tumoutounews.com Open in urlscan Pro
156.67.212.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tumoutounews.com/
Effective URL:
https://tumoutounews.com/
Submission: On March 06 via api (March 6th 2023, 7:15:55 pm UTC) from US — Scanned from SG

Summary HTTP 98 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 98 HTTP transactions. The main IP is 156.67.212.72, located in Singapore and belongs to AS-HOSTINGER, CY. The main domain is tumoutounews.com.
TLS certificate: Issued by R3 on February 25th 2023. Valid for: 3 months.

This is the only time tumoutounews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	156.67.212.72 156.67.212.72	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c0f::61	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e4:... 2606:4700:e4::ac40:a816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c1a::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c06::9b	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
13	2404:6800:400... 2404:6800:4003:c02::84	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4003:c03::93	15169 (GOOGLE) (GOOGLE)
98	19

27 156.67.212.72 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)
PTR: srv30.niagahoster.com

tumoutounews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c06::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c0f::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::9b (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c04::9a (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:a816 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::9c (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c02::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::93 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tumoutounews.com 1 redirects tumoutounews.com	2 MB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	273 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	170 KB
10	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	78 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1420 ka-f.fontawesome.com — Cisco Umbrella Rank: 2684	181 KB
5	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 310 adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 13169 adservice.google.com.sg — Cisco Umbrella Rank: 26706	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	97 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	610 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	81 KB
98	12

	Domain	Requested by
27	tumoutounews.com	1 redirects tumoutounews.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	tumoutounews.com pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	ka-f.fontawesome.com	kit.fontawesome.com tumoutounews.com
3	fonts.googleapis.com	tumoutounews.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.sg	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.com.sg	tumoutounews.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	tumoutounews.com
1	kit.fontawesome.com	tumoutounews.com
1	www.googletagmanager.com	tumoutounews.com
98	19

This site contains no links.

Subject Issuer	Validity	Valid
tumoutounews.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://tumoutounews.com/
Frame ID: BA3780735E1986B83FAE9DBEC1D74189
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 6F7D11C1136575A13E65AAF0F3FAE4A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&adk=1812271804&adf=3025194257&lmt=1678130149&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_r&format=0x0&url=https%3A%2F%2Ftumoutounews.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149303&bpp=6&bdt=342&idt=94&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3502103582416&frm=20&pv=2&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118
Frame ID: 80E197E6F6ABDC2F2A259D08A4C86893
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=1726884865&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149309&bpp=6&bdt=348&idt=121&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfTBdqBsDt&p=https%3A//tumoutounews.com&dtd=125
Frame ID: 5192FE1DF70632C12F7CEF9DCD6E6FAF
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148
Frame ID: 8C3545B22ABBC5FB8ECFBB1A6F4F9CE0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=60&adk=44319740&adf=4099508600&pi=t.aa~a.3087311937~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&to=qs&pwprc=5195667173&format=660x60&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149673&bpp=1&bdt=712&idt=1&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f345b714ecdf3a4-224ac5e0e7db0030%3AT%3D1678130149%3ART%3D1678130149%3AS%3DALNI_MZw8REGEJf6p5mUwKTkAD1J-I6lBg&gpic=UID%3D00000bd317b94097%3AT%3D1678130149%3ART%3D1678130149%3AS%3DALNI_MYui3G9HOxelOC1FRZnbSmpZZfPkw&prev_fmts=0x0%2C992x280%2C992x280&nras=2&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTuCyobA6w&p=https%3A//tumoutounews.com&dtd=5
Frame ID: DE23FB73747D487F7B77118A6BFFB604
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C1EB5275196FB598199CAA6A555DE6AA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 5DCB66C321B2BC3C111DD625091ECBB3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 9A0AF9340C61FF227C973302D47BE5D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B6F641EFC9114EB49F93DF9DE8FA98F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B493D01824477CD01B609B32F3BC968
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TumoutouNews.com | Artikel Mencerahkan

Page URL History Show full URLs

http://tumoutounews.com/ HTTP 301
https://tumoutounews.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

100 %
HTTPS

94 %
IPv6

12
Domains

19
Subdomains

19
IPs

2
Countries

2579 kB
Transfer

4025 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tumoutounews.com/ HTTP 301
https://tumoutounews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

98 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tumoutounews.com/
Redirect Chain

http://tumoutounews.com/
https://tumoutounews.com/

46 KB
8 KB

19ms
6ms

Document
text/html

156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

4f60821f5b2af2ec9757dc80d4af85e1748215500c19de3870f539004423218d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=600
content-encoding: br
content-length: 8108
content-type: text/html; charset=UTF-8
date: Mon, 06 Mar 2023 19:15:48 GMT
etag: "64932-1678114894;br"
expires: Mon, 06 Mar 2023 15:11:34 GMT
link: <https://tumoutounews.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-litespeed-cache: hit
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Mon, 06 Mar 2023 19:15:48 GMT
location: https://tumoutounews.com/
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

GET
H2 200 26e2dab6d949223befb3ae5f2f7f7de4.css
tumoutounews.com/wp-content/litespeed/css/ 92 KB
11 KB 9ms
6ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/26e2dab6d949223befb3ae5f2f7f7de4.css?ver=dfbda

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

dfe3f9ee2fead943760b6e9c376005d3a764c066dd711b543501d8af6bbd7aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "17193-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 11400
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 d9227409615482dc8bd9ad97354c6ba2.css
tumoutounews.com/wp-content/litespeed/css/ 217 B
278 B 11ms
8ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/d9227409615482dc8bd9ad97354c6ba2.css?ver=40e15

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "d9-64063b9f-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 4d54cbac2de82477e99c6d8c673b8e58.css
tumoutounews.com/wp-content/litespeed/css/ 2 KB
807 B 12ms
9ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/4d54cbac2de82477e99c6d8c673b8e58.css?ver=1d53c

