www.newswit.com Open in urlscan Pro
203.146.102.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Submission: On April 27 via manual (April 27th 2020, 6:05:55 am UTC) from JP

Summary HTTP 40 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 40 HTTP transactions. The main IP is 203.146.102.48, located in Thailand and belongs to CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH. The main domain is www.newswit.com.

This is the only time www.newswit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	203.146.102.48 203.146.102.48	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	203.150.94.47 203.150.94.47	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4 8	209.58.183.203 209.58.183.203	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
6	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	27.254.161.233 27.254.161.233	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
2	2606:4700:10:... 2606:4700:10::6816:22f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.36.195.209 54.36.195.209	16276 (OVH) (OVH)
2	209.58.183.204 209.58.183.204	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
40	14

8 203.146.102.48 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

www.newswit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.150.94.47 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 47.94.150.203.sta.inet.co.th

hits.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lvs.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.58.183.203 (Singapore, Singapore) 4 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

www.yengo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.254.161.233 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

css.yengo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:22f4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.yengo.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.195.209 (France)

ASN16276 (OVH, FR)
PTR: ip209.ip-54-36-195.eu

yngth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.183.204 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

st.yengo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	yengo.com 4 redirects www.yengo.com css.yengo.com st.yengo.com	15 KB
8	newswit.com www.newswit.com	231 KB
7	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	32 KB
5	facebook.com www.facebook.com
4	gstatic.com fonts.gstatic.com	61 KB
2	yengo.asia cdn.yengo.asia	56 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	truehits.in.th hits.truehits.in.th lvs.truehits.in.th	8 KB
2	facebook.net connect.facebook.net	114 KB
1	yngth.net yngth.net	5 KB
1	googleapis.com fonts.googleapis.com	646 B
40	11

	Domain	Requested by
8	www.yengo.com	4 redirects www.newswit.com
8	www.newswit.com	www.newswit.com
6	platform.twitter.com	www.newswit.com platform.twitter.com
5	www.facebook.com	connect.facebook.net
4	fonts.gstatic.com	www.newswit.com
2	st.yengo.com	platform.twitter.com www.yengo.com
2	cdn.yengo.asia	www.newswit.com
2	www.google-analytics.com	www.newswit.com
2	connect.facebook.net	www.newswit.com connect.facebook.net
1	syndication.twitter.com	1 redirects
1	yngth.net	platform.twitter.com
1	css.yengo.com	www.yengo.com
1	lvs.truehits.in.th	www.newswit.com
1	hits.truehits.in.th	www.newswit.com
1	fonts.googleapis.com	www.newswit.com
40	15

This site contains links to these domains. Also see Links.

Domain
truehits.net
www.thaipr.net
code.yengo.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.yengo.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-14` - `2021-04-27`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Frame ID: 1ABA689DEBA716AED27680304620EAEE
Requests: 33 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fwww.newswit.com
Frame ID: 84892161B71C0B648FAD3640C99C29C1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dff286bfeaef944%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&layout=button_count&locale=en_US&sdk=joey&show_faces=false
Frame ID: 09A075D7127BF0BD1349B5657DADA556
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df33370dfcf6266%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&locale=en_US&sdk=joey&type=button_count
Frame ID: 0EDCC3B48FB774491C69D06BA087A163
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df26c8c18654168%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&layout=button_count&locale=en_US&sdk=joey&show_faces=false
Frame ID: 1495D057CD233AD62D1EDCDB72789DD4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df37a9efe59686f8%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&locale=en_US&sdk=joey&type=button_count
Frame ID: A22E90560D230524B47C4F5FC1D7AF57
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Frame ID: 231A54DE4D6C0F1EA541DA8187132CB5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Frame ID: 44D8E9FB61DA6ED68B536E7B1849CDC8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 4524FC4D36B6BD199138CD1AD8B2D46D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

40
Requests

63 %
HTTPS

43 %
IPv6

11
Domains

15
Subdomains

14
IPs

6
Countries

537 kB
Transfer

945 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=newswit

Search URL Search Domain Scan URL

URL: http://www.thaipr.net/submit-press-release
Title: ฝากข่าวประชาสัมพันธ์

Search URL Search Domain Scan URL

URL: https://code.yengo.com/click/?x=T-QiBI92krmWLOW7qm9U4jdU0cpsT56D30w82eBaNhalZNQan6g1ouj4XMPLyJPKlV-6I8b8_maM91CfzulJeOKc0ZDrdzaL6wDEiBqv8W5p94j3p1QuDdfK-cegNkMk2kVYykUNgY1xSTfaYfNStTP5WLKejyYE-Tg8JD72OqalECIxRxg55u4mpf8hBVQMkopHfUm9T4e5KrScwqo--WBJsISDSVTiPgVNaACkkNZU5b2Fk4HchC_GzwC2bhGF2RhDwHcl3_s
Title: ทึ่ง! สาวอัจฉริยะพบทางแก้ "หลุมสิว"

