urlscan.io logo urlscan.io
SecurityTrails logo

newsonlineng.com Open in urlscan Pro
46.101.79.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.newsonlineng.com/
Effective URL: https://newsonlineng.com/
Submission: On March 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 32 domains to perform 253 HTTP transactions. The main IP is 46.101.79.230, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is newsonlineng.com.
TLS certificate: Issued by R3 on January 25th 2021. Valid for: 3 months.
This is the only time newsonlineng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 59 46.101.79.230 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f04... 32934 (FACEBOOK)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 104.19.136.78 13335 (CLOUDFLAR...)
2 192.243.59.12 39572 (ADVANCEDH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2600:9000:206... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20d... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f14... 32934 (FACEBOOK)
1 52.29.155.194 16509 (AMAZON-02)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 42 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.174.194.37 14618 (AMAZON-AES)
7 2600:9000:211... 16509 (AMAZON-02)
1 3 23.37.42.132 16625 (AKAMAI-AS)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
1 104.16.221.74 13335 (CLOUDFLAR...)
2 4 142.250.74.194 15169 (GOOGLE)
2 3 18.203.78.129 16509 (AMAZON-02)
5 5 35.157.168.25 16509 (AMAZON-02)
2 2 18.197.64.250 16509 (AMAZON-02)
1 104.19.216.61 13335 (CLOUDFLAR...)
1 198.148.27.140 19189 (PULSEPOINT)
3 7 69.173.144.139 26667 (RUBICONPR...)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 185.29.133.52 30419 (MEDIAMATH...)
2 2 151.101.114.49 54113 (FASTLY)
1 148.69.64.109 12353 (VODAFONE-...)
253 45
59    46.101.79.230 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 538286.cloudwaysapps.com
www.newsonlineng.com
newsonlineng.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:211e:3600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
15    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
17    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl15984711.topprofitablecpm.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2600:9000:206f:4800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:20d7:9e00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2a03:2880:f145:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.29.155.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
5    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
42    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:20::681a:a75 (United States)

ASN13335 (CLOUDFLARENET, US)
clevernt.com
1    35.174.194.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-194-37.compute-1.amazonaws.com
count-server.sharethis.com
7    2600:9000:211e:2a00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
3    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
1    104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
4    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
3    18.203.78.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-78-129.eu-west-1.compute.amazonaws.com
match.adsrvr.org
5    35.157.168.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-168-25.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.197.64.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-64-250.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt
ui.clevernt.com
Apex Domain
Subdomains		 Transfer
59 newsonlineng.com
www.newsonlineng.com
newsonlineng.com
1 MB
57 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
652 KB
34 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
691 KB
25 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
156 KB
17 mgid.com
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
146 KB
11 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
16 KB
11 sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
l.sharethis.com
count-server.sharethis.com
platform-cdn.sharethis.com
40 KB
8 googleapis.com
fonts.googleapis.com
6 KB
6 googletagservices.com
www.googletagservices.com
195 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 google-analytics.com
www.google-analytics.com
19 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 googletagmanager.com
www.googletagmanager.com
144 KB
2 everesttech.net
sync-tm.everesttech.net
609 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 creativecdn.com
creativecdn.com
ams.creativecdn.com
691 B
2 clevernt.com
clevernt.com
ui.clevernt.com
50 KB
2 google.de
adservice.google.de
2 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 topprofitablecpm.com
pl15984711.topprofitablecpm.com
2 facebook.net
connect.facebook.net
27 KB
1 mathtag.com
sync.mathtag.com
610 B
1 yahoo.com
ads.yahoo.com
444 B
1 rlcdn.com
id.rlcdn.com
66 B
1 contextweb.com
bh.contextweb.com
716 B
1 lentainform.com
cm.lentainform.com
623 B
1 idealmedia.io
cm.idealmedia.io
557 B
1 googleadservices.com
partner.googleadservices.com
646 B
1 facebook.com
www.facebook.com
410 B
1 consensu.org
c.sharethis.mgr.consensu.org
1 KB
1 onesignal.com
cdn.onesignal.com
3 KB
253 32
Domain Requested by
58 newsonlineng.com newsonlineng.com
42 tpc.googlesyndication.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
newsonlineng.com
pagead2.googlesyndication.com
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
17 fonts.gstatic.com fonts.googleapis.com
15 pagead2.googlesyndication.com newsonlineng.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
8 fonts.googleapis.com newsonlineng.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 platform-cdn.sharethis.com newsonlineng.com
7 cm.mgid.com jsc.mgid.com
newsonlineng.com
eus.rubiconproject.com
6 s-img.mgid.com newsonlineng.com
6 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
5 www.gstatic.com googleads.g.doubleclick.net
5 www.google-analytics.com newsonlineng.com
www.google-analytics.com
www.googletagmanager.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 cm.g.doubleclick.net 2 redirects eus.rubiconproject.com
4 www.google.com 3 redirects googleads.g.doubleclick.net
4 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
4 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
3 pixel.rubiconproject.com eus.rubiconproject.com
3 match.adsrvr.org 2 redirects eus.rubiconproject.com
3 stats.g.doubleclick.net www.google-analytics.com
3 www.googletagmanager.com newsonlineng.com
www.googletagmanager.com
2 sync-tm.everesttech.net 2 redirects
2 a.sportradarserving.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 cdn.mgid.com newsonlineng.com
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 pl15984711.topprofitablecpm.com newsonlineng.com
2 connect.facebook.net newsonlineng.com
connect.facebook.net
1 ui.clevernt.com newsonlineng.com
1 sync.mathtag.com 1 redirects
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 bh.contextweb.com newsonlineng.com
1 cm.lentainform.com newsonlineng.com
1 cm.idealmedia.io newsonlineng.com
1 ams.creativecdn.com 1 redirects
1 creativecdn.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 count-server.sharethis.com platform-api.sharethis.com
1 pixel.wp.com newsonlineng.com
1 clevernt.com newsonlineng.com
1 servicer.mgid.com jsc.mgid.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 l.sharethis.com platform-api.sharethis.com
1 www.facebook.com newsonlineng.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com newsonlineng.com
1 cdn.onesignal.com newsonlineng.com
1 jsc.mgid.com newsonlineng.com
1 platform-api.sharethis.com newsonlineng.com
1 www.newsonlineng.com 1 redirects
253 57
Subject Issuer Validity Valid
www.newsonlineng.com
R3		 2021-01-25 -
2021-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
topprofitablecpm.com
R3		 2021-02-06 -
2021-05-07		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2020-05-05 -
2021-06-05		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh

This page contains 20 frames:

Primary Page: https://newsonlineng.com/
Frame ID: 17794B17F1BC536F368C9AAB50AFA805
Requests: 135 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 687525D1CBF4257FBCFCE7116E73D4BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: 2F1FF53A554CEAB099BE9FE1F941580B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&adk=1812271804&adf=3025194257&lmt=1615144118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fnewsonlineng.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615144118756&bpp=21&bdt=608&idt=183&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1271407612497&frm=20&pv=2&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 30740BBC50A21A5619D5469B237F8A03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Frame ID: A56E97257A069F5A02833C46FF89F102
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Frame ID: B0DEF0E73EA3A022F4C8DD1B4A6A39A5
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Frame ID: BF24ED332FA226E5F8EEFBF2D9BFD6D8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Frame ID: 9AA4888ABE48FC5A785D931E31FA9DC1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Frame ID: BE13050C17FE7237912A0F799E4241EE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Frame ID: 67EFE91678AC5CFA5FAE82965DAFB995
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D5031B9129E2A0EF7FC78DFAA29A90B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Frame ID: B877B92B0DE04D01FE9A7298B64F4B61
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Frame ID: 89747EFE5B53DC812DBF43623905B910
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Frame ID: D53FEC29D18574D4FF4E928677981239
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Frame ID: 2FA62219637BE4CDABB4C2F3721A36D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B65DCC627C6A3F3BA65446EF7F9FBE87
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1615144120346553989715
Frame ID: F08142991467E301745A458DB1789515
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2C70D52B931E185A6F3A7F6237136DF8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 6A872DEA7162020EB99A0E9BFAA622C9
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D672A458580C011497A7802718189B91
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.newsonlineng.com/ HTTP 301
    https://newsonlineng.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

253
Requests

98 %
HTTPS

56 %
IPv6

32
Domains

57
Subdomains

45
IPs

7
Countries

3321 kB
Transfer

7707 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.newsonlineng.com/ HTTP 301
    https://newsonlineng.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP_Y-6pAEQsAkYrAIyCEeZNsz28no0 HTTP 301
  • https://tpc.googlesyndication.com/simgad/4960171498127049421
Request Chain 110
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP1qS1ARCQAxiQAzIIzt9_dsx32hU HTTP 301
  • https://tpc.googlesyndication.com/simgad/2893733063639164922
Request Chain 171
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 179
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 180
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=zFq5udUmaTCrcv1Q0ONR&pi=mgid&tc=1
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDI3RVhOa0FmUDhi&muidn=l27EXNkAfP8b HTTP 302
  • https://cm.mgid.com/google?muidn=l27EXNkAfP8b&google_ula={guid},5&google_gid=CAESEOR5UdlI3drdcP5ooeLkkdM&google_cver=1
Request Chain 183
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=53f8eee7-a394-4784-a2dc-decafde43a0d&ttl=1617736120
Request Chain 184
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=24062b17-c2cb-49b0-9bbd-0f5833c6b947&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 186
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l27EXNkAfP8b HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l27EXNkAfP8b HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c
Request Chain 198
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 199
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 208
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=43070&c=KLZJ3W0F-G-5VOJ
Request Chain 210
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmNDRiZTg2N2UyMjI4OWIyMGMwYWNmMTZlMDY2ZWQ4NGQ4MTllYw
Request Chain 212
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLZJ3W0F-G-5VOJ&sigv=1&esig=2~e3724f35ca561b7507beb6c34ed5fbb52fbabb72
Request Chain 213
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaSjNXMEYtRy01Vk9K
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKI8yS1PAl6EUsxkzdzkjv4&google_cver=1
Request Chain 215
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=0e796045-24b9-4600-a8eb-e449d9f21d6d
Request Chain 216
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YEUkuQAAAIXBtDoG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEUkuQAAAIXBtDoG&_test=YEUkuQAAAIXBtDoG

253 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsonlineng.com/
Redirect Chain
  • https://www.newsonlineng.com/
  • https://newsonlineng.com/
753 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
a54833ccf77624d1aa2beb1461da6c2e8f81db546a78dce3adbc1adbd351025b

Request headers

:method
GET
:authority
newsonlineng.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sun, 07 Mar 2021 19:08:38 GMT
content-type
text/html; charset=UTF-8
link
<https://newsonlineng.com/wp-json/>; rel="https://api.w.org/", <https://newsonlineng.com/wp-json/wp/v2/pages/456>; rel="alternate"; type="application/json", <https://newsonlineng.com/>; rel=shortlink
vary
X-Forwarded-Proto,Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sun, 07 Mar 2021 19:08:36 GMT

Redirect headers

server
nginx
date
Sun, 07 Mar 2021 19:08:36 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://newsonlineng.com/
x-redirect-by
WordPress
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=0
expires
Sun, 07 Mar 2021 19:08:36 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3962
date
Sun, 07 Mar 2021 18:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sun, 07 Mar 2021 20:02:36 GMT
style.min.css
newsonlineng.com/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 21:14:30 GMT
server
nginx
etag
W/"60341eb6-c88a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
mu-style.css
newsonlineng.com/wp-content/plugins/sharethis-share-buttons/css/ 		26 B
228 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.6.2
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:09:43 GMT
server
nginx
etag
W/"600e2867-1a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
style.css
newsonlineng.com/wp-content/plugins/td-composer/td-multi-purpose/ 		68 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:09:32 GMT
server
nginx
etag
W/"600e285c-10f52"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec3f1b57b3fd738ebb95c34914a52d147f466db39760e5ae2c7731ecdc9e9d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 19:08:38 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:38 GMT
font-awesome.css
newsonlineng.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
222ee58618ed44bc79102e6264212216d442ce197d15cb2c7d1a7d760281a34b

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:11:38 GMT
server
nginx
etag
W/"600e28da-ab21"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
style.css
newsonlineng.com/wp-content/themes/Newspaper/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
f0300e6243307279dea081242f5c1e9039479351015378bb0b53ce1498c47c50

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:07:23 GMT
server
nginx
etag
W/"600e27db-261c5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
td_legacy_main.css
newsonlineng.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		244 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:09:27 GMT
server
nginx
etag
W/"600e2857-3cfe4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
td_standard_pack_main.css
newsonlineng.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		621 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:10:03 GMT
server
nginx
etag
W/"600e287b-9b323"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
demo_style.css
newsonlineng.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/city_news/ 		3 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/city_news/demo_style.css?ver=10.3.9.1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
86ddc45dd3f52c7f58dc748fec429785bb29678ccd67f8657e17b6b4c267938b

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:12:33 GMT
server
nginx
etag
W/"600e2911-cae"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
tdb_less_front.css
newsonlineng.com/wp-content/plugins/td-cloud-library/assets/css/ 		106 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:11:06 GMT
server
nginx
etag
W/"600e28ba-1a97b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
frontend.min.css
newsonlineng.com/wp-content/plugins/squirrly-seo/view/assets/css/ 		2 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/squirrly-seo/view/assets/css/frontend.min.css?ver=11.0.03
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
eea1490778379b3cb73ab252012a8cb4756de3b9998732d43b0bc525561dfafa

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 14:04:42 GMT
server
nginx
etag
W/"603f977a-619"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
jetpack.css
newsonlineng.com/wp-content/plugins/jetpack/css/ 		75 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.5
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 14:04:22 GMT
server
nginx
etag
W/"603f9766-12d1e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
sharethis.js
platform-api.sharethis.com/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d5059f32fbb319603fd421035ba8ae20f2a80c2978279efb10cba65961bdcfe9