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

340e3468700806e13e8340ed8e5cebb0408cacc86040d8485373f9c8b6755d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "911-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 753
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 c6d86d980c3c6b82afc38f9fa677c534.css
tumoutounews.com/wp-content/litespeed/css/ 1 KB
433 B 13ms
11ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/c6d86d980c3c6b82afc38f9fa677c534.css?ver=e2f9b

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "484-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 378
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 7d65674d97fba9061978962d9d3393e9.css
tumoutounews.com/wp-content/litespeed/css/ 0
51 B 14ms
11ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/7d65674d97fba9061978962d9d3393e9.css?ver=affef

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "0-64063b9f-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 32ms
9ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins%3Aital%2Cwght%400%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C200%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700%3B1%2C800%3B1%2C900&display=swap&ver=6.1.1

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dd38d2715261f5e4dcc53204b0d22a39383a0100751a81f722e6b5546a8bdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 19:15:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 19:15:48 GMT

GET
H2 200 6a0e1a245ed2da603f58658bca0db92a.css
tumoutounews.com/wp-content/litespeed/css/ 2 KB
695 B 14ms
12ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/6a0e1a245ed2da603f58658bca0db92a.css?ver=d9568

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

08581a7ba94a6368b8e29bd7697c7c05db46bd6ed00840fba637c41ecdee56e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "718-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 640
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 5694d992dbcc8f1b46c03463349e4fcf.css
tumoutounews.com/wp-content/litespeed/css/ 43 KB
6 KB 14ms
12ms Stylesheet
text/css 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/css/5694d992dbcc8f1b46c03463349e4fcf.css?ver=9e435

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

92a32a162c884c2442570f54d3876a8eb5883d562cd1cd8793165a88ad728d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "aade-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 6135
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 30ms
15ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M7MQD8M8P6

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6a08f44776cab60ac7867d762ecf4381a88b981a8c64356b174bd15e826f1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 39ms
20ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1165659958171958

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6f3289aa62c98d3a305a69be17bca9fa1875b6535ab08da69542cb203cbf7f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48337
x-xss-protection: 0
server: cafe
etag: 9218021237120440660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H3 200 blank.png
tumoutounews.com/wp-content/themes/shurapro-master/assets/image/ 3 KB
3 KB 9ms
8ms Image
image/png 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/themes/shurapro-master/assets/image/blank.png

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

66c73a59fcd1a7c0bc3fd6b3f98bf33320ced04991c0931738bf88ff82e7cfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2022 04:01:22 GMT
server: LiteSpeed
etag: "a3f-6397f912-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2623
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:49 GMT

GET
H3 200 06a91426c5a1ace5c03fe924c4930d06.js Show response
tumoutounews.com/wp-content/litespeed/js/ 10 KB
3 KB 4ms
4ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/js/06a91426c5a1ace5c03fe924c4930d06.js?ver=0eb1b

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

9b9267946b42292573a95c4de2ad5e92efd0c7c130ad632f01a3762a5508a823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Niagahoster
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2908
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "2946-64063b9f-0;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 19:15:48 GMT

GET
H3 200 781deb44ad9cc28411271eb3fe4ea1fb.js Show response
tumoutounews.com/wp-content/litespeed/js/ 13 KB
4 KB 4ms
4ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/js/781deb44ad9cc28411271eb3fe4ea1fb.js?ver=35c85

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

a0cb106fd884e47f6c8aa85ed3d9a776ea6a42d56dadb448ea6ae4a312a9cdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "3295-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3919
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:49 GMT

GET
H3 200 jquery.min.js Show response
tumoutounews.com/wp-includes/js/jquery/ 88 KB
30 KB 5ms
5ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 19 Sep 2022 12:46:24 GMT
server: LiteSpeed
etag: "15e54-632864a0-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 30143
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:49 GMT

GET
H3 200 9511a7d8d9c8c272a47664863fdbf49e.js Show response
tumoutounews.com/wp-content/litespeed/js/ 11 KB
4 KB 7ms
7ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/js/9511a7d8d9c8c272a47664863fdbf49e.js?ver=f6e38

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

5651b43b4e8e488d108feb52c447449fb94668c833bc8099951ffa55e0d7e9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "2bd8-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3989
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:49 GMT

GET
H3 200 1c2d52119961040580b16cef79f59abc.js Show response
tumoutounews.com/wp-content/litespeed/js/ 6 KB
2 KB 8ms
7ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/js/1c2d52119961040580b16cef79f59abc.js?ver=39a17

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

855b5bb8ab15dff5e59efd224176d1afc9393cd2f695ba60fb29f98eb75a84ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "1810-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2202
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:49 GMT

GET
H2 200 29434962b1.js Show response
kit.fontawesome.com/ 11 KB
4 KB 281ms
259ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/29434962b1.js?ver=6.1.1

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c19cef838aea0edb873fa77cb087f6ae799b2d3b18c4dc46646eff832c8f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7a3cedf76f3f3fcc-SIN
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0hoxloiyyVJJrMgM-GC

GET
H3 200 jquery.min.js Show response
tumoutounews.com/wp-content/themes/shurapro-master/assets/js/ 3 KB
699 B 9ms
7ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/themes/shurapro-master/assets/js/jquery.min.js?ver=1.0.6

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

8e09b992652a03009327ed3dec771065cda683dbd967d3b2e829dd7ca9dca248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 13 Dec 2022 04:01:22 GMT
server: LiteSpeed
etag: "a05-6397f912-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 633
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:49 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
3 KB 36ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js?ver=1.7.9

