fh0Xdp3P1iacav-jEXPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTDcffP011sAgu27Z_OrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGRgqWdgHF9gBAB9GkKh"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-S6Fh0Xdp3P1iacav-jEXPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
container.html
bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E60B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonline.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 11:58:21 GMT
expires
Wed, 11 Dec 2024 11:58:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMztIaxbkXhAUy7PLGTpntLzdVHYIw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:58:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 11:58:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
0d9IIJD03sn3gOJSgOr095N8LLfSqsIFbBGLQuNC1IM4WsRjNxFA2bFPL8Ncld1OACz6zYyQzdf6s2e6MB6zVIx-iienL66Nqww_dvxPf3Lo9aJc5IX_jA=h60
lh3.googleusercontent.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/0d9IIJD03sn3gOJSgOr095N8LLfSqsIFbBGLQuNC1IM4WsRjNxFA2bFPL8Ncld1OACz6zYyQzdf6s2e6MB6zVIx-iienL66Nqww_dvxPf3Lo9aJc5IX_jA=h60
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d4f91793007ab7aee863a5f7012f0f73f05df1160909985dee68312e132e95f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
6951
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 10:02:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 10:02:31 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1983
x-xss-protection
0
server
fife
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://newsonline.biz/

Response headers

age
112718
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 04:39:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 04:39:44 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: newsonline.biz
URL: https://newsonline.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://newsonline.biz/

Response headers

age
96243
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:14:17 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newsonline.biz
Referer
https://fonts.googleapis.com/

Response headers

age
159017
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
AGSKWxVbEBgLT5P6LTICIglSfZ4c0XrD9MyKrdU2qNs42ORiARfpDTSOHAASKJ3QFGhfBi198j_vYi0KzhmGJxrPTSnQcGsGjnyOOSs_B9392fEaVHGZ5n8mdQ20fj5pBLKZq5Nm5jopSw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbEBgLT5P6LTICIglSfZ4c0XrD9MyKrdU2qNs42ORiARfpDTSOHAASKJ3QFGhfBi198j_vYi0KzhmGJxrPTSnQcGsGjnyOOSs_B9392fEaVHGZ5n8mdQ20fj5pBLKZq5Nm5jopSw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxxB1utYn2RmNB4-_Mlk5xCL6DPJw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ESKYmh8EtHf10IqZE9R7yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://newsonline.biz/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj3p-nu9gEDmy8K6XkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDCz0DMzjCwwA-WArEA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ESKYmh8EtHf10IqZE9R7yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://newsonline.biz
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVbEBgLT5P6LTICIglSfZ4c0XrD9MyKrdU2qNs42ORiARfpDTSOHAASKJ3QFGhfBi198j_vYi0KzhmGJxrPTSnQcGsGjnyOOSs_B9392fEaVHGZ5n8mdQ20fj5pBLKZq5Nm5jopSw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbEBgLT5P6LTICIglSfZ4c0XrD9MyKrdU2qNs42ORiARfpDTSOHAASKJ3QFGhfBi198j_vYi0KzhmGJxrPTSnQcGsGjnyOOSs_B9392fEaVHGZ5n8mdQ20fj5pBLKZq5Nm5jopSw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxxB1utYn2RmNB4-_Mlk5xCL6DPJw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BcS5E-zkZCQd4pcNzNUzJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://newsonline.biz/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj3p-nu9gEGjadllRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGBhZ6BubxBQYA4WMqvQ"