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:04:32 GMT
content-encoding
gzip
age
246
etag
W/"192cc-S85VNqqDcmpq46cMbazrSJLaAD0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
H_W0MXjKV72Urhi9k9q2nvo0T7a7tjfWpAuj-w5vyvSPaAM-n_VYZg==
jquery.min.js
newsonlineng.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:10:24 GMT
server
nginx
etag
W/"600e2890-15d98"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
jquery-migrate.min.js
newsonlineng.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:09:02 GMT
server
nginx
etag
W/"600e283e-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-169801043-1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
431db16cc204c26f37c9fc9e5addf13399b9e7624ab4e15ac4ff7ae876e01ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39414
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Mar 2021 19:08:38 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L2NEVMN9YM
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66158c424b8c1278a1e20269a637ba3e8f702ba05db5f7bd8744357b3495f68f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53733
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:38 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
NNLQ0y+VtUZs6nt8zl9j7fZG/Sz/MdaX/WyvVfaxfXemNOCC4i70RX47M/lQ3EDzTXwneb1lnsX3TWDdD44jnw==
x-fb-trip-id
664085054
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Mar 2021 19:08:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
wp-emoji-release.min.js
newsonlineng.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 09:14:34 GMT
server
nginx
etag
W/"601bbafa-3795"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 07 Mar 2021 19:08:38 GMT
NewsOnlineLOGO.png
newsonlineng.com/wp-content/uploads/2020/11/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/11/NewsOnlineLOGO.png
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
0a4f81bf2cfbc8e32debf780905397c66a4a4b9502c1dd61fc89ad34ab76ef6f

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
last-modified
Mon, 25 Jan 2021 02:07:12 GMT
server
nginx
etag
"600e27d0-63da"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25562
expires
Tue, 06 Apr 2021 19:08:38 GMT
collect
www.google-analytics.com/j/ 		4 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1979514454&t=pageview&_s=1&dl=https%3A%2F%2Fnewsonlineng.com%2F&ul=en-us&de=UTF-8&dt=Nigeria%20News%7CBreaking%20News%20%26%20Naija%20News%20Today%20March%207%2C%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=887284381&gjid=1071451901&cid=1575178446.1615144118&tid=UA-169801043-1&_gid=58797784.1615144118&_r=1&_slc=1&z=1215210928
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
UBA-AD.jpeg
newsonlineng.com/wp-content/uploads/2020/12/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/12/UBA-AD.jpeg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
8c4f9e301de77477d549a684a94ebef9d48d39a8e89fa6bb39a5976db5c88305

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
last-modified
Mon, 25 Jan 2021 02:12:01 GMT
server
nginx
etag
"600e28f1-89ab"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35243
expires
Tue, 06 Apr 2021 19:08:38 GMT
Access-bank-banner-ad.jpg
newsonlineng.com/wp-content/uploads/2020/12/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/12/Access-bank-banner-ad.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
df5bc69db7be730a795d8fed5d3e48694cde2b67ac0149ec4817d52436264c57

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
last-modified
Mon, 25 Jan 2021 02:13:38 GMT
server
nginx
etag
"600e2952-aa33"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43571
expires
Tue, 06 Apr 2021 19:08:38 GMT
FidelitySidebar.jpeg
newsonlineng.com/wp-content/uploads/2020/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/12/FidelitySidebar.jpeg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
5f2a67619082b4f4d8b742daba4a66b0f7549f0d99da9f26b4015b30db025eeb

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
last-modified
Mon, 25 Jan 2021 02:09:05 GMT
server
nginx
etag
"600e2841-bb49"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47945
expires
Tue, 06 Apr 2021 19:08:38 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-169801043-1&cid=1575178446.1615144118&jid=887284381&gjid=1071451901&_gid=58797784.1615144118&_u=IEBAAEAAAAAAAC~&z=535967017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 07 Mar 2021 19:08:38 GMT
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
newsonlineng.com.992273.js
jsc.mgid.com/n/e/ 		249 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsonlineng.com.992273.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac7f4d6d148f4a2a426106389e7a46a9bcaa8f2d0041e405020b481a5c01d71

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5859
cf-polished
origSize=255012
last-modified
Thu, 04 Mar 2021 12:42:05 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BAGAQGFYHBNRCJ9R
x-amz-id-2
5T8cOrWsqqz/NrrQi0J5X9TyLjRL8BmirM+LXQoY40QLMHlYTDzouZNUnJ+jKs2Tax8VRQjVPgc=
cf-bgj
minify
server
cloudflare
etag
W/"169a34b004d317b97e091cbf5c5c3e1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08afb080c700004aa38a9c8000000001
cf-ray
62c61d147e5e4aa3-FRA
expires
Sun, 07 Mar 2021 22:08:38 GMT
a9e68dd0a863f34020f0cc35239de68f.js
pl15984711.topprofitablecpm.com/a9/e6/8d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl15984711.topprofitablecpm.com/a9/e6/8d/a9e68dd0a863f34020f0cc35239de68f.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 07 Mar 2021 19:08:38 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
underscore.min.js
newsonlineng.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 09:14:34 GMT
server
nginx
etag
W/"601bbafa-3eba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
js_posts_autoload.min.js
newsonlineng.com/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:12:37 GMT
server
nginx
etag
W/"600e2915-13fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
tagdiv_theme.min.js
newsonlineng.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		253 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:09:06 GMT
server
nginx
etag
W/"600e2842-3f512"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
js_files_for_front.min.js
newsonlineng.com/wp-content/plugins/td-cloud-library/assets/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:12:40 GMT
server
nginx
etag
W/"600e2918-8387"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
wp-embed.min.js
newsonlineng.com/wp-includes/js/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 09:14:34 GMT
server
nginx
etag
W/"601bbafa-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Tue, 06 Apr 2021 19:08:38 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1577
etag
W/"29e3b92597e716694def18b1f85abbfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
62c61d13db8c2bad-FRA
cf-request-id
08afb0806900002baddc9eb000000001
expires
Sun, 07 Mar 2021 20:08:38 GMT
e-202109.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202109.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 20 Feb 2022 22:39:29 GMT
5fa0190f2a2baa0012f7f20c.js
buttons-config.sharethis.com/js/ 		1 KB
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5fa0190f2a2baa0012f7f20c.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ee606377a07d7144828fa6bdc128d7efe8e91fc186b931978594f323df7e2ce

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
etag
W/"40a69679755ececc1389996c51b677ed"
last-modified
Mon, 09 Nov 2020 09:43:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
public, max-age=60
x-amz-cf-id
jsu-AimXc5Yi-slWonI8bhFvIyZt_knmIh7YrIf2bNGJhLpLohXgxw==
1.jpg
newsonlineng.com/wp-content/uploads/2020/11/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/11/1.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
f37c8c0d92722e1c8994e15a3139b1ec362ecfda196b43c21807cf8e4ae1b450

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
last-modified
Mon, 25 Jan 2021 02:12:30 GMT
server
nginx
etag
"600e290e-21525"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
136485
expires
Tue, 06 Apr 2021 19:08:38 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
newsonlineng.com/wp-content/themes/Newspaper/images/icons/ 		123 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