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 529474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2090
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FE9ySa7v1T2KJgFSb66n%2FKPwgDNAgWQ7FAp48fa%2F%2B0jaj0vqFnOErKE8%2BXW4naygc7u3kjMO9kYAyQG%2B%2BtMNDk7YH7Jm6Oyhn4Pt0xpv8eB%2FgyU%2FLbZRmc52aEuhGMswJcYnDr8F%2BAT%2FoVu1NZoW7QA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a3cedf7683b4d33-SIN
expires: Sat, 24 Feb 2024 19:15:49 GMT

GET
H3 200 1607439fa4d42019ecff3d882e1eff41.js Show response
tumoutounews.com/wp-content/litespeed/js/ 2 KB
1 KB 9ms
7ms Script
application/javascript 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://tumoutounews.com/wp-content/litespeed/js/1607439fa4d42019ecff3d882e1eff41.js?ver=46c3d

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

654393c00f8992c4b1990bc28f422d0e956b9dc8c77ad0a90f0c8dd0b3247cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 06 Mar 2023 19:14:39 GMT
server: LiteSpeed
etag: "952-64063b9f-0;br"
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1112
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 19:15:49 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 21ms
5ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Aital%2Cwght%400%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C200%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700%3B1%2C800%3B1%2C900&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:53:21 GMT
x-content-type-options: nosniff
age: 339748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 20:53:21 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 23ms
7ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:48:58 GMT
x-content-type-options: nosniff
age: 545211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 11:48:58 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 19ms
13ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 12:50:08 GMT
x-content-type-options: nosniff
age: 282341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:50:08 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
9 KB 9ms
8ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 10:08:24 GMT
x-content-type-options: nosniff
age: 119245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8668
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Mar 2024 10:08:24 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 16ms
12ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 02:34:12 GMT
x-content-type-options: nosniff
age: 319297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 02:34:12 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 235ms
235ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:16:50 GMT
x-content-type-options: nosniff
age: 10739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8504
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:30:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:16:50 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 178ms
5ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M7MQD8M8P6&gtm=45je3310&_p=1739781274&_gaz=1&cid=679378702.1678130149&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678130149&sct=1&seg=0&dl=https%3A%2F%2Ftumoutounews.com%2F&dt=TumoutouNews.com%20%7C%20Artikel%20Mencerahkan&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M7MQD8M8P6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tumoutounews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 175ms
4ms Ping
text/plain 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M7MQD8M8P6&cid=679378702.1678130149&gtm=45je3310&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M7MQD8M8P6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tumoutounews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 177ms
8ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M7MQD8M8P6&cid=679378702.1678130149&gtm=45je3310&aip=1&z=649497298

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/ 362 KB
119 KB 34ms
24ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1165659958171958

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9c9571124029c6d658746dfa8ceb343fa8ac6f3ae12c1a802e440aa62e3addf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121954
x-xss-protection: 0
server: cafe
etag: 12322524755218767701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 6F7D 10 KB
5 KB 22ms
3ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1165659958171958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 77912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 21:37:17 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 21:37:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 100 KB
23 KB 37ms
12ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free.min.css?token=29434962b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29434962b1.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
via: 1.1 bea183074c7c8354f695008780705c96.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-C2
age: 2340803
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"b7d524a460c5ceb6420db3aec0be8c92"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRRkb8oHHICdD5ms5QJKsh73fm%2FF9Q2Q5k7orHpCf%2BVQn2DG3zFixzhfWklpFAX4ggUbpEHlqkLT5uPmpggvsfYTSMQ4F1qLOKVknmQwNH2WYdORQxvlltFTTulHg5v4ThOHJ54kUVvRzwhrjjTY9Ab5EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a3cedf9997f498b-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jelZEeIo7rdP_OIjYMGDSejBu5vtecT207ABcBJE9adL0t6CzP84-g==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 27 KB
5 KB 35ms
10ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-shims.min.css?token=29434962b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29434962b1.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
via: 1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-C1
age: 2340803
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"3a57f9df341838cc106903c71730d13b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0jKi0c9caCHwaezW4Ch8W8iWLDJfS0kohLgK%2B3dMNfOtZaiitv%2BlkmGS7DTJvCwJC%2FMReEvrIymLi%2BOUZwK4%2Bt1Nn7OoFDDKCu0kjRheET1ckUmvUi1JBtIdo4sIf3Yr6nmS38yR9hqNf2oEKoBk5JxZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a3cedf99980498b-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: aJWvKZsY2UeYwz_X3hPaPQLoi0gcDsJwEP7yGXTQIgoGemg78xMFaQ==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 823 B
721 B 38ms
14ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v5-font-face.min.css?token=29434962b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29434962b1.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
via: 1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-C1
age: 2340803
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"fdedb74e19e1bffdcab908079cabd49a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux4prARQaswdQb9%2FSojQv%2BQsv%2F5YzUa4cFDgVxUaGVyvOozWsWUaiV6NmGHyFU0kao8dt2FGnwy3nRE16MioH9a2t3CkBPXw0fdL%2F%2Fw2nOhXR1LyCMLZ3SJfuupS63QsnG4W1K0NhT9%2BaunF2LOPUDYOtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a3cedf99981498b-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 17kYix7ie4wFtLhxitlWUKgKA1TMiM9jw8ebMetg-35WsCAvVsouiw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 2 KB
1 KB 35ms
11ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-font-face.min.css?token=29434962b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29434962b1.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-C2
age: 2340803
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"00bb3d26f3fee308e5747eb9f5760b48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebzGhcvXxbx9LxicCth9QsZIMc7ozzn33UHY3NxSqQDb%2FyOnU0hF1CO6hJm9OBgan%2FLqP%2FJOLw%2FRlL9e5PTzhdWuNkbMiL47qoOa59Al4BeOM8D5iCH16xLqeDkor44VVsha1aJ9q8gBF7B8Y63%2BFOSx8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a3cedf99982498b-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: s2PeJ_j1D5ElAFW3UBBhRmGO7toZrXIm_K-ERAqXBiolLFVSDKc5GQ==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
610 B 20ms
9ms Script
text/javascript 2404:6800:4003:c1a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tumoutounews.com&callback=_gfp_s_&client=ca-pub-1165659958171958

