URL: https://newsbeladi.blogspot.com/
Submission: On December 04 via api from US — Scanned from US

Summary

This website contacted 19 IPs in 2 countries across 16 domains to perform 39 HTTP transactions. The main IP is 2607:f8b0:4006:809::2001, located in United States and belongs to GOOGLE, US. The main domain is newsbeladi.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on October 23rd 2023. Valid for: 3 months.
This is the only time newsbeladi.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
226 KB
6 gstatic.com
ssl.gstatic.com
56 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 oaphoace.net
oaphoace.net — Cisco Umbrella Rank: 156100
36 KB
3 statically.io
cdn.statically.io — Cisco Umbrella Rank: 9096
81 KB
2 spor-live.com
spor-live.com
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12342
48 KB
2 blogspot.com
newsbeladi.blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 13795
51 KB
1 offerimage.com
offerimage.com — Cisco Umbrella Rank: 36192
33 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
549 B
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 22840
493 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 24468
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
81 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
30 KB
39 16
Domain Requested by
6 ssl.gstatic.com
6 pagead2.googlesyndication.com newsbeladi.blogspot.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.google-analytics.com newsbeladi.blogspot.com
www.google-analytics.com
www.googletagmanager.com
3 oaphoace.net newsbeladi.blogspot.com
oaphoace.net
3 cdn.statically.io newsbeladi.blogspot.com
2 spor-live.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 blogger.googleusercontent.com newsbeladi.blogspot.com
1 offerimage.com
1 www.google.com tpc.googlesyndication.com
1 my.rtmark.net oaphoace.net
1 fleraprt.com tzegilo.com
1 tzegilo.com oaphoace.net
1 www.googletagmanager.com www.google-analytics.com
1 3.bp.blogspot.com newsbeladi.blogspot.com
1 ajax.googleapis.com newsbeladi.blogspot.com
1 newsbeladi.blogspot.com
39 18

This site contains links to these domains. Also see Links.

Domain
todaymatchesx.blogspot.com
btolat.yalla-shot-new.com
www.blogger.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
statically.io
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-26 -
2024-09-26
a year crt.sh
oaphoace.net
R3
2023-11-21 -
2024-02-19
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tzegilo.com
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-09 -
2024-01-14
a year crt.sh
spor-live.com
GTS CA 1P5
2023-11-25 -
2024-02-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
rtmark.net
R3
2023-10-07 -
2024-01-05
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh

This page contains 5 frames:

Primary Page: https://newsbeladi.blogspot.com/
Frame ID: D45D8D0294508188F1C8FD207AEEE99A
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 2950813C988176FFA120BF358DA9B893
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5449436706998775&output=html&adk=1812271804&adf=3025194257&lmt=1700433262&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fnewsbeladi.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701695529295&bpp=6&bdt=483&idt=255&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3499958288359&frm=20&pv=2&ga_vid=986859745.1701695529&ga_sid=1701695530&ga_hid=1439451364&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809004%2C31078297%2C44807764%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2409124413275465&tmod=1036458609&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299
Frame ID: 37E2E3C47D61ED0F4BB50C4033F4095F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35A0134C584BB59F6D88B38798B3DF50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F557B96110C67997B9D88888DE9293D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