Origin
https://newsonlineng.com
Referer
https://newsonlineng.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:11:14 GMT
server
nginx
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 06 Apr 2021 19:08:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
519411
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:51:47 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:30:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
age
520684
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:30:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
342967
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 03 Mar 2022 19:52:31 GMT
truncated
/ 		111 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 6875 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
cache-control
max-age=3600, public
date
Sun, 07 Mar 2021 18:43:54 GMT
etag
W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 35262001a2ae8da534143b9a1e14d8fe.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
uUWXmQrqByLL8x2D7w022fXau7WB7wx_8M8Xx4D6oUsRQo6mymYEsQ==
age
1484
385383635639080
connect.facebook.net/signals/config/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/385383635639080?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46cf5d10e1351ba8cd038352efd68ccb2de9845bfbaa8919e0f3cbf05154aef5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
+4TI6EJVGTYb95ZKAVrsWhplqfrihwMYNjtVsrHFXemlqs1tQ03zJ71PS9g0vnxRxXrHB8qTzRE6WXjN3Z8KEg==
x-fb-trip-id
664085054
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Mar 2021 19:08:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Mar 2021 19:08:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame 2F1F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210303/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 06 Mar 2021 20:37:42 GMT
expires
Sat, 20 Mar 2021 20:37:42 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
81056
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1979514454&t=pageview&_s=1&dl=https%3A%2F%2Fnewsonlineng.com%2F&ul=en-us&de=UTF-8&dt=Nigeria%20News%7CBreaking%20News%20%26%20Naija%20News%20Today%20March%207%2C%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=625774594&gjid=1091171113&cid=1575178446.1615144118&tid=UA-169801043-1&_gid=58797784.1615144118&_r=1&did=dZTNiMT&gtm=2ou2o0&z=1065161030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L2NEVMN9YM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169801043-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61624ae4a69515c0c2e2f2d4f1684966daccd2835c3dffd63d5d5e8feb4bf405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53722
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:38 GMT
collect
www.google-analytics.com/g/ 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L2NEVMN9YM&gtm=2oe2o0&_p=1979514454&sr=1600x1200&ul=en-us&cid=1575178446.1615144118&_s=1&dl=https%3A%2F%2Fnewsonlineng.com%2F&dt=Nigeria%20News%7CBreaking%20News%20%26%20Naija%20News%20Today%20March%207%2C%202021&sid=1615144118&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2NEVMN9YM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1979514454&t=pageview&_s=2&dl=https%3A%2F%2Fnewsonlineng.com%2F&ul=en-us&de=UTF-8&dt=Nigeria%20News%7CBreaking%20News%20%26%20Naija%20News%20Today%20March%207%2C%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1775576482&gjid=2041064529&cid=1575178446.1615144118&tid=UA-169801043-1&_gid=58797784.1615144118&_r=1&did=dZTNiMT&gtm=2ou2o0&z=1967253989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-169801043-1&cid=1575178446.1615144118&jid=625774594&gjid=1091171113&_gid=58797784.1615144118&_u=KEDAAUABAAAAAC~&z=19876299
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 07 Mar 2021 19:08:38 GMT
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-169801043-1&cid=1575178446.1615144118&jid=1775576482&gjid=2041064529&_gid=58797784.1615144118&_u=KEDAAUABAAAAAC~&z=2043388370
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 07 Mar 2021 19:08:38 GMT
content-type
text/plain
access-control-allow-origin
https://newsonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
520859
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:27:39 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
281527
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:31 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
281514
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:44 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A600&display=swap&ver=10.3.9.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:14:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
521664
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:14:14 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=385383635639080&ev=PageView&dl=https%3A%2F%2Fnewsonlineng.com%2F&rl=&if=false&ts=1615144118909&cd=%7B%22page%22%3A%22https%3A%2F%2Fnewsonlineng.com%22%2C%22domain%22%3A%22https%3A%2F%2Fnewsonlineng.com%22%7D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&it=1615144118738&coo=false&rqm=GET
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Mar 2021 19:08:38 GMT
pview
l.sharethis.com/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=newsonlineng.com&location=%2F&product=unknown&url=https%3A%2F%2Fnewsonlineng.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Nigeria%20News%7CBreaking%20News%20%26%20Naija%20News%20Today%20March%207%2C%202021&cms=unknown&publisher=5fa0190f2a2baa0012f7f20c&sop=true&bsamesite=true&consent_cookie_duration=631&consent_duration=631&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Naija%20News%20Today%20March%207%2C%202021%20%E2%96%B7%20Read%20Latest%20Naija%20News%2024%2F7%2C%20Breaking%20news%20%26%20happy%20new%20month%20messages%2C%20n
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 19:08:39 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://newsonlineng.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
cookie.js
partner.googleadservices.com/gampad/ 		206 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsonlineng.com&callback=_gfp_s_&client=ca-pub-9869608639929948
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6cbf8bb84eedb6164282a1f6cf644bd095bf977c6aaabf3a5a1d3842654cce9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsonlineng.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsonlineng.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3074 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&adk=1812271804&adf=3025194257&lmt=1615144118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fnewsonlineng.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615144118756&bpp=21&bdt=608&idt=183&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1271407612497&frm=20&pv=2&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c01fc004a430a5ecb5e2f37de39c1f72183ca9f516455679cccbb56b15b8ef96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9869608639929948&output=html&adk=1812271804&adf=3025194257&lmt=1615144118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fnewsonlineng.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615144118756&bpp=21&bdt=608&idt=183&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1271407612497&frm=20&pv=2&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 19:08:39 GMT
server
cafe
content-length
1044
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 07-Mar-2021 19:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:39 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A56E 		83 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c133aa971dd74e53b850f17236b10b4847f4930cfa472baf646964b49d643707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 19:08:39 GMT
server
cafe
content-length
24309
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 07-Mar-2021 19:23:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:39 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B0DE 		103 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
222825f47caa58b84bec227122d28d06cc270f8f4b8e80bb940f1fef9b68f28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 19:08:39 GMT
server
cafe
content-length
25842
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 07-Mar-2021 19:23:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:39 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BF24 		86 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
693f86dcae216b58ee9cae8208a071ffcfe3ab6ed549bec08a358d3589da8bef
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOC6tvwnu8CFY3ymgodO-YL_g&gqi=tyRFYJSWBJjwZ_vHmZgL&layout=/sadbundle/%24csp%253Der3%24/10854031402549906775/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOC6tvwnu8CFY3ymgodO-YL_g&gqi=tyRFYJSWBJjwZ_vHmZgL&layout=/sadbundle/%24csp%253Der3%24/10854031402549906775/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 19:08:39 GMT
server
cafe
content-length
31549
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 07-Mar-2021 19:23:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:39 GMT
cache-control
private
fontawesome-webfont.woff2
newsonlineng.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonlineng.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://newsonlineng.com
Referer
https://newsonlineng.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 02:07:12 GMT
server
nginx
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 06 Apr 2021 19:08:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsonlineng.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsonlineng.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9AA4 		90 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
119546e56ecce3c2ab44fff0aff926439a24d7796ce2d7988f0b8c788783ce91
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnH8dvwnu8CFUka4Aod2YwMfw&gqi=tyRFYMvOC5nx7gOI842YDQ&layout=/sadbundle/%24csp%253Der3%24/10854031402549906775/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnH8dvwnu8CFUka4Aod2YwMfw&gqi=tyRFYMvOC5nx7gOI842YDQ&layout=/sadbundle/%24csp%253Der3%24/10854031402549906775/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 19:08:39 GMT
server
cafe
content-length
33440
x-xss-protection
0
set-cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM; expires=Fri, 01-Apr-2022 19:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:39 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BE13 		89 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45e111e731afc90d89650257f0bcba3f145dd5d50a1ffff6dfa69e61e246c855
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIrm8tvwnu8CFYS63godiScG4w&gqi=tyRFYI70DIuIgAe8kbOIAw&layout=/sadbundle/%24csp%253Der3%24/8938190272366586647/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIrm8tvwnu8CFYS63godiScG4w&gqi=tyRFYI70DIuIgAe8kbOIAw&layout=/sadbundle/%24csp%253Der3%24/8938190272366586647/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Mar 2021 19:08:39 GMT
server
cafe
content-length
33330
x-xss-protection
0
set-cookie
IDE=AHWqTUkIoLAwcX8g1--sXd4fcq6RMOLSwHaTlQ8o2f8OFR358q-GF0O4V-kncQkhmBg; expires=Fri, 01-Apr-2022 19:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:39 GMT
cache-control
private
73364564117340634a3578c276133d1b.js
www.gstatic.com/mysidia/ Frame B0DE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73364564117340634a3578c276133d1b.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c27ad5ff9062de09eb9d1c3a0fdbf9aa1ad0d28f8a5ec1f90f067c10117e67ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 05:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 07:11:17 GMT
server
sffe
age
221727
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3004
x-xss-protection
0
expires
Thu, 03 Jun 2021 05:33:12 GMT
f7dc83eabdd0eb005c33440916987383.js
www.gstatic.com/mysidia/ Frame B0DE 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7dc83eabdd0eb005c33440916987383.js?tag=gpa/maximal_v1_och_tag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eedb7d038bea7ea22c1cba19b00d8f0acc0a86c03198a858968b59577976502f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 05:48:51 GMT
server
sffe
age
131541
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11486
x-xss-protection
0
expires
Fri, 04 Jun 2021 06:36:18 GMT
css
fonts.googleapis.com/ Frame B0DE 		2 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:25:54 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:39 GMT
css