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

229b0f6940ad5f58acc15851cf284de1abdfa493424b082c9f7940d6e07c28d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 18ms
6ms Script
application/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=tumoutounews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 18ms
7ms Script
application/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tumoutounews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80E1 30 KB
6 KB 213ms
210ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&adk=1812271804&adf=3025194257&lmt=1678130149&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_r&format=0x0&url=https%3A%2F%2Ftumoutounews.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149303&bpp=6&bdt=342&idt=94&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3502103582416&frm=20&pv=2&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd384b85a0e9f1b38dee5544ee36176f10be40d9630b5f0cae28e66f03c2bcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6241
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:49 GMT
expires: Mon, 06 Mar 2023 19:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5192 98 KB
34 KB 329ms
328ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=1726884865&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149309&bpp=6&bdt=348&idt=121&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfTBdqBsDt&p=https%3A//tumoutounews.com&dtd=125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c05ee7e674ba68754f3ebf4cfc633062c6cb5389cf11df71e7aa2bd412680a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35162
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:49 GMT
expires: Mon, 06 Mar 2023 19:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ 146 KB
147 KB 12ms
11ms Font
font/woff2 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/webfonts/free-fa-solid-900.woff2
Requested by: Host: tumoutounews.com
URL: https://tumoutounews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80

Request headers

Referer: https://tumoutounews.com/
Origin: https://tumoutounews.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-C2
age: 2340802
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 149896
last-modified: Tue, 31 Jan 2023 18:29:16 GMT
server: cloudflare
etag: "c00cd95af40d3d74e114025555250f09"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak14DSMnoY27VNVaeMFPX8BRudF0Nsab7vz5phdPAIldzv1dE4Ulk62XuYM6Rz2HqzyAVLa%2BnSLw5ZAvWy7%2F6aCqdQCLz4x9jHmOtqJXUJS2zSElRGeJhFNex5U6npUlw6v6NrI4OyFoPXS35pIHFsWbiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a3cedfa19b9498b-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: WQSILX6W2aacjaWUVpRU0sMv8LaI4WPPZMKu8jUa5eQIhRVGXsmf3Q==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C35 89 KB
32 KB 334ms
333ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c6434cc6e5f25099184596750a7a97a1f14145f8a18066ddbd86f4249496d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:49 GMT
expires: Mon, 06 Mar 2023 19:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 10ms
8ms Script
application/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=tumoutounews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 7ms
6ms Script
application/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tumoutounews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE23 430 B
232 B 159ms
158ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=60&adk=44319740&adf=4099508600&pi=t.aa~a.3087311937~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&to=qs&pwprc=5195667173&format=660x60&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149673&bpp=1&bdt=712&idt=1&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f345b714ecdf3a4-224ac5e0e7db0030%3AT%3D1678130149%3ART%3D1678130149%3AS%3DALNI_MZw8REGEJf6p5mUwKTkAD1J-I6lBg&gpic=UID%3D00000bd317b94097%3AT%3D1678130149%3ART%3D1678130149%3AS%3DALNI_MYui3G9HOxelOC1FRZnbSmpZZfPkw&prev_fmts=0x0%2C992x280%2C992x280&nras=2&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTuCyobA6w&p=https%3A//tumoutounews.com&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7589de77d9ffe4a426c8042098310d725a0b747605801ca2ded40a63313b3c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:49 GMT
expires: Mon, 06 Mar 2023 19:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame 5192 10 KB
5 KB 21ms
7ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=1726884865&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149309&bpp=6&bdt=348&idt=121&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfTBdqBsDt&p=https%3A//tumoutounews.com&dtd=125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:14:39 GMT

GET
H2 200 110cb13377d3e221c3000d4be3507a7e.js Show response
www.gstatic.com/mysidia/ Frame 5192 10 KB
5 KB 21ms
8ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/110cb13377d3e221c3000d4be3507a7e.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f95f13fa840812128e542e56ffe02bfe6b65d43a1e439b94d7fbc9189ba5051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 17:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4662
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 17:51:24 GMT