نيوز بلادي Newz Beladi

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

18
Subdomains

19
IPs

2
Countries

678 kB
Transfer

1613 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newsbeladi.blogspot.com/
216 KB
50 KB
Document
General
Full URL
https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f19d81f998f922afdf00b90a1097b2d68c5824b78ddbd22d86a383cb3bc0dbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
50503
content-type
text/html; charset=UTF-8
date
Mon, 04 Dec 2023 13:12:08 GMT
etag
W/"a70b18c3484bf47d25f484e122140250c4f3c45c7e220b95f21f7ee32a2ec475"
expires
Mon, 04 Dec 2023 13:12:08 GMT
last-modified
Sun, 19 Nov 2023 22:34:22 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all,noodp
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5449436706998775&host=ca-host-pub-1556223355139109
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbb77ea68b1c924087ec327ea4ef906faf89558f32fa4f340cdc2cd8e2c2c8e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsbeladi.blogspot.com/
Origin
https://newsbeladi.blogspot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52789
x-xss-protection
0
server
cafe
etag
10374099241566088563
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 13:12:09 GMT
AVvXsEgK9cutlXcSdy51ky35vwSORkTdWLPOfHzMwXiB4sQkTCQx9OL0G4FZm2yap0TXbBVcT51NqUSfHTIOrsTBzmpmYf93kYdS_lH1AJxdHRRIqYA41b9wzzGBMBLXdugtxyH-sfeRhEUdTAO6fXhOaMv4RScyAvFH6rxc0_g0CJuxT2j-htP-kjZ8Wt57og=s200
blogger.googleusercontent.com/img/a/
13 KB
13 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgK9cutlXcSdy51ky35vwSORkTdWLPOfHzMwXiB4sQkTCQx9OL0G4FZm2yap0TXbBVcT51NqUSfHTIOrsTBzmpmYf93kYdS_lH1AJxdHRRIqYA41b9wzzGBMBLXdugtxyH-sfeRhEUdTAO6fXhOaMv4RScyAvFH6rxc0_g0CJuxT2j-htP-kjZ8Wt57og=s200
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
68fbdc3a0b3f90556151c5674a00243785e1d1f47725d9ccc4a5639e4b7329ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v1ae"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="free live (2).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13046
x-xss-protection
0
expires
Tue, 05 Dec 2023 13:12:09 GMT
truncated
/
26 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 12:04:01 GMT
mmt.js
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/25ff629f/
50 KB
18 KB
Script
General
Full URL
https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/25ff629f/mmt.js
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
4cc5b53db1be65ea34adad0c15ef0540f4beac5fdff01e36194b6d551abcea98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1747056
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18095
x-served-by
cache-sjc10029-SJC, cache-nyc-kteb1890020-NYC
server
statically
etag
W/"ac76be55f3f9b201592a69037016c61ed439819395d33c97fbda254d8f92e50e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
timer.js
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/96be9fd3/
35 KB
7 KB
Script
General
Full URL
https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/96be9fd3/timer.js
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
f98ac1a01c3067b9c6bb97c909bbe953d4972cc0519fb503b0d6ccf1530bedeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
972403
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6503
x-served-by
cache-sjc10059-SJC, cache-nyc-kteb1890020-NYC
server
statically
etag
W/"512c43e35cda809b1821e00617192cdef40f3aa809d7156f8761eb8904846d90"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
truncated
/
365 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
608 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6e5d8ec90d5e619f46ae09b758fc5930511e6084a1994a281ee0ce379744af3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
1008 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
460 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
378 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71bf013a6ac6ce6828da23e6fc0d9b279f2265bf2b9b8e853861441898aa97c0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
448 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5584bfeaa92df701a30fe2d1e4b4e9d5fc7aa3da7a3a89626210956a3aac1a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
500 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
627 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/6a47ce1e/
56 KB
56 KB
Font
General
Full URL
https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/6a47ce1e/NeoSansArabic.woff
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsbeladi.blogspot.com/
Origin
https://newsbeladi.blogspot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
statically
age
2407172
etag
"4cb0be1807b6236ab749d2f5e38eed261e9f0d3967da730a6786482cd5dd4b18"
x-cache
HIT, HIT
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
57364
x-served-by
cache-sjc10028-SJC, cache-ewr18137-EWR
6208387
oaphoace.net/401/
87 KB
34 KB
Script
General
Full URL
https://oaphoace.net/401/6208387
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac491ba4b50e8355c6c009b0ba1a10fcc5725ea372f8c88791b6cf853e4c69cd
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
b2ac3fe97d4c6f14007d165a9a1f3347
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Dec 2023 11:49:04 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4985
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Dec 2023 13:49:04 GMT
256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/
1 KB
2 KB
Image
General
Full URL