fonts.googleapis.com/ Frame A56E 		2 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:24:39 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:39 GMT
3aa3fb99195f3894d7dec54cc5b479a1.js
www.gstatic.com/mysidia/ Frame B0DE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 13:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 05:48:51 GMT
server
sffe
age
453695
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3798
x-xss-protection
0
expires
Mon, 31 May 2021 13:07:04 GMT
bg_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/ Frame B0DE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/bg_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaa629d9f0548932ed3e6e758bb03ba934aa479ca2b03a992e4730d0b4668ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2880
x-xss-protection
0
server
cafe
etag
538336100277915722
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 07:46:04 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B0DE 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:26 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame B0DE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B0DE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:08:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0DE 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B0DE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:01 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame B0DE 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 14:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 07:11:17 GMT
server
sffe
age
189513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Thu, 03 Jun 2021 14:30:06 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame A56E 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:26 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame A56E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame A56E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:08:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A56E 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame A56E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:01 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame A56E 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 14:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 07:11:17 GMT
server
sffe
age
189513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Thu, 03 Jun 2021 14:30:06 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A56E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTyOaXQZeOZnzHJyjZk6megtH0PWtkatZKwZwmOJMg3FfYf3_aNS6sulw74vx4&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f37dfb46203578d1e12659a5c622dd001612306bfaed68c09ed31765370cbc7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 06:12:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Nov 2020 00:46:16 GMT
server
sffe
age
219341
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22447
x-xss-protection
0
expires
Sat, 05 Mar 2022 06:12:58 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A56E 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQPTbdI4Mnm9rGEWNXdp65o6Ehx-dYXmtkCyqrHQg9BdU3cpCK8i3HkkfUW6g&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c47b1fca3f45df91667916387c59c9a95e5dc01c828e01765a909e3c222ea597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:53:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Nov 2020 01:56:25 GMT
server
sffe
age
418486
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17691
x-xss-protection
0
expires
Wed, 02 Mar 2022 22:53:53 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A56E 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRQV5VL9g8yPxeIUeBk15ATGl8RRIhLLSfoQKR0-g2_ClIBPYy2ofiaULjXLg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
547c447ccc3c333e8b6b7c87199889e3c64aceb807b07a060d01394d47075576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 09:09:44 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 00:49:51 GMT
server
sffe
age
208735
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42198
x-xss-protection
0
expires
Sat, 05 Mar 2022 09:09:44 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A56E 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJsnNYM41OB3CFsOUkZi2GrUZ1dV8qg5SS2LXY72DeE6k3CaDXuu_Oyr7EvBc&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa17df01e7a09866f95bee961dedde23f58681a4ff01d7dabb70e7545e384af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 02:39:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Jan 2021 02:13:54 GMT
server
sffe
age
404950
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33139
x-xss-protection
0
expires
Thu, 03 Mar 2022 02:39:29 GMT
4960171498127049421
tpc.googlesyndication.com/simgad/ Frame A56E
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP_Y-6pAEQsAkYrAIyCEeZNsz28no0
  • https://tpc.googlesyndication.com/simgad/4960171498127049421
36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4960171498127049421
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf27b40d85b585d2bb071c66ba272c7c9ffa85a392008c76a29f56eab9705deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 03:58:06 GMT
x-content-type-options
nosniff
age
313833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36808
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 17:09:39 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 03:58:06 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 23:05:07 GMT
x-content-type-options
nosniff
server
cafe
age
72212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4960171498127049421
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Apr 2021 23:05:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A56E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CxytVtyRFYOO2Adzo6gSfsLbwDpK5x9hh_oDZ97YNxcab1dIeEAEg5ralfWCViriCyAegAZao5vUCyAEJqQLfZU8CzPuzPqgDAcgDywSqBLcBT9AaXSGXHGW4Xl5YZY1u6IQYr-S3Uhso6EEIsLPS3uVWr4LHWgsEBNWVi735drQNlQRqyy-fghkPX61In9ixQHfmehCht_djqDMXGp-tgXOOY92yOO3R9FDCla-pkmloDyUEkmJif6bT8nc_C-2CCYgZt4KGCD41YlLdy1X_uzoHLNZuUO5xBsmDhGWXgjDYnKzQgPEq7HSmEtY6hq_Wwdz3rUkHrPnBC9IfirDTkvppy3s38kXKwAT5hs-QrwOSBQQIBBgBkgUECAUYBKAGLoAH0teZigGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEK3KmAHSCAkIgOGAEBABGB-ACgHICwHYEwyIFAKyFxoKGAgAEhRwdWItOTg2OTYwODYzOTkyOTk0OA&sigh=b9IIY2IGd1o&template_id=494&tpd=AGWhJmtbCWXVFx204dTwrA1WA8F_SIG5ZhuiYui2u6BLQJYiAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 07 Mar 2021 19:08:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:39 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame 67EF 		75 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e98f21f0473158f4eeb49b447e78533565f9c2ce7bbfdd366eb310a43b96ee4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/10854031402549906775/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 04 Mar 2021 16:50:55 GMT
expires
Fri, 04 Mar 2022 16:50:55 GMT
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
17690
age
267464
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame BF24 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame BF24 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:08:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF24 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame BF24 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B0DE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRyVMsNU0FoLK7txx4julUstz3FinskU9448CVHgHgbG_-guINSibPPWKLW5A&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
877a9b6b27119aea6dfb567731b710942a54845cd692b61efab0bd0927e0374c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 07:16:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jan 2021 09:31:21 GMT
server
sffe
age
474734
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19484
x-xss-protection
0
expires
Wed, 02 Mar 2022 07:16:25 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B0DE 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSZZPBPzED7ooYXRMVBT1wUCuj7bYarX641xgeIivSdubhwzwlb-fWDbn49hA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3438263637aef6cebe783f994f39f9e2204c5db6f150217465816615451a4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 04:46:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 22:46:55 GMT
server
sffe
age
224548
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40394
x-xss-protection
0
expires
Sat, 05 Mar 2022 04:46:11 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame B0DE 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTS5uvqJ-y8U4ul2Xa1-ok4y6WNFQMpJKex_vfWtX1rVwVP0UeKm31sm29cpA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fdd6407142b9204763c21a4fca03acb28b117feb4c7d5a202ffaa4f80ba3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 02:26:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 15 May 2020 22:03:27 GMT
server
sffe
age
405725
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21295
x-xss-protection
0
expires
Thu, 03 Mar 2022 02:26:34 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B0DE 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSDauC2sOmuENK7HMJQsE9p6OWtigebAK8o5VJBKoJTDc0dMB0cuWvu2JiYF-Y&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba3f268596d2fbc40fe2c644b4af3663a844a6c48ffa9cc2045080a8853d7d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:53:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Jan 2021 23:03:32 GMT
server
sffe
age
130511
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46534
x-xss-protection
0
expires
Sun, 06 Mar 2022 06:53:28 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B0DE 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRpHYvAeq84FvzDY7hMFaZSP6Y0VGEV8qiCoJa9Nir7LeX3eWfIyvURnsmeWoM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a2268282f4633de5b1c734ea61d54761b1a0738e275bc1db914d786304afe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:26:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 20:03:44 GMT
server
sffe
age
214947
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25134
x-xss-protection
0
expires
Sat, 05 Mar 2022 07:26:12 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B0DE 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQaK67MDKo5BvFBqeyKDioR4dV3zRUI7VqyBOG2RBBbDGs79m6CoEjZCVjHNQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef65223803dcd950990c9ed8445091abe672fde874114fa7363fd1ef4e0d7b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:40:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 May 2020 22:04:16 GMT
server
sffe
age
311281
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51503
x-xss-protection
0
expires
Fri, 04 Mar 2022 04:40:38 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B0DE 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRfu6QD5Wfb6auLyfH9pPyotOrSY2_Qzhy9JgSVkA_aB7j6ZLajH3DATPnYGw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6885fa4646140f223c8cfe7bf7d1887830cc998c6f178c88d9019d987165d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 07:05:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 May 2019 22:03:56 GMT
server
sffe
age
302593
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37486
x-xss-protection
0
expires
Fri, 04 Mar 2022 07:05:26 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B0DE 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR9DJSD6G9mFd8HCoA70vPv0L5wJijpnlwcEyLwmp3tzJqefpOYNznIibRFQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20c370e6623337e2bc4c3598a7e336d88942792956c8f1f2d4f3fcc3520d95c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 02:31:03 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Jun 2020 13:13:01 GMT
server
sffe
age
232656
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21632
x-xss-protection
0
expires
Sat, 05 Mar 2022 02:31:03 GMT
2893733063639164922
tpc.googlesyndication.com/simgad/ Frame B0DE
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP1qS1ARCQAxiQAzIIzt9_dsx32hU
  • https://tpc.googlesyndication.com/simgad/2893733063639164922
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2893733063639164922
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69aa54bf0658aba7d5cf36b8f6fa25130b464ee8fc074feb3bfc33caa07bf42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:47:53 GMT
x-content-type-options
nosniff
age
130846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23959
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 10:00:48 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 06:47:53 GMT