GET
H2 200 a1bcd720d76fe498b484a6335c7fbb84.js Show response
www.gstatic.com/mysidia/ Frame 5192 19 KB
8 KB 22ms
9ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e231934edc88c872fabebe3e04b67b0cbc189239ce1089124414c406860d2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7924
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 21:35:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5192 8 KB
991 B 9ms
7ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:27:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 5192 2 KB
818 B 8ms
5ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:56:35 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 5192 6 KB
2 KB 23ms
10ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 11:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Jun 2023 11:22:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 5192 22 KB
9 KB 30ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:56:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 5192 3 KB
1 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:50:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 5192 20 KB
8 KB 31ms
6ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 00:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 00:47:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5192 158 KB
49 KB 11ms
6ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 5192 34 KB
14 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:12:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C35 6 KB
672 B 13ms
12ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:28:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8C35 2 KB
799 B 11ms
9ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:56:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 8C35 22 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:56:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8C35 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:50:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8C35 20 KB
8 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 00:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 00:47:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C35 158 KB
48 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 19:15:49 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 8C35 34 KB
14 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:12:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C35 0
0 16ms
15ms Fetch
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPE8e5TsGZPS0HYqa4t4P_4adWOjhtq1v66i_2YcR2Oy0gcoNEAEgo5P0VmC_BaABpZGWpCjIAQmpAnWupgio17E-qAMByAPLBKoEzAFP0L__NFkqmSdTmRPGWhy6HRUINHpFEgKiof8XVSo7xRS5bleg4i2yOCb2ThFxp68KvYeGyg0yGqCfRsdIph8T-9iLIgX0YSNpQOUJTXdP_zq-6KwTZvEngz1HKN60RncTOpKocPMAGJKKaOXhh2CWgR5aEHwT9PsMXDuY1lpHdLQLewNiErNiZqAcBx1B_A5lnzlmKxPbtkzV1l78jgRLKs0U6Ded-PrTDyCjfAKXdsWkUaokGwA5Xqmt1NrBv8dBcbf5uMFSlSvPAr3ABJWRo5CfBJIFBAgEGAGSBQQIBRgEoAYugAelyeaDA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEOky0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTY1NjU5OTU4MTcxOTU4GAA&sigh=7G2tg1pq90A&uach_m=[UACH]&cid=CAQSGwDUE5ymFrX2VEfg-i1T5Tn2QuUaU3BfNr2irxgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Mar 2023 19:15:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2104569198567030324/ Frame 8C35 768 B
795 B 5ms
4ms Image
image/png 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2104569198567030324/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26547eb2147a8ffae88365b39503f845191ddfb54db17e7d20be95a7b79ad5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 10:51:37 GMT
x-content-type-options: nosniff
age: 375852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 768
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 22:59:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 10:51:37 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6803787358223291912/ Frame 8C35 2 KB
2 KB 5ms
5ms Image
image/png 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6803787358223291912/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6088cd865c8a13c0b7a448bc6d10f35b8a069abaeda72a16c5966df0ced2d659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 15:28:34 GMT
x-content-type-options: nosniff
age: 445635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1680
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 02:14:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 15:28:34 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5192 0
20 B 6ms
5ms Ping
image/gif 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoYCAEqFGJhbm5lci1sYXJnZS12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNECshAAAAAABAV0AwBAoNECshAAAAAABAWUAwAQoNEAMhAAAAzsxcfUAwBBIaQ1BiQnhfdUJ5UDBDRlJjT3R3QWRTcTRJZ3ciFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C1EB 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=1726884865&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149309&bpp=6&bdt=348&idt=121&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfTBdqBsDt&p=https%3A//tumoutounews.com&dtd=125
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 18:34:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5192 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3494c72fb7a0cf4d24b35343d0a39a84315c77456c94df9cbef0a9da166bc9ba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5192 0
0 16ms
16ms Fetch
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-04g5TsGZLa7G5ec3LUPytyimAj39Oqcb5aa_PW3DsXfyuuwCRABIKOT9FZgvwWgAdTEhdwDyAEBqQJQabaybvCoPqgDAcgDywSqBNIBT9BJVn81ntKgrWO0yDyf5n914kv05t2i6OARo1Cg7SbVQKEhav1iSzNynfO7i0jAb9THAZgYjzDra7FQdCX_4lFRmb_4GYhcGf6STGkxrln96178eIxT1E9WpB05p-aNFsE0rhvB2OanxFRoISFSXNUiyN4QK9W88mcvtm2mgOt5I-IdVTGSLN0tpwBrGWjjTd582AdZB9xTJvT6EqWiIBU8aym0kNS1OvtnjuYJeBSNAKennAF5DmeM2rDV2OKPP2v80yqPjYo6GjAuys228svIwASNgpSDggOSBQQIBBgBkgUECAUYBIAHlLv6I6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL2cCdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTY1NjU5OTU4MTcxOTU4GAA&sigh=aFqopzePqzQ&uach_m=[UACH]&cid=CAQSGwDUE5ymm0wXNn8s4aN02ZFVY2QUlBv8p7_NdRgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=1726884865&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149309&bpp=6&bdt=348&idt=121&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfTBdqBsDt&p=https%3A//tumoutounews.com&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Mar 2023 19:15:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5192 28 KB
28 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:27:08 GMT
x-content-type-options: nosniff
age: 294522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:27:08 GMT

GET
DATA 200
OK truncated
/ Frame 8C35 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e09a49a11093b87a627d56109e33d41ceaa5e9e7046601c220e81959d246cea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5192 0
20 B 5ms
5ms Ping
image/gif 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoYCAEqFGJhbm5lci1sYXJnZS12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNEAohAAAAAAAAAEAwBAoNEA0hAAAAAKCZuT8wBAoNEB4qBzk5MngyODAwBAoNEBkqBzk5MngyODAwBAoNEA4hAAAAAJCZyT8wBAoNEAQhAAAAZma-fUAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAABAW0AwBAoNEAUhAAAAmpnBfUAwBAoNEBAhAAAAAMBQ4UAwBAoNEBEhAAAAAIDh8EAwBAoNEBIhAAAAAAAAGEAwBAoNEBMhAAAAAAAAAEAwBAoNEBchAAAAmpmBgUAwBBIaQ1BiQnhfdUJ5UDBDRlJjT3R3QWRTcTRJZ3ciFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8C35 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:46:17 GMT
x-content-type-options: nosniff
age: 296973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 08:46:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8C35 15 KB
16 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 03:45:53 GMT
x-content-type-options: nosniff
age: 487797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 03:45:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8C35 15 KB
15 KB 6ms
6ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:46:05 GMT
x-content-type-options: nosniff
age: 476985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 06:46:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C1EB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

8ms
7ms

Document
text/html

2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:50 GMT
expires: Mon, 06 Mar 2023 19:15:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DCB 36 KB
14 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:50:07 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A0A 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1165659958171958&output=html&h=280&slotname=4064230877&adk=3932877277&adf=2437495483&pi=t.ma~as.4064230877&w=992&fwrn=4&fwrnh=100&lmt=1678130149&rafmt=1&format=992x280&url=https%3A%2F%2Ftumoutounews.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678130149315&bpp=1&bdt=353&idt=144&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C992x280&nras=1&correlator=3502103582416&frm=20&pv=1&ga_vid=679378702.1678130149&ga_sid=1678130149&ga_hid=1739781274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759837%2C44759875%2C44759926%2C44773809%2C31071643%2C31072715%2C31072792&oid=2&pvsid=1762640280570140&tmod=1523740713&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x7e83qiYB7&p=https%3A//tumoutounews.com&dtd=148