Search URL Search Domain Scan URL

URL: https://code.yengo.com/click/?x=AXvDURw0pouk4U7vTMciTG6J3HQ6D5pf7R_o8n7Hy-g0jNJQTxAFC8Yv0eEZW5-D7ue9rpGfX0JZsmydJg-4vOzx2zdSd5WJuWGCsSqDjdmCkw0zmpPHeeFnDGx02ZAbyFg8_cdm_OFBALV5xN4OEVIozv9e30n6JLtu2ZA_KGwYgfqScfNEHAWdSY80atXcg241cqLFMF7kfdG3SBbrzDGScOBtI5A41cJ9hzwZ9wx13C6jec8X2TTlbGMGC1Px_Rym1xKhi5QVZP6n1voNHM-ObH51n3AF2a2SGlGDT7zCdsvC6eTyrnwZFb6AF2xG65ZuMDrgMbOCnml7K-KGEYPXpN9U8Dh5wsVMgd56VKMFMCu13R7jk8_Q_pxt5mUK3n-Ck9H5Lvy1uwQeVYlcvZa5gsJmfU_R_6jErbyuwVU
Title: อย่ารอ! ให้ผมหมดหัว เคล็ดลับสุดยอด! จอนนี่เผยวิธีลดปัญหาผมบาง ศีรษะล้านที่ได้ผล Sponsor อ่านต่อ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 4

http://www.yengo.com/show.cgi?adp=85900&div=DIV_YNG_85900 HTTP 301
https://www.yengo.com/show.cgi?adp=85900&div=DIV_YNG_85900

Request Chain 7

http://www.yengo.com/show.cgi?adp=85901&div=DIV_YNG_85901 HTTP 301
https://www.yengo.com/show.cgi?adp=85901&div=DIV_YNG_85901

Request Chain 12

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 17

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=924672066&utmhn=www.newswit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attackers%20Taking%20Advantage%20of%20the%20COVID-19&utmhid=771798914&utmr=-&utmp=%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&utmht=1587967519985&utmac=UA-10370651-1&utmcc=__utma%3D124642965.329555312.1587967520.1587967520.1587967520.1%3B%2B__utmz%3D124642965.1587967520.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=943978523&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=924672066&utmhn=www.newswit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attackers%20Taking%20Advantage%20of%20the%20COVID-19&utmhid=771798914&utmr=-&utmp=%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&utmht=1587967519985&utmac=UA-10370651-1&utmcc=__utma%3D124642965.329555312.1587967520.1587967520.1587967520.1%3B%2B__utmz%3D124642965.1587967520.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=943978523&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 19

http://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599 HTTP 301
https://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599

Request Chain 25

http://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232 HTTP 301
https://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232

Request Chain 39

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/ 39 KB
13 KB 561ms
492ms Document
text/html 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: ac6adf8a669e4005fb4def8b589e5ebdcaaf37bbffa6bf28b1b7ca781a4b2ed0

Request headers

Host: www.newswit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Powered-By: PHP/5.3.28
Content-Type: text/html; charst=UTF-8
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Mon, 27 Apr 2020 06:05:18 GMT
Accept-Ranges: bytes
Server: LiteSpeed

GET
H/1.1 200
OK jquery.full.tools.min.js Show response
www.newswit.com/static/img/ 116 KB
116 KB 401ms
389ms Script
text/javascript 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.newswit.com/static/img/jquery.full.tools.min.js?v=1291351879
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: 945853ddc0a7d9c5770c669f5e7bd2bcb66cc187848e624f1baab8cc1f1e0784

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Mon, 27 Apr 2020 06:05:18 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.3.28
Content-Type: text/javascript
Cache-Control: must-revalidate
Accept-Ranges: bytes
Content-Length: 118695
Expires: Thu, 25 Apr 2030 06:05:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
646 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mali:400,700

