venews.biz Open in urlscan Pro
128.199.156.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dua-tin.com/
Effective URL:
https://venews.biz/
Submission Tags: falconsandbox
Submission: On December 13 via api (December 13th 2024, 12:03:44 am UTC) from US — Scanned from NL

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 69 HTTP transactions. The main IP is 128.199.156.53, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is venews.biz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 12th 2024. Valid for: a year.

This is the only time venews.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 28	128.199.156.53 128.199.156.53	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
3	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	104.19.129.76 104.19.129.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.26.12.137 104.26.12.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	172.67.214.181 172.67.214.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.67.71.182 172.67.71.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
5	212.124.124.115 212.124.124.115	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	222.255.217.230 222.255.217.230	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
4	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	221.132.35.182 221.132.35.182	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
69	13

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dua-tin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 128.199.156.53 (Singapore, Singapore) 8 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

venews.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.129.76 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.12.137 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

doisongviet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.214.181 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

newsonline.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.71.182 (United States)

ASN13335 (CLOUDFLARENET, US)

media.doisongviet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mediavn.doisongviet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.124.124.115 (Reston, United States)

ASN47328 (TRI-AS DigitalOne AG, CH)

aj1559.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 222.255.217.230 (Ho Chi Minh City, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

ss.yomedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 221.132.35.182 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

delivery.yomedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	venews.biz 8 redirects venews.biz	2 MB
17	gstatic.com fonts.gstatic.com	292 KB
11	doisongviet.net 2 redirects doisongviet.net media.doisongviet.net mediavn.doisongviet.net	1 MB
5	aj1559.online aj1559.online — Cisco Umbrella Rank: 59652	41 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	129 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	209 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	309 KB
2	yomedia.vn ss.yomedia.vn — Cisco Umbrella Rank: 81576 delivery.yomedia.vn — Cisco Umbrella Rank: 81455	22 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	newsonline.biz 2 redirects newsonline.biz	729 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	8 KB
1	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9340	117 KB
1	dua-tin.com 1 redirects dua-tin.com	713 B
69	13

	Domain	Requested by
28	venews.biz	8 redirects venews.biz
17	fonts.gstatic.com	fonts.googleapis.com
7	mediavn.doisongviet.net
5	aj1559.online	venews.biz aj1559.online
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	aj1559.online securepubads.g.doubleclick.net
3	www.googletagmanager.com	venews.biz www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	media.doisongviet.net	venews.biz
2	newsonline.biz	2 redirects
2	doisongviet.net	2 redirects
2	fonts.googleapis.com	venews.biz
1	delivery.yomedia.vn	ss.yomedia.vn
1	ss.yomedia.vn	aj1559.online
1	jsc.mgid.com	venews.biz
1	dua-tin.com	1 redirects
69	16

This site contains no links.

Subject Issuer	Validity	Valid
*.venews.biz Sectigo RSA Domain Validation Secure Server CA	`2024-08-12` - `2025-08-12`	a year	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
mgid.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
aj1559.online R11	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.yomedia.vn Go Daddy Secure Certificate Authority - G2	`2024-09-25` - `2025-10-27`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://venews.biz/
Frame ID: 4EFABAEC45F71B49E1E10C7B2188FDC5
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - VeNews.biz

Page URL History Show full URLs

https://dua-tin.com/ HTTP 301
https://venews.biz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

69
Requests

84 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

13
IPs

5
Countries

3967 kB
Transfer

6000 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dua-tin.com/ HTTP 301
https://venews.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://doisongviet.net/wp-content/uploads/2024/10/GMT-272-x-90-px.png HTTP 301
https://newsonline.biz/wp-content/uploads/2024/10/GMT-272-x-90-px.png HTTP 301
https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png

Request Chain 22

https://doisongviet.net/wp-content/uploads/2024/10/GMT-272-x-90-px.png HTTP 301
https://newsonline.biz/wp-content/uploads/2024/10/GMT-272-x-90-px.png HTTP 301
https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png

Request Chain 45

https://venews.biz/wp-content/uploads/2024/12/July-15-Saturday-10-11-AM-37.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-37.jpg

Request Chain 46

https://venews.biz/favicon.ico HTTP 302
https://venews.biz/wp-includes/images/w-logo-blue-white-bg.png

Request Chain 47

https://venews.biz/wp-content/uploads/2024/12/July-15-Saturday-10-11-AM-36.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-36.jpg

Request Chain 48

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-12-at-22.27.58.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.27.58.jpg

Request Chain 49

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-12-at-22.28.52.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.28.52.jpg

Request Chain 50

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-13-at-00.39.01.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-13-at-00.39.01.jpg

Request Chain 52

https://venews.biz/wp-content/uploads/2024/12/467016078_122134081184374710_2822075645907783361_n.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/467016078_122134081184374710_2822075645907783361_n.jpg

Request Chain 53

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-12-at-22.30.56.jpg HTTP 301
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.30.56.jpg

69 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
venews.biz/
Redirect Chain

https://dua-tin.com/
https://venews.biz/

148 KB
149 KB

1570ms
596ms

Document
text/html

128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/8.0.28
Resource Hash: f7da6d200bd347de5adfdccfa4a62e9803fbe0887efb9a663e4e0491b3b1659b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Dec 2024 00:03:35 GMT
Link: <https://venews.biz/wp-json/>; rel="https://api.w.org/" <https://venews.biz/wp-json/wp/v2/pages/7>; rel="alternate"; title="JSON"; type="application/json" <https://venews.biz/>; rel=shortlink
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.28

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f11b1194e1bfb7f-AMS
content-type: text/html; charset=UTF-8
date: Fri, 13 Dec 2024 00:03:34 GMT
location: https://venews.biz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVznBxFoSKwL5F5WIlTfbFbQV7GKx7l%2BKbF3VeiCS4o%2Bhu%2FhDXG4JymUgeLRcABMw3aosgsRqyOrmEqgKTX0PwXc9nFl%2FMjLQBuWZAEeXiyYosYbPRE6NIHyR72KLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15032&min_rtt=14866&rtt_var=2641&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4185&recv_bytes=4483&delivery_rate=686&cwnd=12000&unsent_bytes=0&cid=1796419b6077f83e&ts=592&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by: PHP/8.0.28
x-redirect-by: WordPress