Redirect headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 15:53:45 GMT
x-content-type-options
nosniff
server
cafe
age
11694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/2893733063639164922
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Apr 2021 15:53:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BF24 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgM5xtyRFYOPKBI3l6wS7zK_wD9_YvshhyuDWhfwM29keEAEg5ralfWCViriCyAegAdWH2_ECyAEJqQLfZU8CzPuzPqgDAcgDSKoEvwFP0Hz1wre2xGFr23PwojDsAElTbyfu_CKvQdoCg73Ji0CiDFqozKur9oA9vs-EdRV5CPVhs-8tIC7gn1u8U7jERpDk3K9dft-VBGo8tNpchtJMVbQNK8oq1k-FbJJWWcrtTjXa9zL29jsACfDOT6mjtTBXVf1gRUKmvxQjXNTIhg0NESpgPPbiXjCWAK6Y8Xog08-U8w9Yt8bAGKWSGiCA6kxisW701UtAlQm-wEEeQZFuahMkkiCbhEJwE9Cd-MAEovzapaoDkgUECAQYAZIFBAgFGASgBi6AB5P4pI4BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEM6goAHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTg2OTYwODYzOTkyOTk0OA&sigh=8nMkaPcvX6M&template_id=419&tpd=AGWhJmsHGs-6XC8rFAqG3PyL0A8EqE2LfFaTRuwvboRuC-o0Rg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 07 Mar 2021 19:08:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame B0DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVrJjtyRFYJfpAtbn6gTTj6jQA5K5x9hh_oDZ97YNxcab1dIeEAEg5ralfWCViriCyAegAZao5vUCyAEJqQLfZU8CzPuzPqgDAcgDywSqBLwBT9Ag5N382GZGzztSYK1mAS-YOzfveRjapDJaQjhWNQ4bcwuWnOdTd3UnoBq16ss8oJMpArB1j9EPXHR96ID96PhPQ8vYS7x4BhRh1a0w355Jd_4plfJceSDMbTx0TKfYMUicqAR00QQBqwHRErCFZoCR-fSA-TTNtpHOUv6YbouhksiVhMIocuh24DKxuKP-MmJiyEgCcS0ZxZGH_z0PWtwzqvkb_-8o2z0jmVDiyXYXULJUBSFC6kZToEPABPmGz5CvA5IFBAgEGAGSBQQIBRgEoAYugAfS15mKAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQzbcn0ggJCIDhgBAQARgfgAoByAsB2BMMiBQCshcaChgIABIUcHViLTk4Njk2MDg2Mzk5Mjk5NDg&sigh=-Mie-Lt7Dic&template_id=494&tpd=AGWhJmtzMylGEnsZHDaEbbdCnRv10iHwet_Cbd77Hbb1gVLlIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2743985784&adk=2608051009&adf=139268736&pi=t.ma~as.2743985784&w=297&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=297x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119009&bpp=2&bdt=862&idt=3&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0scZsVVV4n&p=https%3A//newsonlineng.com&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 07 Mar 2021 19:08:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bef68150a61b79f71c0f81f23efe27a78da8f6e60e0f188d378b407f9276225a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:26:24 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:39 GMT
css
fonts.googleapis.com/ 		2 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:20:23 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:39 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
br
cf-cache-status
HIT
age
1605
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08afb0864500004aa38a3dc000000001
cf-ray
62c61d1d3ffa4aa3-FRA
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:39 GMT
content-encoding
br
cf-cache-status
HIT
age
1607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08afb0864400004aa3f00bf000000001
cf-ray
62c61d1d3ff84aa3-FRA
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B0DE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e64d4cde04758b3a1b82de12748d2a7f3e18b1c7977cc2acf3822f0723495ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A56E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bcdcad7a653774b5d9aa714099ea2ed6d6353cd9f7a428455c5dd15d09d885c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame D503 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 18:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1635
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BF24 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6562c1a4929f3222c77d2d40a5c95bfb81fbad7cf922e15bfbf4d5a86a6405e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95e60b9391931dc4d5cc9b3b0c28b0eb2751b9066037f7594ba76c47739c187b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:45:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:24 GMT
server
sffe
age
519768
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17520
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:45:52 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v20/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsonlineng.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:02 GMT
server
sffe
age
257234
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17324
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:26 GMT
1
servicer.mgid.com/992273/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/992273/1?w=1200&h=642&p3_w=388&p3_h=287&cols=3&pv=5&cbuster=1615144120081469841291&uniqId=11218&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fnewsonlineng.com&lu=https%3A%2F%2Fnewsonlineng.com%2F&pageView=1&pvid=1780e176f118eeae9de&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsonlineng.com.992273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4da5e0433bf22e01492857f511cd101938e2b5e513d515f3961a4d6c7a3d162