content-security-policy
script-src 'report-sample' 'nonce-BcS5E-zkZCQd4pcNzNUzJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://newsonline.biz
content-length
0
x-xss-protection
0
server
ESF
FB1280x720-44.jpg
media.doisongviet.net/uploads/2024/12/
Redirect Chain
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-44.jpg
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-44.jpg
90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doisongviet.net/uploads/2024/12/FB1280x720-44.jpg
Protocol
H3
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b0e779e4615f394d4f18a68e5623b5e18c1800742b538768b4e05ead821fc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"6759731b-167e3"
age
2604
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CJXgqr4WAFzqAyDouHAwijp5aaAWCL94WFcqJCtx%2Fl%2BVTwtulHRt4wU%2FEZnYxhr9oHBJ2RSgouTXj%2F87JmMuSPO2CZ5siV42dnADiPLmxTMHtFQdJUtP7GUMNGXitwlxO%2FtOa9%2FULvtKRouzekIoV9Uohg%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 11:10:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6317&min_rtt=6193&rtt_var=1209&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4297&recv_bytes=4441&delivery_rate=873&cwnd=12000&unsent_bytes=0&cid=3f58fe86d2d1ed1b&ts=785&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
image/jpeg
last-modified
Wed, 11 Dec 2024 11:10:19 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d6bfe0bd2c7-FRA
accept-ranges
bytes
content-length
92131
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://media.doisongviet.net/uploads/2024/12/FB1280x720-44.jpg
cf-cache-status
HIT
age
1150
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ul7%2B2fk1LaK7kE7ZlJdl0bq%2FhXKO3q2uB8SU8CAdxEbd30Q6odlom9uThKfNzfRoKJlIu60TJy9V7YMsQDWR%2BK1%2Fk4zIRipG0g5J8Blr9DFMts1nxVrDcyvR81z8KqzzgKhjz6xBQ1Tzbs2%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d6bdc49d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6395&min_rtt=5953&rtt_var=209&sent=359&recv=113&lost=0&retrans=0&sent_bytes=364786&recv_bytes=16410&delivery_rate=361476&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=2131&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca44d4057a24b15f9bee4f6daa9cf648b4cdb9fe21c9e70be7a8d043c7c8289d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13232
date
Wed, 11 Dec 2024 11:58:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
w-logo-blue-white-bg.png
newsonline.biz/wp-includes/images/
Redirect Chain
  • https://newsonline.biz/favicon.ico
  • https://newsonline.biz/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newsonline.biz/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
2606:4700:3032::6815:17f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"6192f571-1017"
age
5077
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKwmwrueNJoKf9OvIuHfAeWY%2FT8vGoCJO2oiea%2B5tQbS1lv%2B5XMtf1yxjJU%2B%2BN2fvgbceK%2Bx5aUCnXGaFvZidNvQpZ7hlS6Ns6mM0fzWyWnfslB%2BaaxsVe5Uyu5ELVPYTOIC51MXVRZk9Spt3w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6846&min_rtt=5953&rtt_var=888&sent=370&recv=124&lost=0&retrans=0&sent_bytes=368478&recv_bytes=18886&delivery_rate=6895&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=2401&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
image/png
last-modified
Tue, 16 Nov 2021 00:04:01 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d6d8868d223-FRA
accept-ranges
bytes
content-length
4119
server
cloudflare