GET
H/1.1 200
OK style.css
venews.biz/wp-content/plugins/td-composer/td-multi-purpose/ 38 KB
38 KB 491ms
179ms Stylesheet
text/css 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=def8edc4e13d95bdf49953a9dce2f608
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-9828"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38952
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 90ms
39ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Requested by

Host: venews.biz
URL: https://venews.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

3d7a12f959b9a040bc5de3087bc4620621be703e426c411d289d92959d7bfcd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 00:03:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:36 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 00:03:36 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK style.css
venews.biz/wp-content/themes/Newspaper/ 155 KB
155 KB 875ms
531ms Stylesheet
text/css 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/themes/Newspaper/style.css?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b82485edb800f0ea228c54dd7b2138e0fb824ce939cd34034f613bd93625710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e4b-26b46"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158534
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2024 15:48:27 GMT
Server: nginx

GET
H/1.1 200
OK td_legacy_main.css
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 169 KB
170 KB 901ms
547ms Stylesheet
text/css 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=def8edc4e13d95bdf49953a9dce2f608
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-2a52f"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 173359
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK td_standard_pack_main.css
venews.biz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 718 KB
718 KB 899ms
545ms Stylesheet
text/css 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=1b3d5bf2c64738aa07b4643e31257da9
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 35ae3217a2320983ff3aa0cd0665dc5c32d8ed32400dd17dc5e7b82c8422333b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "6700cadd-b37f0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 735216
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Oct 2024 05:13:01 GMT
Server: nginx

GET
H/1.1 200
OK tdb_main.css
venews.biz/wp-content/plugins/td-cloud-library/assets/css/ 47 KB
47 KB 906ms
551ms Stylesheet
text/css 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=b33652f2535d2f3812f59e306e26300d
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2143754326c96d8d845f202477e7749564794b31273e6ecc869d6f881be36213

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e79-bc79"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48249
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2024 15:49:13 GMT
Server: nginx

GET
H/1.1 200
OK jquery.min.js Show response
venews.biz/wp-includes/js/jquery/ 86 KB
86 KB 728ms
359ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "64ecd5ef-15601"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87553
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: application/javascript
Last-Modified: Mon, 28 Aug 2023 17:14:23 GMT
Server: nginx

GET
H/1.1 200
OK jquery-migrate.min.js Show response
venews.biz/wp-includes/js/jquery/ 13 KB
14 KB 719ms
216ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "6482bd64-3509"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13577
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: application/javascript
Last-Modified: Fri, 09 Jun 2023 05:49:24 GMT
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
95 KB 105ms
47ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BY11VY6CMT

Requested by

Host: venews.biz
URL: https://venews.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1574e2083c944ac3c14c1589fb65b925cc20b55f7b2608dcb09c412867e21de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 13 Dec 2024 00:03:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96219
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 126ms
69ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4EX79RT0SX

Requested by

Host: venews.biz
URL: https://venews.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

040479f707ff285878a862c179ff64fc58748811cfcb285addd2fee2017f4cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 13 Dec 2024 00:03:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109848
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 954743.js Show response
jsc.mgid.com/site/ 426 KB
117 KB 78ms
47ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/site/954743.js

Requested by

Host: venews.biz
URL: https://venews.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ba157b5abd8b9fb95635fe4f3ba8853219c939e9aab77224ff58ae38d4ee7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-cntry
content-encoding: gzip
cf-cache-status: HIT
etag: "afe84010d9abf7e1a8fcc04e257108d1"
x-amz-version-id: 4hHKnSEEiMJooiNwJlOEY16w.nGM6OPS
expires: Fri, 13 Dec 2024 03:03:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 00:03:37 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 07:02:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: ozc1gZ29TFZzJBpY3AUFKKC18XbXOtp/wR67FpDy6T/80E6ISPWUEL4QJDMU9G1niGMWeTsvSr4=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=10800
x-cntry: NL
x-amz-request-id: N8X6Z1YFK34GM6XF
cf-ray: 8f11b131f98f66de-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119105
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3

200

GMT-272-x-90-px.png
media.doisongviet.net/uploads/2024/10/
Redirect Chain

https://doisongviet.net/wp-content/uploads/2024/10/GMT-272-x-90-px.png
https://newsonline.biz/wp-content/uploads/2024/10/GMT-272-x-90-px.png
https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png

6 KB
6 KB

156ms
30ms

Image
image/png

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4170397ccf837c0b9829340f507239a2d0225ed0eacb13ab4ff4e3c17dd4b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "6700cc07-1662"
age: 161734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvGavZsTNZjuxaASLhxI%2BJc%2F5ZJCNMNKLMKFGwG0PcEJ0MZj6lav7%2FBE248UUYKYyvLMHNBHZC7UiEPWTZVrvaD8ehA1VCb3dsanzhlk2ct3noN35vSUdLTp8bcfp0PrCumS0mJW69E%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 12 Dec 2024 18:50:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14969&min_rtt=14849&rtt_var=5654&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4123&recv_bytes=4328&delivery_rate=186409&cwnd=12000&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=31&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:36 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 05:17:59 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b128bb8f9709-AMS
accept-ranges: bytes
content-length: 5730
server: cloudflare

Redirect headers

cache-control: max-age=14400
location: https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
cf-cache-status: HIT
age: 601
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gfoIAIVcodMU1g%2FW5eO34gDmL%2FzAQSmcdgY39ewQz9wp3n8%2F1TOB%2BLEP2LYaxb39%2Fb9DNevVpPgfi4BLTsfLLJ%2BbVUYEEc7Cf6hwCakI8YWeLvEj9y1f7Fh8xYAU19%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f11b127bbbe669a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16725&min_rtt=16623&rtt_var=6306&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4128&recv_bytes=4336&delivery_rate=171880&cwnd=12000&unsent_bytes=0&cid=7e3ab88115deed0f&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:36 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=2,i