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d1ebacf4aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb0873200004aa3a2121000000001
a9e68dd0a863f34020f0cc35239de68f.js
pl15984711.topprofitablecpm.com/a9/e6/8d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl15984711.topprofitablecpm.com/a9/e6/8d/a9e68dd0a863f34020f0cc35239de68f.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 07 Mar 2021 19:08:40 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame A56E 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
257234
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:26 GMT
css
fonts.googleapis.com/ Frame 67EF 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,300
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1855debbf4c4bfdf6009eef3b1bdb0907fe13f8102bb7b78ba9acdf73c8e1c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:17:29 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:40 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 67EF 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 15:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:52:29 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 67EF 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 08 Mar 2021 13:07:30 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame B0DE 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
257234
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:26 GMT
cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
pagead2.googlesyndication.com/bg/ Frame B877 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/bg_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
42678
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5702
x-xss-protection
0
expires
Mon, 07 Mar 2022 07:17:22 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/ Frame 8974 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f0151c21d999ed4a2a4c67011ebc89549fd5d2851221b6b29b4b5773a7f382
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/8938190272366586647/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sat, 06 Mar 2021 22:05:19 GMT
expires
Sun, 06 Mar 2022 22:05:19 GMT
last-modified
Sat, 09 Jan 2021 11:45:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
3429
age
75801
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame BE13 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame BE13 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:08:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE13 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame BE13 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:01 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame D53F 		75 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e98f21f0473158f4eeb49b447e78533565f9c2ce7bbfdd366eb310a43b96ee4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/10854031402549906775/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 04 Mar 2021 16:50:55 GMT
expires
Fri, 04 Mar 2022 16:50:55 GMT
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
17690
age
267465
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 9AA4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 9AA4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:08:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9AA4 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 9AA4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 19:07:01 GMT
l
www.google.com/ads/measurement/ Frame 9AA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRosnH9chDqEpZmXzReHeCODucTktaCgzMccGluEFfXXUNjNEWkD_37ckcCVyBG_Y_ZhgM-pcnsZQl5ivMglRXg9t5qPQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
pagead2.googlesyndication.com/bg/ Frame 2FA6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=280&slotname=1268210449&adk=1137714943&adf=2555017551&pi=t.ma~as.1268210449&w=1200&fwrn=4&fwrnh=100&lmt=1615144118&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615144118867&bpp=6&bdt=719&idt=120&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nWeSGyai6g&p=https%3A//newsonlineng.com&dtd=127
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
42678
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5702
x-xss-protection
0
expires
Mon, 07 Mar 2022 07:17:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BE13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRjiwtyRFYMquDYT1-gaJz5iYDtGL6PVg9pfj-ugM29keEAEg5ralfWCViriCyAegAbWQxMADyAEJqAMByANIqgS8AU_QJnCGB38RBmoj5-zY1TFQy_NjOcie-p1MZXrRNwLfMmorKWJ01yFT8c0m4tNaVSRaEX-9UjRBpOX6CxUO_DpmjX36G9bfu85_4wEil9fJFoF2W5_FViH8GStNarbnnewKMqU389CH7m_OWhOXIndrnMlzXgO0m4if6asGDjzIq09IxAAW_rr0gf_09w9T50MXQ664jLK3utIVMAIfViaqrDKheD8mXigQeFeHwP4xMz53Nb065rBBniZswATkoLeCtwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCXxxbSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTg2OTYwODYzOTkyOTk0OA&sigh=kkQ9nqSZvio&template_id=419&tpd=AGWhJmsAW7CGbZTjTqYfWt9wK5edu18wBgPb3pj27Q3G_F-Cog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 07 Mar 2021 19:08:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 67EF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
521588
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:15:32 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 67EF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:03:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
age
198292
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
expires
Sat, 05 Mar 2022 12:03:48 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9AA4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C74zFtyRFYPmPDMm0gAfZmbL4B9_YvshhyuDWhfwM29keEAEg5ralfWCViriCyAegAdWH2_ECyAEJqQLfZU8CzPuzPqgDAcgDSKoEuQFP0AXMs6lSpKAH25TnJviBmqZrKk-ivFhLWK311pooLOmfY9Kxq6Z6WYFUgg8SIozu35n0Cr-t392UOeKb7zxLQEBnX0cjQKNCArP2xGPFn0OfEWMBmUozw5Y5LwFl_LiVqATxWQ9yDHpTGvCAmyFy1sOxTSvvxweND8gZjANtVP0mRmKYEDjLOgDAlccII4YbR8wH22qBb8qCchR2ziESMC3Wg5S4lBkP8G3k_uXT13gDLPC-b2Hg4cAEovzapaoDkgUECAQYAZIFBAgFGASgBi6AB5P4pI4BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEL2BL9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi05ODY5NjA4NjM5OTI5OTQ4&sigh=sDYAKEiWj58&template_id=419&tpd=AGWhJmvUi-MT4HBsI7h-wDWjYdXiVuaZEPvzwEWTnwNon3X_Ug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 07 Mar 2021 19:08:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame B65D 		143 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 18:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1636
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BE13 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
890614a56a95a602185e512d584bca01f6e965a6f9811edfbd028a5b2a5c2011