Redirect headers

x-redirect-by
WordPress
link
<https://newsonline.biz/wp-json/>; rel="https://api.w.org/"
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://newsonline.biz/wp-includes/images/w-logo-blue-white-bg.png
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVuYuH3ty0PLntogXKzX1HVKLIPdZi8plLbE9kgt2WIhZ4IQM7NKzJXjMoOANEp%2B2GWG6njUfM8D1vgW0RyP2oLfpZVPOz5pTfc%2F%2BIAGdIfL2L4Sq8q8eSgDvpzw%2B1g%2F8Wiq36VBAhu4cHV1nA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d6bdc59d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6882&min_rtt=5953&rtt_var=1089&sent=368&recv=122&lost=0&retrans=0&sent_bytes=367640&recv_bytes=18303&delivery_rate=3777&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=2382&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.0.28
vary
Accept-Encoding
priority
u=1,i
FB1280x720-43.jpg
media.doisongviet.net/uploads/2024/12/
Redirect Chain
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-43.jpg
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-43.jpg
172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doisongviet.net/uploads/2024/12/FB1280x720-43.jpg
Protocol
H3
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6eb140bd5e6fa97a774993a74594ff3093b535b42233d9a7df5b45992366769

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"67597194-2b16e"
age
2604
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EtfjfGNdk%2BqHzt%2FY%2FccSP%2BMXHRAUK6kRrtV70wFdol3BWNSIDU4TzW8D0Tn0hEAfepn1T4rstZZdAssH81TE1zOPGGh%2Ffp4Tn5A13tXXrh4B%2BB8EnwdvTdf5cJL5DrSFaxOBOBUdcTZc1AvfYkf2VubYCmE%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 11:03:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6516&min_rtt=6193&rtt_var=517&sent=44&recv=17&lost=0&retrans=0&sent_bytes=40321&recv_bytes=5009&delivery_rate=742292&cwnd=24000&unsent_bytes=0&cid=3f58fe86d2d1ed1b&ts=797&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
image/jpeg
last-modified
Wed, 11 Dec 2024 11:03:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d6c0e40d2c7-FRA
accept-ranges
bytes
content-length
176494
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://media.doisongviet.net/uploads/2024/12/FB1280x720-43.jpg
cf-cache-status
HIT
age
1150
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvOOv0RILguvIKkvo2wK2vwYIkIPPcuM074jPVPqXn1bMJyyIvAGxjBMzCDOMcEQtfRPbz%2FboWbeeMjMbCki%2BpU6f3yR4hXjmU595UN0oyS7%2Fgx%2BSgbonO8H6RaGRXOo9zQ9AbSJPbYAzO%2FYAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d6bfc93d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6377&min_rtt=5953&rtt_var=279&sent=362&recv=116&lost=0&retrans=0&sent_bytes=365738&recv_bytes=17042&delivery_rate=3723&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=2150&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 11:58:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame F8DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonline.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 11:13:41 GMT
expires
Wed, 11 Dec 2024 12:03:41 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FB1280x720-42.jpg
media.doisongviet.net/uploads/2024/12/
Redirect Chain
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-42.jpg
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-42.jpg
115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doisongviet.net/uploads/2024/12/FB1280x720-42.jpg
Protocol
H3
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0934cc753bf6c6914bb38946eecdf2c89e0561ef0f1517f6ba82a807172c1e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"67596eff-1cb2c"
age
2604
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDVJ24F%2B%2BmlKLUwLq26wGgbqdXJDa5RhcQ9f3o7FeiLYjHrnU392fc88BTkjbtyAFOCLXUxfzZfevBCI943xzDlbmpQQ27KkU4cD5RpeznCVs1h40q44x2uOzIkYdqzKDWk1dPD6Rf9vm8hcWZJpIyG8RoY%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 10:55:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6506&min_rtt=6025&rtt_var=175&sent=248&recv=74&lost=0&retrans=0&sent_bytes=280556&recv_bytes=7845&delivery_rate=19426613&cwnd=146400&unsent_bytes=0&cid=3f58fe86d2d1ed1b&ts=888&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
image/jpeg
last-modified
Wed, 11 Dec 2024 10:52:47 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d6c9fa9d2c7-FRA
accept-ranges
bytes
content-length
117548
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://media.doisongviet.net/uploads/2024/12/FB1280x720-42.jpg
cf-cache-status
HIT
age
1150
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2nNdztEUf0TYbH7BdYwjeprrHS6vMWdPUUuBmtoF%2BPnjvjMcc7yCVoXejp78jV44BVcoCReOdUE29mjmdET40BnaVc%2BVV%2Bgw0%2F9OsQxmEYTHtJqs2kNQ5cvrPV3TsFbGOf185tSQ9RnvqoNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d6c8df3d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6789&min_rtt=5953&rtt_var=1011&sent=365&recv=119&lost=0&retrans=0&sent_bytes=366691&recv_bytes=17672&delivery_rate=3185&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=2241&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
FB1280x720-41.jpg
media.doisongviet.net/uploads/2024/12/
Redirect Chain
  • https://newsonline.biz/wp-content/uploads/2024/12/FB1280x720-41.jpg
  • https://media.doisongviet.net/uploads/2024/12/FB1280x720-41.jpg
95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.doisongviet.net/uploads/2024/12/FB1280x720-41.jpg
Protocol
H3
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2474ce6213f12c1fc5ccb81a25cc1ccf8d76ad55677e1410d31385962eed713f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://newsonline.biz/