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:50:07 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5192 0
20 B 6ms
6ms Ping
image/gif 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoYCAEqFGJhbm5lci1sYXJnZS12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNEBQhAAAAAECm8UAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAmpmNg0AwBAoNEDIhAAAAADgz0z8wBAoNEDMhAAAAAMzM7D8wBAoNEDQhAAAAAMzM7D8wBAoNEDUhAAAAAMzM7D8wBAoNEDYhAAAAAMzM7D8wBAoNEDchAAAAAMzM7D8wBAoNEDghAAAAAGZm9j8wBAoNEDkhAAAAzsycdEAwBAoNEDohAAAAmpnRdEAwBAoNEDshAAAAZ2Z6gUAwBAoNEDwhAAAAZ2Z6gUAwBAoNED0hAAAAmpmBgUAwBAoNED4hAAAAMzM3g0AwBAoNED8hAAAAMzM3g0AwBAoNEEAhAAAAzcywg0AwBBIaQ1BiQnhfdUJ5UDBDRlJjT3R3QWRTcTRJZ3ciFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a1bcd720d76fe498b484a6335c7fbb84.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5-Hal-yang-Perlu-Dipersiapkan-untuk-Mengikuti-Seleksi-CASN.jpg
tumoutounews.com/wp-content/uploads/2023/03/ 42 KB
42 KB 20ms
19ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2023/03/5-Hal-yang-Perlu-Dipersiapkan-untuk-Mengikuti-Seleksi-CASN.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

202bff556316bb45b64e3b9e55a441efd7d41d280bf65a7abb9034d3ff4402ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 06 Mar 2023 01:49:55 GMT
server: LiteSpeed
etag: "a98a-640546c3-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 43402
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Apa-Itu-Kuota-Nonton-Telkomsel.jpg
tumoutounews.com/wp-content/uploads/2023/03/ 44 KB
44 KB 25ms
24ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2023/03/Apa-Itu-Kuota-Nonton-Telkomsel.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

d17702a53aab39abb82723951994a882548cbfa73257b1d31e4ddcc31ee9c599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 05 Mar 2023 18:54:32 GMT
server: LiteSpeed
etag: "b081-6404e568-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45185
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Top-Up-Chip-Higgs-Domino-Murah-via-Pulsa-DANA-Shopee.png
tumoutounews.com/wp-content/uploads/2022/03/ 575 KB
575 KB 29ms
28ms Image
image/png 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2022/03/Top-Up-Chip-Higgs-Domino-Murah-via-Pulsa-DANA-Shopee.png

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

1aa61d6d5dd5c1e90ccf1b386edeb08c9e6d30dc45ea66438ee7c8065b693b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 04 Mar 2022 15:02:37 GMT
server: LiteSpeed
etag: "8fab5-62222a0d-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 588469
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Top-Up-Higgs-Domino-3000.jpg
tumoutounews.com/wp-content/uploads/2022/12/ 45 KB
45 KB 43ms
42ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2022/12/Top-Up-Higgs-Domino-3000.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

8c81b797b0c3afb0fa0ff0b9f83d773d8414ad1619b06df4e769608db24b39d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 04:23:15 GMT
server: LiteSpeed
etag: "b3f4-63901533-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46068
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Top-Up-Higgs-Domino-Topbos.jpg
tumoutounews.com/wp-content/uploads/2023/01/ 100 KB
100 KB 9ms
8ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2023/01/Top-Up-Higgs-Domino-Topbos.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

b52f13a8f4055af891ff31a1b3eee8784d8969bd6d3198a7fdf1b5226df37d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Jan 2023 02:46:02 GMT
server: LiteSpeed
etag: "190af-63c75d6a-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 102575
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 15ms
15ms XHR
application/json 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2fbb258686a665abb69c7c6084fe3554284d3d5030b7d0dafa90592bb79839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11118
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_fy2021.js?bust=31072715

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 19:15:50 GMT

GET
H3 200 5-Hal-yang-Perlu-Dipersiapkan-untuk-Mengikuti-Seleksi-CASN.jpg
tumoutounews.com/wp-content/uploads/2023/03/ 42 KB
42 KB 5ms
5ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2023/03/5-Hal-yang-Perlu-Dipersiapkan-untuk-Mengikuti-Seleksi-CASN.jpg

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

202bff556316bb45b64e3b9e55a441efd7d41d280bf65a7abb9034d3ff4402ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 06 Mar 2023 01:49:55 GMT
server: LiteSpeed
etag: "a98a-640546c3-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 43402
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Apa-Itu-Kuota-Nonton-Telkomsel.jpg
tumoutounews.com/wp-content/uploads/2023/03/ 44 KB
44 KB 8ms
6ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2023/03/Apa-Itu-Kuota-Nonton-Telkomsel.jpg

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

d17702a53aab39abb82723951994a882548cbfa73257b1d31e4ddcc31ee9c599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 05 Mar 2023 18:54:32 GMT
server: LiteSpeed
etag: "b081-6404e568-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45185
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B6F 13 KB
5 KB 18ms
16ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 450637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 14:05:13 GMT
expires: Thu, 29 Feb 2024 14:05:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B49 783 B
968 B 22ms
16ms Document
text/html 2404:6800:4003:c03::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27b0f7e69eb3d3a8dd82593f9a72101868aa1d42ec64f5bb1c8ee0d931dcacb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AFlQukhBzxunsHDNdaCt4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tumoutounews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-AFlQukhBzxunsHDNdaCt4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 19:15:50 GMT
expires: Mon, 06 Mar 2023 19:15:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B49 0
0 11ms
10ms Image
text/html 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=1762640280570140&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B6F 36 KB
14 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:50:07 GMT