https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png
Requested by
Host: newsbeladi.blogspot.com
URL: https://newsbeladi.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 09:16:45 GMT
x-content-type-options
nosniff
age
14124
content-disposition
inline;filename="256-256.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1286
x-xss-protection
0
server
fife
etag
"v4ed"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 05 Dec 2023 09:16:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/
398 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5449436706998775&host=ca-host-pub-1556223355139109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e85f738a45f08c0b93a856583f8972b3d18455b02269dc77de96c4e12e9685fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137629
x-xss-protection
0
server
cafe
etag
2437120523043170169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 13:12:09 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 2950
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5449436706998775&host=ca-host-pub-1556223355139109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f09a6853ba2b41f3d45fc84697570f54e91d23d862c6e51bc64bee90b7f83e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsbeladi.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
61504
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4113
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 20:07:05 GMT
etag
3212660519051894895
expires
Sun, 17 Dec 2023 20:07:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
15 B
226 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1439451364&t=pageview&_s=1&dl=https%3A%2F%2Fnewsbeladi.blogspot.com%2F&ul=en-us&de=UTF-8&dt=%D9%86%D9%8A%D9%88%D8%B2%20%D8%A8%D9%84%D8%A7%D8%AF%D9%8A%20Newz%20Beladi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1992872548&gjid=702768149&cid=986859745.1701695529&tid=UA-222197801-1&_gid=492493157.1701695529&_r=1&_slc=1&z=1809660455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7cb408ca9fcbc84cd581afe854949698cce2296ac3f7920cbc556e98275354a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsbeladi.blogspot.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 13:12:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsbeladi.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
228 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GM5E77LT48&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a10912daa8e8ad70a9f72926a91767a0422b2411feda5f9299df1aadbd0b2968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82957
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 13:12:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 37E2
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5449436706998775&output=html&adk=1812271804&adf=3025194257&lmt=1700433262&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fnewsbeladi.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701695529295&bpp=6&bdt=483&idt=255&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3499958288359&frm=20&pv=2&ga_vid=986859745.1701695529&ga_sid=1701695530&ga_hid=1439451364&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809004%2C31078297%2C44807764%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2409124413275465&tmod=1036458609&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsbeladi.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 13:12:09 GMT
expires
Mon, 04 Dec 2023 13:12:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GM5E77LT48&gtm=45je3bt0v9114571095&_p=1701695529438&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=986859745.1701695529&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fnewsbeladi.blogspot.com%2F&dt=%D9%86%D9%8A%D9%88%D8%B2%20%D8%A8%D9%84%D8%A7%D8%AF%D9%8A%20Newz%20Beladi&sid=1701695529&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1326
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GM5E77LT48&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 13:12:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsbeladi.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stattag.js
tzegilo.com/
19 KB
8 KB
Script
General
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: oaphoace.net
URL: https://oaphoace.net/401/6208387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6901
etag
W/"64f987a8-4a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpN2PT7%2BWycsJK4lqKsnhNVqzwG%2FkYKOkdezc1UtgVzval2K1uoC%2F6htebgttNIs7q7Ps7FDE2CVKRgKAM0%2B0V6uws3KzxjRwVcdZGCNerakOorBWX8VkHQuL5MWhzDca1QRGE4CCYQ%2FaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83044ca5b8644bd5-BUF
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
add
fleraprt.com/log/
12 B
493 B
XHR
General
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://newsbeladi.blogspot.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 04 Dec 2023 13:12:51 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://newsbeladi.blogspot.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
%D9%85%D8%A7%D9%86%D8%B4%D8%B3%D8%AA%D8%B1-%D9%8A%D9%88%D9%86%D8%A7%D9%8A%D8%AA%D8%AF.png
spor-live.com/wp-content/uploads/2021/01/
0
0
Image
General
Full URL
https://spor-live.com/wp-content/uploads/2021/01/%D9%85%D8%A7%D9%86%D8%B4%D8%B3%D8%AA%D8%B1-%D9%8A%D9%88%D9%86%D8%A7%D9%8A%D8%AA%D8%AF.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3b67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