GET cf01bd34-9539-41f6-9a3a-6956c552cc5c
https://venews.biz/ 0
0

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 156 KB
157 KB 182ms
181ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-27170"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160112
Date: Fri, 13 Dec 2024 00:03:36 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK tdPostImages.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 2 KB
3 KB 186ms
185ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-991"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2449
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK tdSocialSharing.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 3 KB
3 KB 233ms
233ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-a48"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2632
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK tdModalPostImages.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 9 KB
9 KB 200ms
200ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-22bc"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8892
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK comment-reply.min.js Show response
venews.biz/wp-includes/js/ 3 KB
3 KB 181ms
181ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-includes/js/comment-reply.min.js?ver=6.7.1
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67350932-bd2"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3026
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Wed, 13 Nov 2024 20:16:50 GMT
Server: nginx

GET
H/1.1 200
OK js_files_for_front.min.js Show response
venews.biz/wp-content/plugins/td-cloud-library/assets/js/ 29 KB
29 KB 179ms
179ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b33652f2535d2f3812f59e306e26300d
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d099103502b4063574eb2ba0dd2b8e3c0d6362c8036c337f5571a11716ef5781

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e79-742c"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29740
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:13 GMT
Server: nginx

GET
H/1.1 200
OK tdMenu.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 4 KB
5 KB 199ms
199ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdMenu.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-11b2"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4530
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK tdAjaxSearch.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 6 KB
6 KB 193ms
193ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-1801"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6145
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H/1.1 200
OK tdSmartSidebar.js Show response
venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 10 KB
10 KB 199ms
199ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.8
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 52782ac293bb10b38779db0cb458edb581f2cd603d0aec4c30dd0ca6b6a9388b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "67000e72-26ee"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9966
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Fri, 04 Oct 2024 15:49:06 GMT
Server: nginx

GET
H3

200

GMT-272-x-90-px.png
media.doisongviet.net/uploads/2024/10/
Redirect Chain

https://doisongviet.net/wp-content/uploads/2024/10/GMT-272-x-90-px.png
https://newsonline.biz/wp-content/uploads/2024/10/GMT-272-x-90-px.png
https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png

6 KB
0

0ms
0ms

Image
image/png

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4170397ccf837c0b9829340f507239a2d0225ed0eacb13ab4ff4e3c17dd4b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "6700cc07-1662"
age: 161734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvGavZsTNZjuxaASLhxI%2BJc%2F5ZJCNMNKLMKFGwG0PcEJ0MZj6lav7%2FBE248UUYKYyvLMHNBHZC7UiEPWTZVrvaD8ehA1VCb3dsanzhlk2ct3noN35vSUdLTp8bcfp0PrCumS0mJW69E%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 12 Dec 2024 18:50:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14969&min_rtt=14849&rtt_var=5654&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4123&recv_bytes=4328&delivery_rate=186409&cwnd=12000&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=31&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:36 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 05:17:59 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b128bb8f9709-AMS
accept-ranges: bytes
content-length: 5730
server: cloudflare

Redirect headers

cache-control: max-age=14400
location: https://media.doisongviet.net/uploads/2024/10/GMT-272-x-90-px.png
cf-cache-status: HIT
age: 601
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gfoIAIVcodMU1g%2FW5eO34gDmL%2FzAQSmcdgY39ewQz9wp3n8%2F1TOB%2BLEP2LYaxb39%2Fb9DNevVpPgfi4BLTsfLLJ%2BbVUYEEc7Cf6hwCakI8YWeLvEj9y1f7Fh8xYAU19%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f11b127bbbe669a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16725&min_rtt=16623&rtt_var=6306&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4128&recv_bytes=4336&delivery_rate=171880&cwnd=12000&unsent_bytes=0&cid=7e3ab88115deed0f&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:36 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=2,i

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK newspaper.woff
venews.biz/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 191ms
190ms Font
font/woff 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by: Host: venews.biz
URL: https://venews.biz/wp-content/themes/Newspaper/style.css?ver=12.6.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://venews.biz/wp-content/themes/Newspaper/style.css?ver=12.6.8

Response headers

ETag: "67000e4b-8470"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33904
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: font/woff
Last-Modified: Fri, 04 Oct 2024 15:48:27 GMT
Server: nginx

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 61ms
30ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 211495
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 69ms
39ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 266654
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 09 Dec 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 09 Dec 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 105ms
75ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 228906
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 08:28:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 08:28:31 GMT
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38372
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 16 KB
16 KB 103ms
72ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 225698
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:21:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:21:59 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16552
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 96ms
66ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 144620
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 07:53:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 07:53:17 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 76ms
46ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 226998
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:00:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:00:19 GMT
last-modified: Thu, 01 Aug 2024 20:41:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5796
x-xss-protection: 0
server: sffe

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 20 KB
20 KB 90ms
60ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

849b78a43f2bcd65db0f10b8475ae8cbe44e63100f09e5a6d764edc56551dc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 116970
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 15:34:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 15:34:07 GMT
last-modified: Wed, 31 Jan 2024 23:12:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20316
x-xss-protection: 0
server: sffe

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 9 KB
9 KB 100ms
70ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

42bab5302bddcdea0c935a02d94f18ff4b84595d42995d3d1f472c6cb69ae5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 185658
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 20:29:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 20:29:19 GMT
last-modified: Wed, 31 Jan 2024 23:16:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8844
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 77ms
48ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 148388
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 06:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:50:29 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12456
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 51ms
22ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 253252
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 103ms
74ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 117777
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 15:20:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 15:20:40 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5708
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 55ms
26ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CPlayfair+Display%3A700%2C400&display=swap&ver=12.6.8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 125592
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 13:10:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 13:10:25 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12304
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
venews.biz/wp-includes/js/ 18 KB
19 KB 179ms
179ms Script
application/javascript 128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "667d6e6f-4926"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18726
Date: Fri, 13 Dec 2024 00:03:37 GMT
Content-Type: application/javascript
Last-Modified: Thu, 27 Jun 2024 13:51:43 GMT
Server: nginx