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8dc874d5028e6ef65c0c976c3881a05a4fdf0c436cdb744dc2aee12358ab9ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 06:05:18 GMT
server: ESF
date: Mon, 27 Apr 2020 06:05:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Apr 2020 06:05:18 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36ddb47b0405733a25872863ad4dc1ce4eaa845d6c0540e583ff2e34b82108ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Egj8u2uTJW8srjPNp4cKeA==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "05b5278f5b6a738e95212f1ab1402f9f"
x-fb-debug: yYENqwSsIqLfJUaQHKBj3b60wUV0ndcS/j8OBa2i5GISSHIo2W6Xgv89CTLOTEUrRc7eYw6dhyTT+/IEv0V/kw==
x-fb-trip-id: 2047048586
x-fb-content-md5: 55cc273dd7eb389c8682270c68abc09a
x-frame-options: DENY
date: Mon, 27 Apr 2020 06:05:18 GMT, Mon, 27 Apr 2020 06:05:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Apr 2020 06:10:26 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK q0027572.js Show response
hits.truehits.in.th/data/ 8 KB
8 KB 1525ms
1513ms Script
application/x-javascript 203.150.94.47
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: http://hits.truehits.in.th/data/q0027572.js
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.150.94.47 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 47.94.150.203.sta.inet.co.th
Software: lighttpd /
Resource Hash: 889c57dd16cca233c848f64c7e7481ebf03d57b9220f27702806c45ec3a07317

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:19 GMT
Last-Modified: Mon, 27 Apr 2020 06:05:00 GMT
Server: lighttpd
P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control: max-age=180
Content-Type: application/x-javascript
Content-Length: 7783
Expires: Mon, 27 Apr 2020 6:08:19 GMT

GET
H2

200

show.cgi Show response
www.yengo.com/
Redirect Chain

http://www.yengo.com/show.cgi?adp=85900&div=DIV_YNG_85900
https://www.yengo.com/show.cgi?adp=85900&div=DIV_YNG_85900

342 B
645 B

527ms
177ms

Script
application/x-javascript

209.58.183.203
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yengo.com/show.cgi?adp=85900&div=DIV_YNG_85900
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.58.183.203 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1a571ba3769d267e45c73e6314bc37a7d180ea82dbb1b7c57b4f7c583ab420ff

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:19 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 342

Redirect headers

Date: Mon, 27 Apr 2020 06:05:18 GMT
Server: nginx/1.16.0
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Location: https://www.yengo.com/show.cgi?adp=85900&div=DIV_YNG_85900
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 169

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 38ms
25ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:18 GMT
Content-Encoding: gzip
X-Cache: HIT, HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 29121
X-Served-By: cache-bwi5144-BWI, cache-hhn4043-HHN
Last-Modified: Tue, 07 Apr 2020 20:48:50 GMT
Etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
TW-CDN: FT

GET
H/1.1 200
OK 148f2fc337c76428979ccfa2f98e704f-0.jpg
www.newswit.com/thm/300x250f/2020/04/21/ 22 KB
22 KB 202ms
200ms Image
image/jpeg 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.newswit.com/thm/300x250f/2020/04/21/148f2fc337c76428979ccfa2f98e704f-0.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 25f89806c2490c1553445696e6954758de1f19929098753c7a4c11f4156ab03f

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Last-Modified: Tue, 21 Apr 2020 07:59:39 GMT
Server: LiteSpeed
ETag: "5834-5e9ea7eb-70f3584d25a87248"
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 22580
Expires: Mon, 04 May 2020 06:05:20 GMT

GET
H2

200

show.cgi Show response
www.yengo.com/
Redirect Chain

http://www.yengo.com/show.cgi?adp=85901&div=DIV_YNG_85901
https://www.yengo.com/show.cgi?adp=85901&div=DIV_YNG_85901

341 B
643 B

175ms
174ms

Script
application/x-javascript

209.58.183.203
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yengo.com/show.cgi?adp=85901&div=DIV_YNG_85901
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.58.183.203 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 74289e6171cd3ca87cbabeb05fa4e70cb85a013ffd88524082d4e59e91fad5dc

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:20 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 341

Redirect headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: nginx/1.16.0
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://www.yengo.com/show.cgi?adp=85901&div=DIV_YNG_85901
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 169

GET
H/1.1 200
OK 148f2fc337c76428979ccfa2f98e704f-0.jpg
www.newswit.com/thm/300x0/2020/04/21/ 29 KB
29 KB 271ms
269ms Image
image/jpeg 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.newswit.com/thm/300x0/2020/04/21/148f2fc337c76428979ccfa2f98e704f-0.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: 3577768e8c5d374ec1c05c368ae087333608451c3d42ccf76e5213ce4d844a2f

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.3.28
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Expires: Mon, 04 May 2020 06:05:20 GMT

GET
H/1.1 200
OK 148f2fc337c76428979ccfa2f98e704f-1.jpg
www.newswit.com/thm/300x0/2020/04/21/ 12 KB
12 KB 454ms
441ms Image
image/jpeg 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.newswit.com/thm/300x0/2020/04/21/148f2fc337c76428979ccfa2f98e704f-1.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: ce64da10d9e834b5b837baaebf11761c8e0db3f20b13b572490f607d77593e6c