GET
H3 200 Top-Up-Higgs-Domino-3000.jpg
tumoutounews.com/wp-content/uploads/2022/12/ 45 KB
45 KB 8ms
7ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2022/12/Top-Up-Higgs-Domino-3000.jpg

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

8c81b797b0c3afb0fa0ff0b9f83d773d8414ad1619b06df4e769608db24b39d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 04:23:15 GMT
server: LiteSpeed
etag: "b3f4-63901533-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46068
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Top-Up-Chip-Higgs-Domino-Murah-via-Pulsa-DANA-Shopee.png
tumoutounews.com/wp-content/uploads/2022/03/ 575 KB
575 KB 4ms
4ms Image
image/png 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2022/03/Top-Up-Chip-Higgs-Domino-Murah-via-Pulsa-DANA-Shopee.png

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

1aa61d6d5dd5c1e90ccf1b386edeb08c9e6d30dc45ea66438ee7c8065b693b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 04 Mar 2022 15:02:37 GMT
server: LiteSpeed
etag: "8fab5-62222a0d-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 588469
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 200 Top-Up-Higgs-Domino-Topbos.jpg
tumoutounews.com/wp-content/uploads/2023/01/ 100 KB
100 KB 4ms
3ms Image
image/jpeg 156.67.212.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumoutounews.com/wp-content/uploads/2023/01/Top-Up-Higgs-Domino-Topbos.jpg

Requested by

Host: tumoutounews.com
URL: https://tumoutounews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.212.72 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv30.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