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 634ms
192ms Script
text/javascript 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: venews.biz
URL: https://venews.biz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2baddea638b4aa25a87a4fec501b981f80c0e8e2440e69cdd5f8af8c49fad5bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

accept-ranges: bytes
content-length: 37152
etag: "0b07f81c39ac3199584036e9e61539536"
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 128ms
36ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BY11VY6CMT&gtm=45je4cb0v9115430268za200&_p=1734048217875&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1875152879.1734048218&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734048218&sct=1&seg=0&dl=https%3A%2F%2Fvenews.biz%2F&dt=Home%20-%20VeNews.biz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BY11VY6CMT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://venews.biz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 42ms
42ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4EX79RT0SX&l=dataLayer&cx=c&gtm=45je4cb0v9115430268za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BY11VY6CMT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4dcb8ef7d307f047443a5675cedc420cc0f3e6f407ba68b6043732f7fdae9a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 13 Dec 2024 00:03:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109776
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 86ms
38ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4EX79RT0SX&gtm=45je4cb0v9181247056za200zb9115430268&_p=1734048217875&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1875152879.1734048218&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734048218&sct=1&seg=0&dl=https%3A%2F%2Fvenews.biz%2F&dt=Home%20-%20VeNews.biz&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4181
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4EX79RT0SX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://venews.biz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: text/plain
server: Golfe2

POST
H/1.1 200 zzExipXXaV_y_39DP2A_RNSSTmVY51zhso525_LoihPQ6g-gBa7n0fj0tjD3txYCvFJ4XnW0iSG3L-oCbwexOIgG0bFG99MwGdYFao-JIEZ8bHK-RMWVGRKo9XMJvZuQ9c3v7dIOq3oOlDlRwUEaLRObp4ZXfnAXjlAXANodXgD6FGxdjI35Ayj6LC-DbMeXOGXmo... Show response
aj1559.online/ 667 B
1 KB 120ms
119ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zzExipXXaV_y_39DP2A_RNSSTmVY51zhso525_LoihPQ6g-gBa7n0fj0tjD3txYCvFJ4XnW0iSG3L-oCbwexOIgG0bFG99MwGdYFao-JIEZ8bHK-RMWVGRKo9XMJvZuQ9c3v7dIOq3oOlDlRwUEaLRObp4ZXfnAXjlAXANodXgD6FGxdjI35Ayj6LC-DbMeXOGXmoH0gNHLUbjfq2ejCsQFnd-00K-GaRGajGIgCEaw92HdCpPa1MxtU5Aoqa7eTzVxOXC78ReTwwYvsyhtRH4gv-jzH3hvN57WCh7nU6VgpxrMdC-K9ONMi9W2EQH3p5RcLLAWhw56AcDLZ4t7Oa4kUZzE7XVVr-L-sZKCULoAMs0geYLlFkcE_V3H0vi7DJQAK77x6tS2clvW2ufzVeut-0uZB_dGp8e6431n_fYReHqJrh6kpNJ0IeZvI?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 5429d49f75d636fd3b6a8832c42b4addaccbbf69691860f79f18bf73169d3093

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
access-control-allow-origin: https://venews.biz
p3p: CP="CAO PSA OUR"
content-length: 667
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: application/json;charset=UTF-8

POST
H/1.1 200 zsbwkZEhh1gPUzkcr9a_lfKEx3JcvA5LYEB8hgN0ZRLmCzC1xpt8RZiYlHBzbz0hmrAfoePoIaXx6vvbzyuMp2R65MyaAcBm0Txu75GprPOxJ8yHPcStMYQlq3LR_ef27WYxfl-A4pcrG_zRTlpZhQmf4nCXpfXtPWeXSVpgK9Ot5VdyIUXyDRmod6w3gTw3Lppnb... Show response
aj1559.online/ 2 KB
2 KB 223ms
102ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zsbwkZEhh1gPUzkcr9a_lfKEx3JcvA5LYEB8hgN0ZRLmCzC1xpt8RZiYlHBzbz0hmrAfoePoIaXx6vvbzyuMp2R65MyaAcBm0Txu75GprPOxJ8yHPcStMYQlq3LR_ef27WYxfl-A4pcrG_zRTlpZhQmf4nCXpfXtPWeXSVpgK9Ot5VdyIUXyDRmod6w3gTw3LppnbuXva7k0P_kTkURYiplgYaRITasY8OtkDoFS76r9eRhIh9bJ5BEjjmCc31utaLTDrJvZ2LotTF7mMEMjOpSfZEseMptN6QgYe3TbnwkEFeAFp71fem6akDUBwOWURhXtyN3P18Mm2eKkrWEiNqHAFxqFayNn-9uUtzEX8XIrgAYcAOg-lE8eHrD2aLliXySQOAjBlKv0yYAyxLIj0211HfemGrN3dOIY_eqW-omk6TZ1s6hlIJBMbNKE?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 35646fb99b0818c2335587ec111198a445b1ce1800db2f0782270f151a08ee6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
access-control-allow-origin: https://venews.biz
p3p: CP="CAO PSA OUR"
content-length: 1686
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: application/json;charset=UTF-8

GET
H3

200

July-15-Saturday-10-11-AM-37.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/July-15-Saturday-10-11-AM-37.jpg
https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-37.jpg