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.3.28
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Expires: Mon, 04 May 2020 06:05:20 GMT

GET
H/1.1 200
OK 148f2fc337c76428979ccfa2f98e704f-2.jpg
www.newswit.com/thm/300x0/2020/04/21/ 4 KB
5 KB 432ms
419ms Image
image/jpeg 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.newswit.com/thm/300x0/2020/04/21/148f2fc337c76428979ccfa2f98e704f-2.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: 664dd326bc0e16cdfc7e2b761f9bf8ad4b2473cf2f3821b9292bd3e3acb3f946

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.3.28
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 4581
Expires: Mon, 04 May 2020 06:05:20 GMT

GET
H/1.1 200
OK 148f2fc337c76428979ccfa2f98e704f-3.jpg
www.newswit.com/thm/300x0/2020/04/21/ 32 KB
32 KB 449ms
437ms Image
image/jpeg 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.newswit.com/thm/300x0/2020/04/21/148f2fc337c76428979ccfa2f98e704f-3.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: 1caedeb9d9909562226c4bc567047f135655fced1de7fbe424b08d91a196768d

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.3.28
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Expires: Mon, 04 May 2020 06:05:20 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

10ms
6ms

Script
text/javascript

2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1932
date: Mon, 27 Apr 2020 05:33:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17168
expires: Mon, 27 Apr 2020 07:33:07 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 387 KB
112 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=4f7f0073eea87b13b95672b8095a960b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db6f084a1c1be8ed235f024cb36303b2d7ee98d6d0b9d0e275d13cb845204585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Origin: http://www.newswit.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rR5B+wlHqSCGlTFhyCRcNg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114465
etag: "19b6466f820df39e7a0f1c4033425082"
x-fb-debug: qdaYj15anEngoCktmgkab14QtysKQDbczlTZALsl7HysvAH02Ka1Nf3gLuJnrw/+PJZ/ZeqaupUyIB4gfnjrig==
x-fb-trip-id: 1850256238
x-fb-content-md5: c2b8dec6473574c87e14275873b86c6b
x-frame-options: DENY
date: Mon, 27 Apr 2020 06:05:19 GMT, Mon, 27 Apr 2020 06:05:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 27 Apr 2021 05:50:26 GMT

GET
H2 200 N0bV2SRONuN4QJbhGlNQJPTVkdc.woff2
fonts.gstatic.com/s/mali/v3/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mali/v3/N0bV2SRONuN4QJbhGlNQJPTVkdc.woff2

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01eb897bca875a51600a913705efbba44787a6d632982e6037926f7e3f00d134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Mali:400,700
Origin: http://www.newswit.com

Response headers

date: Tue, 14 Apr 2020 21:24:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:46:27 GMT
server: sffe
age: 1068058
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 16912
x-xss-protection: 0
expires: Wed, 14 Apr 2021 21:24:21 GMT

GET
H2 200 N0bV2SRONuN4QJbhGkdQJPTVkdfpYA.woff2
fonts.gstatic.com/s/mali/v3/ 14 KB
14 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mali/v3/N0bV2SRONuN4QJbhGkdQJPTVkdfpYA.woff2

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda3eca43981224aff2350c903998d9f28c6b11c5e564bcedd0dbdb88aaa89ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Mali:400,700
Origin: http://www.newswit.com

Response headers

date: Sat, 11 Apr 2020 09:46:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:50:20 GMT
server: sffe
age: 1369139
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13900
x-xss-protection: 0
expires: Sun, 11 Apr 2021 09:46:20 GMT

GET
H2 200 N0ba2SRONuN4SC3ED35yKd4.woff2
fonts.gstatic.com/s/mali/v3/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mali/v3/N0ba2SRONuN4SC3ED35yKd4.woff2

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72962c248e30d13b581d1046438f9ed051f77ab490d7d00df65e16a2b3f37599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Mali:400,700
Origin: http://www.newswit.com

Response headers

date: Mon, 06 Apr 2020 21:30:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:45:57 GMT
server: sffe
age: 1758875
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
expires: Tue, 06 Apr 2021 21:30:44 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=924672066&utmhn=www.newswit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attack...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=924672066&utmhn=www.newswit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attac...