%D9%84%D9%8A%D9%81%D8%B1%D8%A8%D9%88%D9%84.png
spor-live.com/wp-content/uploads/2021/01/
0
0
Image
General
Full URL
https://spor-live.com/wp-content/uploads/2021/01/%D9%84%D9%8A%D9%81%D8%B1%D8%A8%D9%88%D9%84.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3b67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

jcKKlUVaNw3br9cIyOKmQA_96x96.png
ssl.gstatic.com/onebox/media/sports/logos/
5 KB
5 KB
Image
General
Full URL
https://ssl.gstatic.com/onebox/media/sports/logos/jcKKlUVaNw3br9cIyOKmQA_96x96.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e261ce61a9b803e3337b452ffedcc63ec5eec5ad858e60258502ce258d2022e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 02:42:25 GMT
x-content-type-options
nosniff
age
37785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/threepo-cron
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4941
x-xss-protection
0
last-modified
Thu, 14 Dec 2017 19:01:36 GMT
server
sffe
report-to
{"group":"threepo-cron","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/threepo-cron"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="threepo-cron"
expires
Sat, 01 Jun 2024 02:42:25 GMT
VoKsJ6RitaHGhsM62e6AXQ_96x96.png
ssl.gstatic.com/onebox/media/sports/logos/
8 KB
9 KB
Image
General
Full URL
https://ssl.gstatic.com/onebox/media/sports/logos/VoKsJ6RitaHGhsM62e6AXQ_96x96.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c33e9f6778c5ecef99513343b186c525965b39d6c243c4d676b65980afd81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:58:12 GMT
x-content-type-options
nosniff
age
838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/threepo-cron
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8596
x-xss-protection
0
last-modified
Thu, 14 Dec 2017 19:02:19 GMT
server
sffe
report-to
{"group":"threepo-cron","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/threepo-cron"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="threepo-cron"
expires
Sat, 01 Jun 2024 12:58:12 GMT
paYnEE8hcrP96neHRNofhQ_96x96.png
ssl.gstatic.com/onebox/media/sports/logos/
8 KB
8 KB
Image
General
Full URL
https://ssl.gstatic.com/onebox/media/sports/logos/paYnEE8hcrP96neHRNofhQ_96x96.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a5ce5934d75798b46be01081158c51f74c5afab13bb0be004a1dd875578ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 04:26:55 GMT
x-content-type-options
nosniff
age
31515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/threepo-cron
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8532
x-xss-protection
0
last-modified
Thu, 14 Dec 2017 20:54:42 GMT
server
sffe
report-to
{"group":"threepo-cron","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/threepo-cron"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="threepo-cron"
expires
Sat, 01 Jun 2024 04:26:55 GMT
i5LifmxEVIl0sbvIysiyhw_96x96.png
ssl.gstatic.com/onebox/media/sports/logos/
10 KB
10 KB
Image
General
Full URL
https://ssl.gstatic.com/onebox/media/sports/logos/i5LifmxEVIl0sbvIysiyhw_96x96.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ccbdfa9d42cf24732366ce8c2b397e1fa1df53fe715855b0d641f8f2b5de0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:49:12 GMT
x-content-type-options
nosniff
age
4978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/threepo-cron
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10391
x-xss-protection
0
last-modified
Thu, 14 Dec 2017 21:01:41 GMT
server
sffe
report-to
{"group":"threepo-cron","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/threepo-cron"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="threepo-cron"
expires
Sat, 01 Jun 2024 11:49:12 GMT
fhBITrIlbQxhVB6IjxUO6Q_96x96.png
ssl.gstatic.com/onebox/media/sports/logos/
15 KB
15 KB
Image
General
Full URL
https://ssl.gstatic.com/onebox/media/sports/logos/fhBITrIlbQxhVB6IjxUO6Q_96x96.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35842d39e7a17d060febc97a1fcac74a9e44c5f63b63cc49c2235e69ed96a607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 23:50:56 GMT
x-content-type-options
nosniff
age
48074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/threepo-cron
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
last-modified
Thu, 14 Dec 2017 17:32:19 GMT
server
sffe
report-to
{"group":"threepo-cron","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/threepo-cron"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="threepo-cron"
expires
Fri, 31 May 2024 23:50:56 GMT
bXkiyIzsbDip3x2FFcUU3A_96x96.png
ssl.gstatic.com/onebox/media/sports/logos/
8 KB
9 KB
Image
General
Full URL
https://ssl.gstatic.com/onebox/media/sports/logos/bXkiyIzsbDip3x2FFcUU3A_96x96.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
657417a00a5ff05306956083ba5be0114389aa87fbc9a75aef1441c9f9eda1ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:42:05 GMT