Response headers

cf-cache-status
HIT
etag
"67596cb7-17d70"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zudpGharfgjLq%2Fe%2B7bRzIELQimgI6MouxyUx%2BuG%2BacuWwvTEXieFHIWZXD82eSVtfMd5AElO0w7PS18%2FY4zl1aeFBI9QckS7j1yxQ2jxtkdbKCLBykqvM5%2FCiQ%2Flu9cn1CoyWeh3xRpot%2FJ1VXhsY5KNxNY%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 10:43:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7196&min_rtt=6025&rtt_var=420&sent=350&recv=86&lost=0&retrans=0&sent_bytes=401474&recv_bytes=8688&delivery_rate=7794567&cwnd=146400&unsent_bytes=0&cid=3f58fe86d2d1ed1b&ts=1262&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
image/jpeg
last-modified
Wed, 11 Dec 2024 10:43:03 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f054d6dda72d2c7-FRA
accept-ranges
bytes
content-length
97648
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
location
https://media.doisongviet.net/uploads/2024/12/FB1280x720-41.jpg
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4s%2BrIKyy4jww5fdXWUUzJLHGrW%2FIhOUnr6r82ZOnx%2BSer2AE1iOJ7ODNfpfPe6cOFCZfFENMyrrrv2BYaRn3I6wV84GMSpih3yv4vPU6A7aEktFTKlGcmXIqwOdz8cn5NakoGiXnwjOHc0cbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f054d6cce91d223-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6766&min_rtt=5953&rtt_var=828&sent=375&recv=125&lost=0&retrans=0&sent_bytes=373415&recv_bytes=18931&delivery_rate=279207&cwnd=67200&unsent_bytes=0&cid=5e2358d603ba22c7&ts=2440&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 11:58:22 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
newsonline.biz
URL
blob:https://newsonline.biz/1adef45b-ea98-4a2c-b126-1540466f79bc
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412050101&jk=3042651800697763&bg=!Tk2lTQLNAAbFeMsx5Xg7ADQBe5WfOOU2wtmNlJFlTwGqxkpFuioqu3a7FHx_2vhDf5oOue7XQeAoszTGNKv6lCcSlXuaAgAAACJSAAAAAmgBB34ANlYwqykyaqw2lJs_sIObC4BE03IuDUox3R6gPFc9ZZIJOw0ifOY2rIhKpm_zVW8CsLFl-PC3QJkClceEm3TLGF9xLomhIVF75lOQnRwKWzQW84yEpCEGeQrPc6TN3dOP04maaZ_nCIz2EJ5jKuNL4HcR4Wu62Vw2n2chSixshSnsgEK6TNB6vm_VJ1ekfqGHrHchvwXylPWBm6ZayrGzPXMEg981bNRO9M8zhl29Q0yok9uz4-olCsIKhdNzLWojMvezs83kDiBknRz7aImBKc2KLcpInLjeYzFJLaVCXJzglGE-70xdg8XYsX5q21nY7WaxW5CMQH5_hSjNIaDeh63IjMZ1me2zy30GTLKDyA2DGn9PRrc0ihWHyT08CTfp52bs1IUQNyKTejpRetdI3amitypDuQHVgBly6V0SdDLnDCAFApB2rAIfiS1fvHEXYhvplMexCdY-WcGVIeiFBWrt_L5n6UFsl4mupQkNrr75aXZ_lWWhe_mtVUTSFuSLUzEuYUw7ibKyzXMHFYu8jrS6a5KxGJ_8LRP5h1V2zayTvoz7vIMylQn9A6S4cp7H5wqoSSMeSkDxhSdL8_S_8IZOARfSJToIA6KthDyi95hiiuBH-LV90JcWPTBriy3ERRUdjYb1PFnPBIkOxKZC-HY4wg9FIDh0qiUS0szIePgFr8FDqzIfdJKJKDZagWT3Fam_T3QszCjKhgApJvEBTMCFHSb-foTw2pWxYKYOKD_aZFl3dHnHFseQgGFjrg09x_4wvH2sbOnUtgeTYs_ck08mK-H0SnFIPEgVwezXSOi6dUwnFIrppsz_5NFZXa2ccjxU8VqjHRWVlYYGGbXWNk93-IyMKZi9tjmcOBvkbKv1R3IbjiChabwMKi-1C4xOS2VFLDWC6KNHjS0H14Z17Rawp2hoPm3cbbiu7I99cOFKgjst44KehwcqvKaIixQ

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| _wpemojiSettings function| jQuery object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_theme_color_site_wide string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdMobileMenu string| tdMobileSearch object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_deploy_mode function| gtag object| dataLayer object| block_tdi_15 object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_delete_site_cookie function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdBlocks object| td_history object| tdHeader object| tdCustomEvents object| tdEvents object| tdPullDown object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdConfirm function| onYouTubeIframeAPIReady object| google_tag_manager object| google_tag_data object| _mgc string| _mgSingleJS989840 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| gaGlobal object| tdSocialSharing function| tdModalImage object| addComment object| tdcPostSettings function| tdbGetMobileTemplates object| tdMenu object| tdAjaxSearch object| tdSmartSidebar object| td_res_context_registered_atts function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| m function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| da function| ia function| b64e function| b64d object| ai_front object| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_run_192187960171 boolean| ai_js_code function| ai_document_write string| selector_string object| googletag object| adsbygoogle object| twemoji object| wp object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTEzZDUxNzdjNmJlZTBkOGxvYWRlcl9qcw== string| MTEzZDUxNzdjNmJlZTBkOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