35 B
111 B

14ms
13ms

Image
image/gif

2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=924672066&utmhn=www.newswit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attackers%20Taking%20Advantage%20of%20the%20COVID-19&utmhid=771798914&utmr=-&utmp=%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&utmht=1587967519985&utmac=UA-10370651-1&utmcc=__utma%3D124642965.329555312.1587967520.1587967520.1587967520.1%3B%2B__utmz%3D124642965.1587967520.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=943978523&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 06:05:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=924672066&utmhn=www.newswit.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attackers%20Taking%20Advantage%20of%20the%20COVID-19&utmhid=771798914&utmr=-&utmp=%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&utmht=1587967519985&utmac=UA-10370651-1&utmcc=__utma%3D124642965.329555312.1587967520.1587967520.1587967520.1%3B%2B__utmz%3D124642965.1587967520.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=943978523&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK goggen.php
lvs.truehits.in.th/ 91 B
402 B 487ms
475ms Image
image/jpeg 203.150.94.47
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lvs.truehits.in.th/goggen.php?hc=q0027572&rand=924672&bv=0&rf=bookmark&test=TEST&web=/BwbsS0rDFGpKE2OOWQHaw%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=F2A6B68C.1&fp=d&fv=-&truehitspage=story&truehitsurl=http%3a//www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: HTTP/1.1
Server: 203.150.94.47 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 47.94.150.203.sta.inet.co.th
Software: lighttpd /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: lighttpd
P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Transfer-Encoding: chunked
Content-type: image/jpeg

GET
H2

200

85900.js Show response
www.yengo.com/data/
Redirect Chain

http://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599
https://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599

996 B
1 KB

179ms
178ms

Script
application/x-javascript

209.58.183.203
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.58.183.203 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9523295af8b651c86606848a05dae73ee4742c0ceec836a328f5dea64c36feba

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:20 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: application/x-javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 996

Redirect headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: nginx/1.16.0
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 169

GET
H2 200 N0ba2SRONuN4SDnED35yKd7vmA.woff2
fonts.gstatic.com/s/mali/v3/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mali/v3/N0ba2SRONuN4SDnED35yKd7vmA.woff2

Requested by

Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e90d369d44fda0da0d77320da65d5782c046c2663bbdf3391770af13cbc48acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Mali:400,700
Origin: http://www.newswit.com

Response headers

date: Sat, 28 Mar 2020 07:25:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:50:08 GMT
server: sffe
age: 2587194
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14504
x-xss-protection: 0
expires: Sun, 28 Mar 2021 07:25:26 GMT

GET
H/1.1 200
OK std728x90.css
css.yengo.com/ 2 KB
2 KB 419ms
395ms Stylesheet
text/css 27.254.161.233
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: http://css.yengo.com/std728x90.css?id=85900&cols=1&tf=Tahoma&tw=normal&ts=inherit&tc=rgb(64,64,64)
Requested by: Host: www.yengo.com
URL: https://www.yengo.com/data/85900.js?nnn=85900&div=DIV_YNG_85900&t=0.752261676824599
Protocol: HTTP/1.1
Server: 27.254.161.233 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: nginx/1.6.2 /
Resource Hash: a4e83af041a2d4c510e2c80998a11595fca91908903f33fe71550958d292a8a7

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Server: nginx/1.6.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8

GET
H2 200 1085909.jpg
cdn.yengo.asia/cdn/images/90x90/09/ 5 KB
6 KB 37ms
21ms Image
image/jpeg 2606:4700:10::6816:22f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.yengo.asia/cdn/images/90x90/09/1085909.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:22f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f323806fd5211a140d6d61d08bcad3fa2848e82d09391abbd06bd15e4eb70e7d

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:20 GMT
cf-cache-status: HIT
age: 2415522
cf-polished: origSize=5669, status=webp_bigger
status: 200
access-control-max-age: 1728000
content-length: 5194
cf-request-id: 025bd686ef0000c303cf04e200000001
last-modified: Fri, 28 Feb 2020 09:03:38 GMT
server: cloudflare
etag: "5e58d76a-1625"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 29 Apr 2020 07:06:38 GMT
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 58a659eb1d83c303-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100

GET
H/1.1 200
OK bg72890.png
yngth.net/img/ 4 KB
5 KB 58ms
25ms Image
image/png 54.36.195.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yngth.net/img/bg72890.png
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 54.36.195.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-54-36-195.eu
Software: nginx/1.10.3 /
Resource Hash: f3432a7315b680b536ea84c6508c9abf4e5295884374ea3c770f5422ab4d7e6f

Request headers

Referer: http://css.yengo.com/std728x90.css?id=85900&cols=1&tf=Tahoma&tw=normal&ts=inherit&tc=rgb(64,64,64)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:20 GMT
Last-Modified: Fri, 24 Mar 2017 07:21:44 GMT
Server: nginx/1.10.3
ETag: "58d4c908-11df"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4575