x-content-type-options
nosniff
age
52205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/threepo-cron
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8387
x-xss-protection
0
last-modified
Thu, 14 Dec 2017 17:52:25 GMT
server
sffe
report-to
{"group":"threepo-cron","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/threepo-cron"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="threepo-cron"
expires
Fri, 31 May 2024 22:42:05 GMT
jX7t8C_Y23c-HD.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga7gtZ78GM6cJu5CqWoNa3ax8suzGPzkTDbEd2LJU9_u1RCENhoT8EiICN6WTgbYgqyiBxzLoTaB8h7yIzyMu5sb3nH-4Tshur7FGfDFtkiQnRJKf5q8syVFWDkos2tU_PhqMWffW5XLU7Tjgb...
35 KB
35 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga7gtZ78GM6cJu5CqWoNa3ax8suzGPzkTDbEd2LJU9_u1RCENhoT8EiICN6WTgbYgqyiBxzLoTaB8h7yIzyMu5sb3nH-4Tshur7FGfDFtkiQnRJKf5q8syVFWDkos2tU_PhqMWffW5XLU7TjgbBXdcQ6tGxX70_dvF_3qeOBUdyp3Dlr4QbE7hWmF0DEWN/s350/jX7t8C_Y23c-HD.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4509ad504926094e2d311879eead0df35f2eebc1bdedb01a8653f7bb652695d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
x-content-type-options
nosniff
server
fife
etag
"v282"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="jX7t8C_Y23c-HD.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35784
x-xss-protection
0
expires
Tue, 05 Dec 2023 13:12:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d33c95f4fea6ca9b30fdc1fe9ea7c64174d7c0e20256b2e11f5e8a98d982f163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12298
x-xss-protection
0
gid.js
my.rtmark.net/
65 B
549 B
XHR
General
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: oaphoace.net
URL: https://oaphoace.net/401/6208387
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d46d4bb595105cbc0bc7a4d9bda439536c7b593e8d30a9b1af54ee29047b0b4f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsbeladi.blogspot.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 13:12:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35A0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsbeladi.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
17096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 08:27:14 GMT
expires
Tue, 03 Dec 2024 08:27:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4F55
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be15daec8d284fdaf4793db19665ac83ddeb1b37102f34d5a1575250e01702c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BrPZk6K8gfGTLjbv_8OBvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsbeladi.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BrPZk6K8gfGTLjbv_8OBvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 13:12:10 GMT
expires
Mon, 04 Dec 2023 13:12:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 35A0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 08:02:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
18598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 08:02:12 GMT
6208387
oaphoace.net/500/
2 KB
2 KB
XHR
General
Full URL
https://oaphoace.net/500/6208387?excludes=&oaid=d68cb35a04a4471080d6a1b1a6266c5b&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fnewsbeladi.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Requested by
Host: oaphoace.net
URL: https://oaphoace.net/401/6208387
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ba85adae5ed9fcc2c5d6394b1ab5b3f3a503df18421313663e58d18ef37b0ae6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://newsbeladi.blogspot.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
18711ef214b2c71f0e37d85ac8998a8a
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://newsbeladi.blogspot.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6208387
oaphoace.net/500/ Frame
0
0
Preflight
General
Full URL
https://oaphoace.net/500/6208387?excludes=&oaid=d68cb35a04a4471080d6a1b1a6266c5b&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fnewsbeladi.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://newsbeladi.blogspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://newsbeladi.blogspot.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Mon, 04 Dec 2023 13:12:10 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F55
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=2409124413275465&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 35A0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?cyzqEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
17ebb869da9235f06a74f528304b0892.png
offerimage.com/www/images/
33 KB
33 KB
Image
General
Full URL
https://offerimage.com/www/images/17ebb869da9235f06a74f528304b0892.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13118d06cd7eb186a2c437a407088d15b0f901d0e00093474fbb277b2167417