101 KB
101 KB

38ms
24ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-37.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8d8fee32518562397669927bbcf1b296e43452229ceaa1dc5f2329c5ece28c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b76dc-192a3"
age: 693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v09hLTlhua922CVo%2BbZ5YORpHqaDY%2B8%2BPbHSreeH4FUFVqGP7FtAUQ4s0ZPzUCB8MVCrUK0lNdX%2BF3KJJSCZFPPEsoDPJb5114rXsmXOBVeupfP%2BtYuRM1a2Symx5HXEMfBwVDPDHaSG8A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 23:50:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19292&min_rtt=14849&rtt_var=7025&sent=18&recv=15&lost=0&retrans=0&sent_bytes=10800&recv_bytes=5317&delivery_rate=159836&cwnd=12000&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2379&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 23:50:52 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b137685b9709-AMS
accept-ranges: bytes
content-length: 103075
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-37.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H/1.1

200
OK

w-logo-blue-white-bg.png
venews.biz/wp-includes/images/
Redirect Chain

https://venews.biz/favicon.ico
https://venews.biz/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

192ms
191ms

Other
image/png

128.199.156.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://venews.biz/wp-includes/images/w-logo-blue-white-bg.png
Protocol: HTTP/1.1
Server: 128.199.156.53 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

ETag: "6192f571-1017"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4119
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: image/png
Last-Modified: Tue, 16 Nov 2021 00:04:01 GMT
Server: nginx

Redirect headers

Transfer-Encoding: chunked
X-Redirect-By: WordPress
Link: <https://venews.biz/wp-json/>; rel="https://api.w.org/"
Location: https://venews.biz/wp-includes/images/w-logo-blue-white-bg.png
Connection: keep-alive
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/8.0.28
Server: nginx

GET
H3

200

July-15-Saturday-10-11-AM-36.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/July-15-Saturday-10-11-AM-36.jpg
https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-36.jpg

102 KB
103 KB

465ms
464ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-36.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31892dd737d84fa98062f0d0fa7f7caa1b645585d66bd8f026aa44c7536b0644

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b7536-199de"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5XZLJvVXwSk%2BtTlCJBTDrmwlJHif%2BD9VLpms4twasbcoQds8eBRgcKs7FcLpimD4YiRZOh76N0kLFjpRMwaTYFgf%2BBVCkdKLkSR15hJ%2FvdAkkDjGF8%2BkjzcqmvjqeiWg5I%2BuYzXugt4QA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 23:43:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18723&min_rtt=14835&rtt_var=858&sent=969&recv=150&lost=0&retrans=0&sent_bytes=1135200&recv_bytes=12954&delivery_rate=7797503&cwnd=367200&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2819&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 23:43:50 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b137685d9709-AMS
accept-ranges: bytes
content-length: 104926
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/July-15-Saturday-10-11-AM-36.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H3

200

Screen-Shot-2024-12-12-at-22.27.58.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-12-at-22.27.58.jpg
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.27.58.jpg

201 KB
202 KB

26ms
25ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.27.58.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c644a3b56ec7e03660b39f5068b8c7e2fc4104e90756bcca2fb573ca87315d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b1e98-3231f"
age: 22989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4u4V6z3k3mZ5O180CQoiQSTTxOxReVqDOteQNRmENSY3iFwVwLKh6T13ZjIIJDaBOFEMnjp3I8Y%2FVLnb6tTOLGhoLwsIxC7ZU%2BiJx4uvShNonN5NWU9GHZ7Y%2B2Tabcf%2FlDica45t2Xx3ng%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 17:34:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16250&min_rtt=14835&rtt_var=1599&sent=108&recv=39&lost=0&retrans=0&sent_bytes=116951&recv_bytes=6673&delivery_rate=2186797&cwnd=60000&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2425&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 17:34:16 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b137a8879709-AMS
accept-ranges: bytes
content-length: 205599
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.27.58.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H3

200

Screen-Shot-2024-12-12-at-22.28.52.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-12-at-22.28.52.jpg
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.28.52.jpg

182 KB
183 KB

28ms
28ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.28.52.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50e7eeb8694090b063ca274f089b76ade2ce9abeb6c21b29d8eb9c888207d39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b2256-2d8ce"
age: 22285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQncc3F2oyfY%2FAlsShArP5ia4vgcd1NHL54HBiVYvwA0068BPrTJyoQgrshbeppAP4KTXNehcAk3kJeoKEEI6QrMLxyFCwxa%2B12%2FMJqH9lRM%2BWKffMAEdm%2FI7e0LdjYBGVp5NRZXbANrdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 17:50:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16840&min_rtt=14835&rtt_var=2036&sent=175&recv=56&lost=0&retrans=0&sent_bytes=195648&recv_bytes=7750&delivery_rate=3537110&cwnd=98400&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2440&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 17:50:14 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b137c8999709-AMS
accept-ranges: bytes
content-length: 186574
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.28.52.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H3

200

Screen-Shot-2024-12-13-at-00.39.01.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-13-at-00.39.01.jpg
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-13-at-00.39.01.jpg