GET
H/1.1 200
OK logo.png
st.yengo.com/yengo/img/widgets/ 2 KB
2 KB 358ms
336ms Image
image/png 209.58.183.204
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.yengo.com/yengo/img/widgets/logo.png
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 209.58.183.204 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 74431610c07f39c9e9443e563412f6d80af1f1d626256609385b7647e302b645

Request headers

Referer: http://css.yengo.com/std728x90.css?id=85900&cols=1&tf=Tahoma&tw=normal&ts=inherit&tc=rgb(64,64,64)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:21 GMT
Last-Modified: Mon, 29 Oct 2018 10:19:41 GMT
Server: nginx/1.16.0
ETag: "5bd6debd-75f"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1887
Expires: Mon, 11 May 2020 06:05:21 GMT

GET
H2

200

85901.js Show response
www.yengo.com/data/
Redirect Chain

http://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232
https://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232

2 KB
2 KB

178ms
178ms

Script
application/x-javascript

209.58.183.203
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.58.183.203 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7baa7d15afcc57844c21a802c0b62f678e27fef696d8335ba52ecf26fe820a8e

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:21 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: application/x-javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2010

Redirect headers

Date: Mon, 27 Apr 2020 06:05:21 GMT
Server: nginx/1.16.0
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 169

GET
H/1.1 200
OK yengo-anim2.css
st.yengo.com/css/widgets/ 13 KB
3 KB 180ms
174ms Stylesheet
text/css 209.58.183.204
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: http://st.yengo.com/css/widgets/yengo-anim2.css
Requested by: Host: www.yengo.com
URL: https://www.yengo.com/data/85901.js?nnn=85901&div=DIV_YNG_85901&t=0.77867502478232
Protocol: HTTP/1.1
Server: 209.58.183.204 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3da72d3eba2c49471dfdd77737d5318ce52e4f889c1cdf52871e3445fed16ee4

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 06:05:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Oct 2018 10:19:39 GMT
Server: nginx/1.16.0
ETag: W/"5bd6debb-341f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 11 May 2020 06:05:21 GMT

GET
H2 200 967443.jpg
cdn.yengo.asia/cdn/images/300x300/43/ 50 KB
50 KB 15ms
15ms Image
image/jpeg 2606:4700:10::6816:22f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.yengo.asia/cdn/images/300x300/43/967443.jpg
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:22f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4651ecc846ffbd6c9d277ea01ee77e32c6ad1731bb073893fca53db57f8aa12

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:21 GMT
cf-cache-status: HIT
age: 187476
cf-polished: origSize=54267, status=webp_bigger
status: 200
access-control-max-age: 1728000
content-length: 50850
cf-request-id: 025bd689ed0000c303cf06d200000001
last-modified: Mon, 21 Oct 2019 10:45:46 GMT
server: cloudflare
etag: "5dad8c5a-d3fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 25 May 2020 02:00:45 GMT
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 58a659efef56c303-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06ec46ab2851d97559a92d0b2956068f5a78857f24b040a9cc088c0c41e64b26

Request headers

Referer: http://st.yengo.com/css/widgets/yengo-anim2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK ad-bg.png
www.newswit.com/static/img/ 769 B
1 KB 199ms
199ms Image
image/png 203.146.102.48
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.newswit.com/static/img/ad-bg.png
Requested by: Host: www.newswit.com
URL: http://www.newswit.com/static/img/jquery.full.tools.min.js?v=1291351879
Protocol: HTTP/1.1
Server: 203.146.102.48 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: LiteSpeed / PHP/5.3.28
Resource Hash: 07e429421e4abc59fa3fb43c5c82ad371a2cd13ba05206b01547c9869de950fb

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Mon, 27 Apr 2020 06:05:21 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.3.28
Content-Type: image/png
Cache-Control: must-revalidate
Accept-Ranges: bytes
Content-Length: 769
Expires: Thu, 25 Apr 2030 06:05:21 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 33ms
33ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=174348545934187&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4f7f0073eea87b13b95672b8095a960b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.newswit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: QrmEansZka+B9TePwJMT5iKCUdxD34oRMN3SCvdBlLGuIhj/NT8P0e3FeOkKUKy8Lt0anQxIuxXfZ1k/d932Hw==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Mon, 27 Apr 2020 06:05:21 GMT, Mon, 27 Apr 2020 06:05:21 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.newswit.com
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame 8489 0
0 60ms
19ms Document
text/html 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fwww.newswit.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fwww.newswit.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:47:48 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 06:05:21 GMT
x-served-by: cache-bwi5142-BWI, cache-hhn4038-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 09A0 0
0 58ms
58ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dff286bfeaef944%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&layout=button_count&locale=en_US&sdk=joey&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4f7f0073eea87b13b95672b8095a960b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dff286bfeaef944%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&layout=button_count&locale=en_US&sdk=joey&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: RQPDsalE1ug1URE417N76AYvsXn56UV0k0IzALIxVMNZOOpRr/BmDQZiBXzxvUJF6Uei6lFqsp6ksnlTJxTolQ==
date: Mon, 27 Apr 2020 06:05:21 GMT Mon, 27 Apr 2020 06:05:21 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 0EDC 0
0 51ms
50ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df33370dfcf6266%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&locale=en_US&sdk=joey&type=button_count