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:12:10 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2023 01:30:06 GMT
server
cloudflare
age
12827
etag
"64812f1e-84c1"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83044cabbfee4bd2-BUF
content-length
33985
expires
Tue, 05 Dec 2023 09:38:23 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=2409124413275465&bg=!f3ylfDPNAAY3kmNgF5I7ADQBe5WfOCyC9fZeRfhB4khYKDwHUOQTziE6Z67KVNZl5HaTBb6n3TGQWtr73aT19qQ-sM9BAgAAALNSAAAABGgBBwoAerzo79sMYuESGMXy3nH9W_snVcCCcuTUsOanezJzK8cN-CAOxT9LLD-LHlzC9oo67Maj644pPcUvNpAsANDc4EQXi5FH2LL9ZksKq19I-qrOF3Req9DaxiDSibSOTE9FaZPPUquK_rInBcDSEirjn7bv_WGPGRRvhq4bmQKzZNQqO_J54d_3ESEbx65GiblXRQpezfdb1MwTfs5J8wr6GndZFg6nS_feMvP1pCZhU2Ls-HOA0CeIc-TWCEAZCkUwNjuMxjjWZFbM8N014gSNuzgHjLOj--WkPJnu6IQZRrUMqpyOdnK_ls89K4NTy5Rkv_h7AnZpcedzDUdbRHnz-XquyrMTG34FKviywATuLjnsADMCKHX5Q5ZcOZ9W2QsZhu685lmMpHHqLtsXolOIu34jzr4X4f4Jk1jyFAsxveLXqDFsxOKO-khTGC4vCz79IoD9S479WxwD2dOTQHBn0N6_Ree1DLs7vmhE3hGjWBr3Cd7lcfXouKcO_X35G9E50_KQdj1LWvkWLlIu04gT8S1Hm7fEAkllknjJKEqa4EOXx4QrvZZLNFOTDTb0yH-AbJk6C9DwNmpe0SbtCfnWbUpnpLt1W8riRqVFl80MdIGocE5KoL7fqiaRpbw_Pp3bLUknGnC2-hcv1DbCacmGRRScEImlSGZ3xyTaXeSISLPrRD4-_qkG4_sPbnAhZA0kj0j8juf_yLKe5YgFiHmyLhtXN1uLrlUtfjfhenNImuu_IFKMiXPPRelKr-9C4x4xsQ45vJHhU8KfYhyCvld6BeFTCc59h1i45kkqvy5jEtvaX5N72k4hqOensRiUDG0gxPlBQ6Q49jsYE11U5sbF4cybDwl6dOAcel73q2oxZuw6ioazHFUMXQ6ZmTE1FeRAnkenTKrzfYTqBwc_vtcI--oX7RgXCKryG3613RHUnpmnFHyFSvRucw_XtffCtBS7GTKotGs6y-iD_K75Lb9ZQoGbamELJl39FrpF3UHD2NLXJ5nXMKd54Vs5iQSj0UaI001Pr7uPLRWj_bmYrXOM6_hNQ_xJOkoZXxiuwvlPz6EVs1nFFgUbhnCFqu7303vtAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsbeladi.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _0x205f function| _0x53b8 function| prst function| plist object| blogLabels function| $ function| jQuery string| ArrowIcon string| BlogID string| GoogleAnalyticsObject function| ga function| moment function| rdmode object| _0x1ec6 function| _0x33fe string| olderLink string| $my_menu string| $my_icon string| $my_tre object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| dataLayer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| zfgstorage object| dc5fjywu314 object| zfgformats boolean| __lwkemfd9q__ object| webpushlogs object| __ds3dcV__ object| syncCallbacks object| GoogleGcLKhOms number| __qwe33wweq__ object| google_image_requests