187 KB
188 KB

28ms
28ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-13-at-00.39.01.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5066ecf7e8afe35b63f0dc971ba3cd4c920b080e28d470549b0058296cc1d49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b20a0-2edc2"
age: 22777
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9A7hYpvJ7Yc23lwkBpyUidyGRrIbEdt5fFlzvwEUC1jegHOa%2Fw6ZkUFXca6EZ3p3KKprWnZ5vMJ22Ixw1pFI1IGvbicpEH%2FBHoMp7xLiB2Vi2ZjtNuiURnO37EZWBHAGnd1mKFtABXV%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 17:42:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17530&min_rtt=14835&rtt_var=1561&sent=385&recv=71&lost=0&retrans=0&sent_bytes=445273&recv_bytes=8743&delivery_rate=5602091&cwnd=213600&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2461&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 17:42:56 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b137e8aa9709-AMS
accept-ranges: bytes
content-length: 191938
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-13-at-00.39.01.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H/1.1 200 zKC0C02aRnOicxZxsb-1KxWCHYSRAFyJ354r7JTOb_TW4R38KdcNwuxwrK0oIwKublg3nOhiytpQqiR3wve7v4izwe2q9X1c5RFM514WW4g9W9WsJdOZWtCWtVbq_BF5hM8OD4StUMwEcK9rQLWjck_4kTQLXlOmkqhc3xu72PlzSQXwhvdCWGTT_ue9Hk5o8ToEc...
aj1559.online/ 43 B
674 B 239ms
175ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zKC0C02aRnOicxZxsb-1KxWCHYSRAFyJ354r7JTOb_TW4R38KdcNwuxwrK0oIwKublg3nOhiytpQqiR3wve7v4izwe2q9X1c5RFM514WW4g9W9WsJdOZWtCWtVbq_BF5hM8OD4StUMwEcK9rQLWjck_4kTQLXlOmkqhc3xu72PlzSQXwhvdCWGTT_ue9Hk5o8ToEcEOLPknkgHy08Ulo-HkW5_d6mIlI3wknO8YnmM1DkqCMgk7QVl9aE6DX4W0uUfymdyd3cP3Jg246En5HRbVfq1jMPUwrVYuH_xV_NXcD4R0Z_UEtL7Fx7yLYrj86izAqCOXjNA4nL16G6OTqgOYM0S8PS8Uj3oPVDfF4tDMFBukEnx_1OQ68cjhi-4KmWL2cEMjHbvaoE95XMEaoLDLk-Wlfb1Oom-HbQqsE?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1726556492000"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
content-length: 43
date: Fri, 13 Dec 2024 00:03:38 GMT
last-modified: Tue, 17 Sep 2024 07:01:32 GMT
content-type: image/gif

GET
H3

200

467016078_122134081184374710_2822075645907783361_n.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/467016078_122134081184374710_2822075645907783361_n.jpg
https://mediavn.doisongviet.net/uploads/2024/12/467016078_122134081184374710_2822075645907783361_n.jpg

205 KB
205 KB

28ms
28ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/467016078_122134081184374710_2822075645907783361_n.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8b1763daed56c1cdd82c7af940ab0f2cc035c150c4e7623bf1db0533454bab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b0f7e-332b7"
age: 22990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXoSqObCf4GKcC3cXpAQ61QX%2F6b0%2BBsnV2JE3%2F%2BrI%2BM1nVJlcuWZJw3yAtAK5npPiBe6XjZS4jyFTSvUSzeX6%2BTJmyjTIzcew0egaWllSxUgS2IsRoqLscUuBfzdjqMBLaVPwdZ30HduLg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 16:29:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16235&min_rtt=14835&rtt_var=978&sent=618&recv=114&lost=0&retrans=0&sent_bytes=716660&recv_bytes=11024&delivery_rate=15002404&cwnd=367200&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2647&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 16:29:50 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b13909f19709-AMS
accept-ranges: bytes
content-length: 209591
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/467016078_122134081184374710_2822075645907783361_n.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H3

200

Screen-Shot-2024-12-12-at-22.30.56.jpg
mediavn.doisongviet.net/uploads/2024/12/
Redirect Chain

https://venews.biz/wp-content/uploads/2024/12/Screen-Shot-2024-12-12-at-22.30.56.jpg
https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.30.56.jpg

194 KB
194 KB

26ms
25ms

Image
image/jpeg

172.67.71.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.30.56.jpg
Protocol: H3
Server: 172.67.71.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e406af9eee6beb7a5d2280504b45c5b112839c81cc984c1463c8c50f061108

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cf-cache-status: HIT
etag: "675b033c-306d7"
age: 24820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XK6Ese2M7Ro7uFyxg9G2P8AlB4Ua6xxJp0DgXAuAsvfv8lyrvYusxxZCEBkg4tEqRpf5fayj7Rq84HFp%2F2s7lmZQ8JK%2BRoZZExMJzG8UeKdZyMpkMmASHTmlwsUvysf3SCr9Hnscj%2B%2BoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 14 Dec 2024 15:37:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17268&min_rtt=14835&rtt_var=271&sent=799&recv=133&lost=0&retrans=0&sent_bytes=931690&recv_bytes=12195&delivery_rate=7960232&cwnd=367200&unsent_bytes=0&cid=6fc9c3e1d942e681&ts=2676&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: image/jpeg
last-modified: Thu, 12 Dec 2024 15:37:32 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f11b1393a279709-AMS
accept-ranges: bytes
content-length: 198359
server: cloudflare

Redirect headers

Location: https://mediavn.doisongviet.net/uploads/2024/12/Screen-Shot-2024-12-12-at-22.30.56.jpg
Content-Length: 162
Date: Fri, 13 Dec 2024 00:03:38 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 94ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

530e722f511d588961ae77e54b1409b5b4c13a484e92e09229c7b92d4162f5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: br
etag: 711 / 20070 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 00:03:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 13 Dec 2024 00:03:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33806
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 21ms
21ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 23582
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 17:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 12 Dec 2024 17:30:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H2 200 yomedia-sdk.js Show response
ss.yomedia.vn/js/ 62 KB
21 KB 1404ms
610ms Script
application/javascript 222.255.217.230
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.yomedia.vn/js/yomedia-sdk.js?v=3
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.255.217.230 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: nginx /
Resource Hash: 845474747519ee6c303cab020d3c66570a0554259e28ce88d5e5c8479a70bdc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, public, must-revalidate, max-age=84600
content-encoding: gzip
etag: W/"6232e405-f60c"
access-control-allow-origin: *
date: Fri, 13 Dec 2024 00:03:41 GMT
content-type: application/javascript
last-modified: Thu, 17 Mar 2022 07:32:21 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 35ms
34ms Other
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 79240
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 02:02:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 12 Dec 2024 02:02:58 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 21818843116 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 140ms
54ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21818843116?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e4a9d64aa486d96eb4fb5d4e1384507726bffc3052175d119bf1458a3d3846c2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RikrUAZ1XidBGsXqfjIu0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1JBiOHHrNtMFIJb4-pJJA4id0mewBgFx681zrFOB2GjteVYnIE76d561CIgNFS6xOoJw0SVWTyBW7bnEagrE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrE1AzPD1CisHEAtxc9z-_HYXm8CMT7sdlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQwN9AyM4guMAKk_Sto"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RikrUAZ1XidBGsXqfjIu0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxUEOcIkXcdaa1y7kt4YGQpaegZld7H_OFVJqPIXxOeQssZ2xvvqg54nUrTIxE1YstMlFjCXVQlmszVsnaRE2xmEz3BlaVBJ_TeldPIGJbBDhA9EOSnhLg6nIgzZeVt7gIsPYSUH8w== Show response
fundingchoicesmessages.google.com/f/ 439 KB
64 KB 78ms
77ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUEOcIkXcdaa1y7kt4YGQpaegZld7H_OFVJqPIXxOeQssZ2xvvqg54nUrTIxE1YstMlFjCXVQlmszVsnaRE2xmEz3BlaVBJ_TeldPIGJbBDhA9EOSnhLg6nIgzZeVt7gIsPYSUH8w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MDQ4MjE5LDIyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly92ZW5ld3MuYml6LyIsbnVsbCxbWzgsImhBdjBZakFWMi1zIl0sWzksIm5sIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMz9ydEu0PiXapgatApgwk1LZQ3h9A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