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4f7f0073eea87b13b95672b8095a960b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df33370dfcf6266%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&locale=en_US&sdk=joey&type=button_count
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: lDX6Frv/Uqg4f7rQGArdv7PeA7LQ/PdzbDr4cSwDFv8rqYU8pmKl5cY+Pi41vo09WiRYqbeK0lPOVfAGVnTy0g==
date: Mon, 27 Apr 2020 06:05:21 GMT Mon, 27 Apr 2020 06:05:21 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 1495 0
0 66ms
66ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df26c8c18654168%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&layout=button_count&locale=en_US&sdk=joey&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4f7f0073eea87b13b95672b8095a960b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df26c8c18654168%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&layout=button_count&locale=en_US&sdk=joey&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: pGkKMQEFJ39vswFDqs6MeZ04PZju+ieacxWKG0q6Wt2zBbgi3O48T5eGmGFllOdZnG6R5j/rXtJTGLgsJ54RYA==
date: Mon, 27 Apr 2020 06:05:21 GMT Mon, 27 Apr 2020 06:05:21 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame A22E 0
0 65ms
65ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df37a9efe59686f8%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&locale=en_US&sdk=joey&type=button_count

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4f7f0073eea87b13b95672b8095a960b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=174348545934187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df37a9efe59686f8%26domain%3Dwww.newswit.com%26origin%3Dhttp%253A%252F%252Fwww.newswit.com%252Ff1a84bbaf0c0d5%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.newswit.com%2F.it%2F2020-04-21%2F148f2fc337c76428979ccfa2f98e704f%2F&locale=en_US&sdk=joey&type=button_count
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: L6yoTTG8qC/VOr7hjYbEvQLeqF0UC++B25/Ha4pU+jnIog8VBEriMz2CasLirpESAM6HgdOmcr4AW4+KJXHRow==
date: Mon, 27 Apr 2020 06:05:21 GMT Mon, 27 Apr 2020 06:05:21 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 button.93a0c25c2d2f3081c705c98c2d9dec0e.js Show response
platform.twitter.com/js/ 7 KB
2 KB 20ms
19ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.93a0c25c2d2f3081c705c98c2d9dec0e.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169

Request headers

Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 06:05:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2298
x-served-by: cache-bwi5141-BWI, cache-hhn4038-HHN
last-modified: Tue, 07 Apr 2020 20:47:38 GMT
etag: "0745fc0bb127ba13d716d66761b4628d+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet_button.6787510241df65d128e2b60207ad4c25.en.html
platform.twitter.com/widgets/ Frame 231A 0
0 21ms
20ms Document
text/html 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:47:45 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "19c3039cfd5675cf5859e70ff1c2f6e3+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 06:05:21 GMT
x-served-by: cache-bwi5149-BWI, cache-hhn4038-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12395

GET
H2 200 tweet_button.6787510241df65d128e2b60207ad4c25.en.html
platform.twitter.com/widgets/ Frame 44D8 0
0 20ms
20ms Document
text/html 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f/

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:47:45 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "19c3039cfd5675cf5859e70ff1c2f6e3+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 06:05:21 GMT
x-served-by: cache-bwi5149-BWI, cache-hhn4038-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12395

GET
H2

200

jot.html
platform.twitter.com/ Frame 4524
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

19ms
19ms

Document
text/html

151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://www.newswit.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:48:49 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 06:05:21 GMT
x-served-by: cache-bwi5145-BWI, cache-hhn4038-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 27 Apr 2020 06:05:21 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 27 Apr 2020 06:05:21 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 93939b945cc7de0952df2b9687688243
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 103
x-transaction: 00289ca10061a4c5
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newswit.com/	1969-12-31 23:59:59	Name: _cbclose35226 Value: 1
.newswit.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.newswit.com/	1970-01-19 09:06:08	Name: _ctout35226 Value: 1
.newswit.com/	1970-01-19 13:28:55	Name: __utmz Value: 124642965.1587967520.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.newswit.com/	1970-01-25 20:29:45	Name: _uid35226 Value: F2A6B68C.1
.newswit.com/	1970-01-20 02:37:19	Name: __utma Value: 124642965.329555312.1587967520.1587967520.1587967520.1
.newswit.com/	1969-12-31 23:59:59	Name: __utmc Value: 124642965
.newswit.com/	1970-01-19 09:06:09	Name: __utmb Value: 124642965.1.10.1587967520
.newswit.com/	1970-01-19 09:06:08	Name: __utmt Value: 1
www.newswit.com/.it/2020-04-21/148f2fc337c76428979ccfa2f98e704f	1969-12-31 23:59:59	Name: verify Value: test