5 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: 3jQ1B.9EIXmkZJtB.Ppctp6X9jvw1crHeNrr.I8JsFA-1733918300-1.0.1.1-323kjo2tRHiw3cZv5u_VSsA28E7CXecRVN227xuJshVuHTKiQ56PDGlgOaXLcLysy2crVrzi.Vyo9YRiQ8T85g
.newsonline.biz/ Name: _ga_WQQS8Y7GT5
Value: GS1.1.1733918301.1.0.1733918301.0.0.0
.newsonline.biz/ Name: _ga
Value: GA1.1.988774620.1733918301
.newsonline.biz/ Name: _ga_27Q9Z6GM34
Value: GS1.1.1733918301.1.0.1733918301.0.0.0
.newsonline.biz/ Name: __eoi
Value: ID=b311c1a5e599f8fc:T=1733918301:RT=1733918301:S=AA-AfjY47KvjxQ3nrWcIS3lSsDEq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdcf0217ec095d8cb079f22320213d8c.safeframe.googlesyndication.com
doisongviet.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
jsc.mgid.com
lh3.googleusercontent.com
media.doisongviet.net
newsonline.biz
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
www.googletagmanager.com
ep1.adtrafficquality.google
newsonline.biz
2001:4860:4802:34::36
2606:4700:1::6813:854c
2606:4700:20::ac43:47b6
2606:4700:3032::6815:17f5
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200e
010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0b82485edb800f0ea228c54dd7b2138e0fb824ce939cd34034f613bd93625710
16b2183b30479a3afbb387c2f7f62345dfcc8e6f37dcb8c080fc2cb7d6f888f9
20d5956cbfc7535eb22b3962b7abbb4c6ebe8de2ae72cabceae90179e0e84a24
2143754326c96d8d845f202477e7749564794b31273e6ecc869d6f881be36213
2474ce6213f12c1fc5ccb81a25cc1ccf8d76ad55677e1410d31385962eed713f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3543c82c00d4254180e2f9d71aba89643f6c74449dcfd0780446f4c1615a211a
35ae3217a2320983ff3aa0cd0665dc5c32d8ed32400dd17dc5e7b82c8422333b
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d7a12f959b9a040bc5de3087bc4620621be703e426c411d289d92959d7bfcd3
3d848cc17b04be60c57121111290c2aeaf2097d2df1e6226f06ba636d4b5663d
3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
427cee184406c0f3c4604b0d6228ffa9ad03effca536b2ee77a3dbbd85cbbff4
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52782ac293bb10b38779db0cb458edb581f2cd603d0aec4c30dd0ca6b6a9388b
5af82ad6cba572530debe898d65d5f088f6fd0e2df6a5332b8e78edd9c4a76bb
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6
7f36d3e7235b5eafc2efa8b38d41360b0f5ad010c18c485935873c6e723b1675
7f4170397ccf837c0b9829340f507239a2d0225ed0eacb13ab4ff4e3c17dd4b5
82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27
9b4cbb3a57038b31a1f0729c1c532cff9fdad9eeed59525c5eb7e1f79450916e
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf
bbe239f922c3a2458444f99e5c8ad045449263051e27adbd631cb61244d7925f
ca44d4057a24b15f9bee4f6daa9cf648b4cdb9fe21c9e70be7a8d043c7c8289d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cbbc5875031300962bbf633fd044188ea6cb787f5889ad8eed7da48f2ffef83d
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85
d0934cc753bf6c6914bb38946eecdf2c89e0561ef0f1517f6ba82a807172c1e8
d099103502b4063574eb2ba0dd2b8e3c0d6362c8036c337f5571a11716ef5781
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d4f91793007ab7aee863a5f7012f0f73f05df1160909985dee68312e132e95f5
d6c87276bcc396f8ec92ed3c66996a851f21f54ea926742f3edba94f4eb7fe39
d8b0e779e4615f394d4f18a68e5623b5e18c1800742b538768b4e05ead821fc2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
df306cdcd1361b9d6fd1c10c03a7a1eac0477daf74d39c19b780e68996546e18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eb140bd5e6fa97a774993a74594ff3093b535b42233d9a7df5b45992366769
ed0e4b4604fb8e4f9098ee174009b27431bf69b82afe4ad2b907cb6fa03d9294
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094
f801531ef2cf9e9543b26a913800134cafda9b35a2b0af7f3636e0003059092d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99