a821d0ad317fc410c1599b84c9e2411d2761c2e1cd6dba8d22f94c5710a6cc0c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-D3ezMnZdmypRYiGXVmR8xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTDcfvz211sAj9WHuxgVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDI00DMwii8wAgB_j0LE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-D3ezMnZdmypRYiGXVmR8xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 37ms
37ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.hAv0YjAV2-s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz44TFfsvfvXq0zUczsfxpyDsi7MA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 00:03:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 00:03:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 22ms
22ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://venews.biz/

Response headers

age: 205093
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 15:05:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 15:05:26 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 5 KB
5 KB 23ms
23ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://venews.biz/

Response headers

age: 196522
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 17:28:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 17:28:17 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5224
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 12 KB
12 KB 24ms
24ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://venews.biz/

Response headers

age: 227052
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 08:59:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 08:59:27 GMT
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11936
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxXGjWoioqqiAAGcGhd_EtgnVOj2b3V3xKphtFziUjtXGNMU_rZO-W2eEuda2q88dJlbskR_6v9iOnAuaS3fKx1uvHFV5xux7dQQ2ixQvrXMXaSJaJ3s20Cqy2SEUUpm7uAakBLJhw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
34ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXGjWoioqqiAAGcGhd_EtgnVOj2b3V3xKphtFziUjtXGNMU_rZO-W2eEuda2q88dJlbskR_6v9iOnAuaS3fKx1uvHFV5xux7dQQ2ixQvrXMXaSJaJ3s20Cqy2SEUUpm7uAakBLJhw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n8TL_sgMys9VJOkSLniISA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://venews.biz/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfj9ue3u9gEJqx-cIFRySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6hmYxxcYAAAzRCuV"
content-security-policy: script-src 'report-sample' 'nonce-n8TL_sgMys9VJOkSLniISA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://venews.biz
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXGjWoioqqiAAGcGhd_EtgnVOj2b3V3xKphtFziUjtXGNMU_rZO-W2eEuda2q88dJlbskR_6v9iOnAuaS3fKx1uvHFV5xux7dQQ2ixQvrXMXaSJaJ3s20Cqy2SEUUpm7uAakBLJhw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C7ZsYoWtD2G6kyEsuGCbeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://venews.biz/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 00:03:39 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfj9ue3u9gEDuxuusCo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQwN9QzM4wsMACbGK20"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C7ZsYoWtD2G6kyEsuGCbeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://venews.biz
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 21ms
21ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 115983
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 15:50:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 15:50:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 24ms
23ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

9b2da7c38d34ace18801291959a5fc03c369f5bd2aea33cb488da61d9f39ff2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://venews.biz
Referer: https://fonts.googleapis.com/

Response headers

age: 157519
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 04:18:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 04:18:20 GMT
last-modified: Thu, 01 Aug 2024 20:41:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5864
x-xss-protection: 0
server: sffe

GET
H2 200 delivery Show response
delivery.yomedia.vn/ 0
202 B 1052ms
336ms Script
text/plain 221.132.35.182
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.yomedia.vn/delivery?pid=d9181403253d4e278fe4ef84a384077e&ref=https%3A%2F%2Fvenews.biz%2F&sw=1600&sh=1200&scd=24&spd=24&bl=bmwtTkw%3D&u4=1734048220632
Requested by: Host: ss.yomedia.vn
URL: https://ss.yomedia.vn/js/yomedia-sdk.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 221.132.35.182 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: / Sails <sailsjs.com>
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

date: Fri, 13 Dec 2024 00:03:40 GMT
x-powered-by: Sails <sailsjs.com>

GET
H/1.1 200 z995RGGg5nvi_1QXg7P-HQpuI2GDTdeiYbwsn2gbZabAB5uFcJi1uxKo1cPjoPgJHA0dPxN02FcQOTXJxhq8hdKH57hv6VVPlEOgM1MJISEAIpuNoeWBmjhbYPREIHevTcr5nSLT3UEn3w0VtzFHwFVQ67Cs9Lmds-Xoe2CHezP-QzIgjQJ2jGXPCttYq4bH55gZM...
aj1559.online/ 49 B
545 B 94ms
94ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z995RGGg5nvi_1QXg7P-HQpuI2GDTdeiYbwsn2gbZabAB5uFcJi1uxKo1cPjoPgJHA0dPxN02FcQOTXJxhq8hdKH57hv6VVPlEOgM1MJISEAIpuNoeWBmjhbYPREIHevTcr5nSLT3UEn3w0VtzFHwFVQ67Cs9Lmds-Xoe2CHezP-QzIgjQJ2jGXPCttYq4bH55gZMyXh_enhomGGHPdApNklLC53QBF-QxzAez2R4vYHH_mGbtLEQXntDzNQXuYETRU_OG1TRJmXMeNgbWhH73b-SncoDR7uikpfFbwRYZnnkity6p4fGvTun3MKg0pkOZqwD33Msk_QHo222eN9mgl4mgLL6i-lW3KNegTcb45AbQE1q44M8i3zUo99siMHB1yPsd2dzsYjqBEw?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://venews.biz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1726556500000"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
content-length: 49
date: Fri, 13 Dec 2024 00:03:40 GMT
last-modified: Tue, 17 Sep 2024 07:01:40 GMT
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: venews.biz
URL: blob:https://venews.biz/cf01bd34-9539-41f6-9a3a-6956c552cc5c