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.yengo.asia
connect.facebook.net
css.yengo.com
fonts.googleapis.com
fonts.gstatic.com
hits.truehits.in.th
lvs.truehits.in.th
platform.twitter.com
st.yengo.com
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.newswit.com
www.yengo.com
yngth.net
104.244.42.72
151.101.112.157
203.146.102.48
203.150.94.47
209.58.183.203
209.58.183.204
2606:4700:10::6816:22f4
27.254.161.233
2a00:1450:4001:801::2003
2a00:1450:4001:815::200a
2a00:1450:4001:81d::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.36.195.209
01eb897bca875a51600a913705efbba44787a6d632982e6037926f7e3f00d134
06ec46ab2851d97559a92d0b2956068f5a78857f24b040a9cc088c0c41e64b26
07e429421e4abc59fa3fb43c5c82ad371a2cd13ba05206b01547c9869de950fb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a571ba3769d267e45c73e6314bc37a7d180ea82dbb1b7c57b4f7c583ab420ff
1caedeb9d9909562226c4bc567047f135655fced1de7fbe424b08d91a196768d
25f89806c2490c1553445696e6954758de1f19929098753c7a4c11f4156ab03f
3577768e8c5d374ec1c05c368ae087333608451c3d42ccf76e5213ce4d844a2f
36ddb47b0405733a25872863ad4dc1ce4eaa845d6c0540e583ff2e34b82108ee
3da72d3eba2c49471dfdd77737d5318ce52e4f889c1cdf52871e3445fed16ee4
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
664dd326bc0e16cdfc7e2b761f9bf8ad4b2473cf2f3821b9292bd3e3acb3f946
72962c248e30d13b581d1046438f9ed051f77ab490d7d00df65e16a2b3f37599
74289e6171cd3ca87cbabeb05fa4e70cb85a013ffd88524082d4e59e91fad5dc
74431610c07f39c9e9443e563412f6d80af1f1d626256609385b7647e302b645
7baa7d15afcc57844c21a802c0b62f678e27fef696d8335ba52ecf26fe820a8e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
889c57dd16cca233c848f64c7e7481ebf03d57b9220f27702806c45ec3a07317
8dc874d5028e6ef65c0c976c3881a05a4fdf0c436cdb744dc2aee12358ab9ac9
945853ddc0a7d9c5770c669f5e7bd2bcb66cc187848e624f1baab8cc1f1e0784
9523295af8b651c86606848a05dae73ee4742c0ceec836a328f5dea64c36feba
a4e83af041a2d4c510e2c80998a11595fca91908903f33fe71550958d292a8a7
ac6adf8a669e4005fb4def8b589e5ebdcaaf37bbffa6bf28b1b7ca781a4b2ed0
b4651ecc846ffbd6c9d277ea01ee77e32c6ad1731bb073893fca53db57f8aa12
cda3eca43981224aff2350c903998d9f28c6b11c5e564bcedd0dbdb88aaa89ff
ce64da10d9e834b5b837baaebf11761c8e0db3f20b13b572490f607d77593e6c
cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169
db6f084a1c1be8ed235f024cb36303b2d7ee98d6d0b9d0e275d13cb845204585
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
e90d369d44fda0da0d77320da65d5782c046c2663bbdf3391770af13cbc48acc
f323806fd5211a140d6d61d08bcad3fa2848e82d09391abbd06bd15e4eb70e7d
f3432a7315b680b536ea84c6508c9abf4e5295884374ea3c770f5422ab4d7e6f

www.newswit.com Open in urlscan Pro 203.146.102.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

63 %HTTPS

43 %IPv6

11 Domains

15 Subdomains

14 IPs

6 Countries

537 kBTransfer

945 kBSize

10 Cookies

4 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newswit.com Open in urlscan Pro
203.146.102.48 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

63 %
HTTPS

43 %
IPv6

11
Domains

15
Subdomains

14
IPs

6
Countries

537 kB
Transfer

945 kB
Size

10
Cookies

40 HTTP transactions
1 data transactions