7 Cookies

Domain/Path Name / Value
.newsbeladi.blogspot.com/ Name: _ga
Value: GA1.3.986859745.1701695529
.newsbeladi.blogspot.com/ Name: _gid
Value: GA1.3.492493157.1701695529
.newsbeladi.blogspot.com/ Name: _gat_blogger
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.newsbeladi.blogspot.com/ Name: _ga_GM5E77LT48
Value: GS1.3.1701695529.1.0.1701695529.0.0.0
my.rtmark.net/ Name: ID
Value: d68cb35a04a4471080d6a1b1a6266c5b
oaphoace.net/ Name: OAID
Value: d68cb35a04a4471080d6a1b1a6266c5b

2 Console Messages

Source Level URL
Text
network error URL: https://spor-live.com/wp-content/uploads/2021/01/%D9%84%D9%8A%D9%81%D8%B1%D8%A8%D9%88%D9%84.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://spor-live.com/wp-content/uploads/2021/01/%D9%85%D8%A7%D9%86%D8%B4%D8%B3%D8%AA%D8%B1-%D9%8A%D9%88%D9%86%D8%A7%D9%8A%D8%AA%D8%AF.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
ajax.googleapis.com
blogger.googleusercontent.com
cdn.statically.io
fleraprt.com
googleads.g.doubleclick.net
my.rtmark.net
newsbeladi.blogspot.com
oaphoace.net
offerimage.com
pagead2.googlesyndication.com
spor-live.com
ssl.gstatic.com
tpc.googlesyndication.com
tzegilo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
139.45.195.254
139.45.195.8
139.45.197.239
2606:4700:10::6816:21ac
2606:4700:3030::6815:3b67
2606:4700:3036::ac43:c134
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::2001
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2004
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::2001
2607:f8b0:4006:824::2002
2a04:4e42:400::347
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
16a5ce5934d75798b46be01081158c51f74c5afab13bb0be004a1dd875578ad7
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
28c33e9f6778c5ecef99513343b186c525965b39d6c243c4d676b65980afd81e
35842d39e7a17d060febc97a1fcac74a9e44c5f63b63cc49c2235e69ed96a607
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e261ce61a9b803e3337b452ffedcc63ec5eec5ad858e60258502ce258d2022e
4509ad504926094e2d311879eead0df35f2eebc1bdedb01a8653f7bb652695d2
4cc5b53db1be65ea34adad0c15ef0540f4beac5fdff01e36194b6d551abcea98
4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554
4f09a6853ba2b41f3d45fc84697570f54e91d23d862c6e51bc64bee90b7f83e0
5584bfeaa92df701a30fe2d1e4b4e9d5fc7aa3da7a3a89626210956a3aac1a8c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657417a00a5ff05306956083ba5be0114389aa87fbc9a75aef1441c9f9eda1ac
68fbdc3a0b3f90556151c5674a00243785e1d1f47725d9ccc4a5639e4b7329ca
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33
6ccbdfa9d42cf24732366ce8c2b397e1fa1df53fe715855b0d641f8f2b5de0d2
71bf013a6ac6ce6828da23e6fc0d9b279f2265bf2b9b8e853861441898aa97c0
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
7cb408ca9fcbc84cd581afe854949698cce2296ac3f7920cbc556e98275354a5
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a10912daa8e8ad70a9f72926a91767a0422b2411feda5f9299df1aadbd0b2968
a13118d06cd7eb186a2c437a407088d15b0f901d0e00093474fbb277b2167417
ac491ba4b50e8355c6c009b0ba1a10fcc5725ea372f8c88791b6cf853e4c69cd
ba85adae5ed9fcc2c5d6394b1ab5b3f3a503df18421313663e58d18ef37b0ae6
be15daec8d284fdaf4793db19665ac83ddeb1b37102f34d5a1575250e01702c1
cbb77ea68b1c924087ec327ea4ef906faf89558f32fa4f340cdc2cd8e2c2c8e2
d33c95f4fea6ca9b30fdc1fe9ea7c64174d7c0e20256b2e11f5e8a98d982f163
d46d4bb595105cbc0bc7a4d9bda439536c7b593e8d30a9b1af54ee29047b0b4f
d6e5d8ec90d5e619f46ae09b758fc5930511e6084a1994a281ee0ce379744af3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85f738a45f08c0b93a856583f8972b3d18455b02269dc77de96c4e12e9685fd
f19d81f998f922afdf00b90a1097b2d68c5824b78ddbd22d86a383cb3bc0dbc8
f98ac1a01c3067b9c6bb97c909bbe953d4972cc0519fb503b0d6ccf1530bedeb
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21