b52f13a8f4055af891ff31a1b3eee8784d8969bd6d3198a7fdf1b5226df37d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 18 Jan 2023 02:46:02 GMT
server: LiteSpeed
etag: "190af-63c75d6a-0;;;"
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 102575
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 19:15:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0B6F 0
10 B 6ms
5ms Image
text/plain 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xO0etg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:15:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 8ms
7ms Image
text/html 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=1762640280570140&bg=!0NOl04fNAAbv3-2Ez987ADkAdvg8WpjR4-cf8IpVi30nOwSZ5wNFHBJ2A3IiBlQgyyDBirjAvNrlNI9iiTiYs17X3zKOApP8U6ECAAAAeVIAAAACaAEHmQKoH0cukVV5ZhVJvD94vFK16En9ozpOaTl8kU_o17CmN0SSUmnLIwS6-0u6mJVVQ4DZNW6deq6rcKzObwP4L4sZ_Y8OoQCITpSE-uikfQBRuaxpoPfLIOjDlF4L-jpdrFe1i2BUSk0Fg0yN8_8ossi1vM1nxug6P9yYU0mwHuzXOY7-2LvlcbBbybcq5lqEkiSaHytt62uPf5Lo-y9AR4R5I1MultC1PBcJRO_gTK8L15BglE9CBeLMhk6HHJrKi4aJtakKJpaMC8-gHESR_louR6h6LnLXBdcDzVFIVEfnBJtu0TJFyRdbi7x6iUOgW3z3Sda-3da73bpi0p37i8R3ymqzeyRAjpEDkWAs1TKykoiu19C72ZRMO4RiCZqAGlX2odOfXlON1tk0ktNpK7EQMBNQnk9pabKbsS0-xTrCH4vIYZGDCPrR6xsSwN5g-d3DftV0wNDLQm7TkrycLqSlQUMeTFxSRsEsxGTAoEzzr5laupbrLHicdKhz4FP0Ihh7oli7EjKwmCRbFf7k0IWrMdXxX-DCuPoCWjohIduZUw7dSq2zasJtkXFVLVkDuPy4WboYzHqQdFPyde0ZglUQjPmxSKbJ7hS_Sg-IL0HS02dTlnJnrgps-yaIPVf1z7TpjVfmIVigkse3e3ro2GEM5ipkSnMqRamhmOYHpR2hvUDALzJdXoqv900VoEEjEqkHNEM-p8Y8JDiNmzctESEtvMYX0ylDmzHEt7MiDxPt_Q0_g1TfM86oyyHqqcZPuEOL-9LYgPYa_CfHZ10qPpCqvR9vBGYsLFGni45_kxoOryqsxYkT20pKwU9sObfRSsKepo8gMWg9aJQzFcePEr7SWG0bQU5TZHpjn5fYgyiYlTnZk4XnEbO9ST4Uyr8NzCk4CzcuHgUOrlY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tumoutounews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5192 42 B
64 B 9ms
8ms Fetch
image/gif 2404:6800:4003:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv318m9VtUKLhXHq1i1BX5e57gNkudNQF4tl0pJsV2w106kHLwDMAUSnUiMVigeL-l6RH9Fp8jTRjRgTWeZSssljCc-Hd8Bz3-Ri36MIyZ9faBduinI2RMuxRxYsk74I22R9Zg&sai=AMfl-YT9kTTXw2-igBG60OCjzB1mkZm_6waUMCv-CtYNY37Pv61u215yDSrQFwSW_Dp7LXGr30k_aaXpnm2-&sig=Cg0ArKJSzGe04sYOork6EAE&cid=CAQSGwDUE5ymm0wXNn8s4aN02ZFVY2QUlBv8p7_NdRgB&id=lidar2&mcvt=1000&p=0,0,280,992&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3932877277&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678130149435&rpt=626&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 19:15:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tumoutounews.com/	1970-01-20 19:44:50	Name: _ga_M7MQD8M8P6 Value: GS1.1.1678130149.1.0.1678130149.60.0.0
.tumoutounews.com/	1970-01-20 19:44:50	Name: _ga Value: GA1.1.679378702.1678130149
.tumoutounews.com/	1970-01-20 19:30:26	Name: __gads Value: ID=7f345b714ecdf3a4-224ac5e0e7db0030:T=1678130149:RT=1678130149:S=ALNI_MZw8REGEJf6p5mUwKTkAD1J-I6lBg
.tumoutounews.com/	1970-01-20 19:30:26	Name: __gpi Value: UID=00000bd317b94097:T=1678130149:RT=1678130149:S=ALNI_MYui3G9HOxelOC1FRZnbSmpZZfPkw
.doubleclick.net/	1970-01-20 19:44:50	Name: IDE Value: AHWqTUn6GVwfCBFNszrBvwUSOjdn0WbMEvgo08Uie47DtlGysTOoaRcbOu45OkllQrI
.doubleclick.net/	1970-01-20 10:08:53	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.sg
analytics.google.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tumoutounews.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
156.67.212.72
2001:4860:4802:32::181
2404:6800:4003:c02::84
2404:6800:4003:c03::5e
2404:6800:4003:c03::93
2404:6800:4003:c04::5e
2404:6800:4003:c04::9a
2404:6800:4003:c06::5f
2404:6800:4003:c06::9a
2404:6800:4003:c06::9b
2404:6800:4003:c06::9c
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::61
2404:6800:4003:c11::9b
2404:6800:4003:c1a::9c
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700:e4::ac40:a816
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
08581a7ba94a6368b8e29bd7697c7c05db46bd6ed00840fba637c41ecdee56e0
0c2fbb258686a665abb69c7c6084fe3554284d3d5030b7d0dafa90592bb79839
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa61d6d5dd5c1e90ccf1b386edeb08c9e6d30dc45ea66438ee7c8065b693b54
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
1e09a49a11093b87a627d56109e33d41ceaa5e9e7046601c220e81959d246cea
202bff556316bb45b64e3b9e55a441efd7d41d280bf65a7abb9034d3ff4402ea
229b0f6940ad5f58acc15851cf284de1abdfa493424b082c9f7940d6e07c28d9
22c19cef838aea0edb873fa77cb087f6ae799b2d3b18c4dc46646eff832c8f75
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
26547eb2147a8ffae88365b39503f845191ddfb54db17e7d20be95a7b79ad5df
27b0f7e69eb3d3a8dd82593f9a72101868aa1d42ec64f5bb1c8ee0d931dcacb0
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
340e3468700806e13e8340ed8e5cebb0408cacc86040d8485373f9c8b6755d69
3494c72fb7a0cf4d24b35343d0a39a84315c77456c94df9cbef0a9da166bc9ba
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3
4f60821f5b2af2ec9757dc80d4af85e1748215500c19de3870f539004423218d
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5651b43b4e8e488d108feb52c447449fb94668c833bc8099951ffa55e0d7e9a1
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5dd38d2715261f5e4dcc53204b0d22a39383a0100751a81f722e6b5546a8bdc3
6088cd865c8a13c0b7a448bc6d10f35b8a069abaeda72a16c5966df0ced2d659
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
654393c00f8992c4b1990bc28f422d0e956b9dc8c77ad0a90f0c8dd0b3247cb9
66c73a59fcd1a7c0bc3fd6b3f98bf33320ced04991c0931738bf88ff82e7cfdd
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
7589de77d9ffe4a426c8042098310d725a0b747605801ca2ded40a63313b3c1c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e231934edc88c872fabebe3e04b67b0cbc189239ce1089124414c406860d2b6
7f95f13fa840812128e542e56ffe02bfe6b65d43a1e439b94d7fbc9189ba5051
852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
855b5bb8ab15dff5e59efd224176d1afc9393cd2f695ba60fb29f98eb75a84ad
8c81b797b0c3afb0fa0ff0b9f83d773d8414ad1619b06df4e769608db24b39d0
8e09b992652a03009327ed3dec771065cda683dbd967d3b2e829dd7ca9dca248
92a32a162c884c2442570f54d3876a8eb5883d562cd1cd8793165a88ad728d06
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b9267946b42292573a95c4de2ad5e92efd0c7c130ad632f01a3762a5508a823
9c6434cc6e5f25099184596750a7a97a1f14145f8a18066ddbd86f4249496d7a
a0cb106fd884e47f6c8aa85ed3d9a776ea6a42d56dadb448ea6ae4a312a9cdef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80
a9c9571124029c6d658746dfa8ceb343fa8ac6f3ae12c1a802e440aa62e3addf
aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8
b52f13a8f4055af891ff31a1b3eee8784d8969bd6d3198a7fdf1b5226df37d3f
b6a08f44776cab60ac7867d762ecf4381a88b981a8c64356b174bd15e826f1ce
c05ee7e674ba68754f3ebf4cfc633062c6cb5389cf11df71e7aa2bd412680a5a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd384b85a0e9f1b38dee5544ee36176f10be40d9630b5f0cae28e66f03c2bcbd
d17702a53aab39abb82723951994a882548cbfa73257b1d31e4ddcc31ee9c599
dfe3f9ee2fead943760b6e9c376005d3a764c066dd711b543501d8af6bbd7aaf
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e6f3289aa62c98d3a305a69be17bca9fa1875b6535ab08da69542cb203cbf7f4
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545

tumoutounews.com Open in urlscan Pro 156.67.212.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

94 %IPv6

12 Domains

19 Subdomains

19 IPs

2 Countries

2579 kBTransfer

4025 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tumoutounews.com Open in urlscan Pro
156.67.212.72 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

94 %
IPv6

12
Domains

19
Subdomains

19
IPs

2
Countries

2579 kB
Transfer

4025 kB
Size

6
Cookies

98 HTTP transactions
2 data transactions