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-21 01:40:50	Name: __cf_bm Value: 22JNMU44tqNKbounV8b5YIrMSYosq77.R2TelR.dR.4-1734048217-1.0.1.1-WhFkiEQjUziyRe3CUHGWIDxCFU1q0c2coVb_5HE3uGZYTx_dU7kZhR_DPhcilveyLSAu1FOWxakdNWeotmWflw
.venews.biz/	1970-01-21 11:16:48	Name: _ga_BY11VY6CMT Value: GS1.1.1734048218.1.0.1734048218.0.0.0
.venews.biz/	1970-01-21 11:16:48	Name: _ga Value: GA1.1.1875152879.1734048218
.venews.biz/	1970-01-21 11:16:48	Name: _ga_4EX79RT0SX Value: GS1.1.1734048218.1.0.1734048218.0.0.0
.aj1559.online/	1970-01-21 11:16:48	Name: UUID Value: 3261c88f-e089-58c4-88cc-737044ed4ef1
.aj1559.online/	1970-01-21 10:26:24	Name: ucv Value: 762-NL-1734134618876-24--

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aj1559.online
delivery.yomedia.vn
doisongviet.net
dua-tin.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
jsc.mgid.com
media.doisongviet.net
mediavn.doisongviet.net
newsonline.biz
region1.google-analytics.com
securepubads.g.doubleclick.net
ss.yomedia.vn
venews.biz
www.googletagmanager.com
venews.biz
104.19.129.76
104.26.12.137
128.199.156.53
142.250.184.226
142.250.184.232
142.250.184.238
142.250.186.106
172.67.214.181
172.67.71.182
188.114.96.3
212.124.124.115
216.239.34.36
216.58.206.35
221.132.35.182
222.255.217.230
010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855
040479f707ff285878a862c179ff64fc58748811cfcb285addd2fee2017f4cee
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0b82485edb800f0ea228c54dd7b2138e0fb824ce939cd34034f613bd93625710
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
1574e2083c944ac3c14c1589fb65b925cc20b55f7b2608dcb09c412867e21de2
18e406af9eee6beb7a5d2280504b45c5b112839c81cc984c1463c8c50f061108
2143754326c96d8d845f202477e7749564794b31273e6ecc869d6f881be36213
2ba157b5abd8b9fb95635fe4f3ba8853219c939e9aab77224ff58ae38d4ee7af
2baddea638b4aa25a87a4fec501b981f80c0e8e2440e69cdd5f8af8c49fad5bb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31892dd737d84fa98062f0d0fa7f7caa1b645585d66bd8f026aa44c7536b0644
35646fb99b0818c2335587ec111198a445b1ce1800db2f0782270f151a08ee6c
35ae3217a2320983ff3aa0cd0665dc5c32d8ed32400dd17dc5e7b82c8422333b
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c644a3b56ec7e03660b39f5068b8c7e2fc4104e90756bcca2fb573ca87315d1
3d7a12f959b9a040bc5de3087bc4620621be703e426c411d289d92959d7bfcd3
3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8b1763daed56c1cdd82c7af940ab0f2cc035c150c4e7623bf1db0533454bab
42bab5302bddcdea0c935a02d94f18ff4b84595d42995d3d1f472c6cb69ae5d1
4dcb8ef7d307f047443a5675cedc420cc0f3e6f407ba68b6043732f7fdae9a97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52782ac293bb10b38779db0cb458edb581f2cd603d0aec4c30dd0ca6b6a9388b
530e722f511d588961ae77e54b1409b5b4c13a484e92e09229c7b92d4162f5e5
5429d49f75d636fd3b6a8832c42b4addaccbbf69691860f79f18bf73169d3093
666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6
7f4170397ccf837c0b9829340f507239a2d0225ed0eacb13ab4ff4e3c17dd4b5
82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde
845474747519ee6c303cab020d3c66570a0554259e28ce88d5e5c8479a70bdc8
849b78a43f2bcd65db0f10b8475ae8cbe44e63100f09e5a6d764edc56551dc90
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
9b2da7c38d34ace18801291959a5fc03c369f5bd2aea33cb488da61d9f39ff2f
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a821d0ad317fc410c1599b84c9e2411d2761c2e1cd6dba8d22f94c5710a6cc0c
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf
b50e7eeb8694090b063ca274f089b76ade2ce9abeb6c21b29d8eb9c888207d39
c5066ecf7e8afe35b63f0dc971ba3cd4c920b080e28d470549b0058296cc1d49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85
d099103502b4063574eb2ba0dd2b8e3c0d6362c8036c337f5571a11716ef5781
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a9d64aa486d96eb4fb5d4e1384507726bffc3052175d119bf1458a3d3846c2
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094
ef8d8fee32518562397669927bbcf1b296e43452229ceaa1dc5f2329c5ece28c
f7da6d200bd347de5adfdccfa4a62e9803fbe0887efb9a663e4e0491b3b1659b

venews.biz Open in urlscan Pro 128.199.156.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

84 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

13 IPs

5 Countries

3967 kBTransfer

6000 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

venews.biz Open in urlscan Pro
128.199.156.53 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

84 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

13
IPs

5
Countries

3967 kB
Transfer

6000 kB
Size

6
Cookies

69 HTTP transactions
2 data transactions