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
i.js
cm.mgid.com/ 		1 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1615144120342937076775
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsonlineng.com.992273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0bffaff436b2a750ceaeb80b2c0c550b9c0693222116fcdd80f5f576ce0bfd

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
abe00738-a2ea-4560-acd2-f3ac027233c6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d206dc54aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb0883d00004aa38aa59000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame F081 		19 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1615144120346553989715
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsonlineng.com.992273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
de002997-3673-4a04-9d72-065550f0f543
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d206dc64aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb0883d00004aa3a2135000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1615144120-8W5toyW8Ekmu3r4ncHWilrFlU19cKGfdRz7MmTVX7Ek
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
78331630-6c22-4b9f-ba7c-ce8f646b1fa4
age
1678093
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8002
cf-request-id
08afb0884800004aa3a50f7000000001
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62c61d207dde4aa3-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1615144120-0LznYTWVUZKb24uIuFKwtw98ctaz64ohR8qydIaK_Ps
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
b7fff1af-e1fe-43fa-8483-598a08463658
age
2364475
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20250
cf-request-id
08afb0884800004aa3d02cd000000001
last-modified
Mon, 08 Feb 2021 10:20:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62c61d207de14aa3-FRA
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.mgid.com/g/8164901/492x277/0x65x849x566/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164901/492x277/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1615144120-AC-vAVQKpUiAEhw9lYmtBi-8xlVC2bV9MuQgbqXzEHw
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ba63b52d9e694bafe04f35ec11d52150105548d1adc7a212ba846620f8cbad

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
fd6c2b10-87c2-4759-91d9-2318ef8427c1
age
2364497
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10430
cf-request-id
08afb0884800004aa3dc304000000001
last-modified
Mon, 08 Feb 2021 10:20:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62c61d207de04aa3-FRA
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1615144120-JnOCnVWfJ4meU-sRYprXlCc6aSed53Ayl-yozDV5Xi4
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
12c19d05-5318-4e6a-91c6-b9176052c149
age
1678098
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17234
cf-request-id
08afb0884800004aa3f00e5000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62c61d207ddd4aa3-FRA
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp
s-img.mgid.com/g/8193510/492x277/0x0x753x502/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193510/492x277/0x0x753x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp?v=1615144120-ZUel0PfUQF6HuOGPVfxZ29Dg1XREY8AdRwH3JqB0uzQ
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf3e6a0d9cb2d51f0294ad09614896012a369ddb6c90ee2001a45887fa7fe30

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
daca40b8-ac96-41a8-b099-cee497a1cbf2
age
2202407
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8956
cf-request-id
08afb0884800004aa3bfaa1000000001
last-modified
Wed, 10 Feb 2021 07:15:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62c61d207ddb4aa3-FRA
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.mgid.com/g/8193534/492x277/0x124x788x525/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193534/492x277/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1615144120-cAzKYjJjdLsQw9cp_5I0Q_9JnTdYR-WHlHanF4mBoxU
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d583ac50249907442970cca189b01263229da93b2feb725850fb886bc267e68

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
HIT
x-mg-request-uuid
0e2918ff-0c79-4de3-9dcc-92809b574cb5
age
2202532
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8198
cf-request-id
08afb0884700004aa3f31dd000000001
last-modified
Wed, 10 Feb 2021 07:15:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62c61d207dd84aa3-FRA
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2C70 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 07 Mar 2021 18:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1636
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame BE13 		0
433 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIrm8tvwnu8CFYS63godiScG4w&gqi=tyRFYI70DIuIgAe8kbOIAw&layout=/sadbundle/%24csp%253Der3%24/8938190272366586647/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9AA4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc93ef40e69e8e164108d8ad834e001319a377df2f76682990e2706c4f0ef301

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
720925ad2c7d2d1c92fbec64f0e5c059.min.js
clevernt.com/scripts/ 		119 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clevernt.com/scripts/720925ad2c7d2d1c92fbec64f0e5c059.min.js?20200805=1615144120481
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ae101158d423fa34b2ea71d85f07c948acdf4eeef211700c492b5bca2a7832

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id
631DF46B37858DAF
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
t/mpGUerjWUE+buT3c20vCScB8c+0mW8gOVtztDcb8qezFaltRsFEsT77QryhXM364zsLn5DJD0=
last-modified
Sun, 07 Mar 2021 11:53:40 GMT
server
cloudflare
etag
W/"d4b996f9a27bea7e786083f77f055add"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fObATChrYNGVMPu2rAHYiBrO667Kw2j3gsrnmYy5tx44lsV%2FDrwyZVifd2AW2aAcWQJGlpbVsGOym09%2BgWoIAaa7Wt5%2B%2B6b%2FOR8SG%2FcmC0OaAj%2FI8iNGN4s%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/javascript
cache-control
max-age=1800
cf-request-id
08afb088b200004a917e128000000001
cf-ray
62c61d21191f4a91-FRA
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5&blog=48515529&post=456&tz=1&srv=newsonlineng.com&host=newsonlineng.com&ref=&fcp=2505&rand=0.0934182954305649
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:40 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
get_counts
count-server.sharethis.com/v2.0/ 		315 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb3&url=https%3A%2F%2Fnewsonlineng.com%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.194.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-194-37.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3e2bb71a4ee6a3e00d6512638c5c27440720a3f0c35aed3f2ccc4d49f6205be1

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 19:08:40 GMT
Cache-Control
public, max-age=900
ETag
290996da157574c6979c599f1e99a857
Connection
keep-alive
X-Powered-By
Express
Content-Length
315
Content-Type
text/javascript; charset=utf-8
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 07 Mar 2021 03:08:14 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
57627
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
301
x-amz-cf-id
6F7u8x5G5S0xMiADu51j5KylH_WkG2ur8B4fsL0p2nyHWOjhYQkOXg==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 05:20:46 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
136075
etag
"0af2fb38987598376c99e21af17ade45"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
731
x-amz-cf-id
w64UA2LusXOMEKzcWPCovo--k8c0_9GroL8fmGhahorlpfQd_g_-Pw==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Feb 2021 02:34:40 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2392441
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
832
x-amz-cf-id
u7h0yUcLKq0iCmhceMrPz8jSDCGZpNL7VRd1NONgkqDNJbHguFqvVg==
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 05 Mar 2021 04:03:53 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
227088
etag
"fa43b4ede18498b114fc7185993f6da7"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
456
x-amz-cf-id
1TVpknNXveZQg1BspvJ7aZppJensGb3h8SPRtIecS0w3wWceRZpyDg==
pinterest.svg
platform-cdn.sharethis.com/img/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 12:00:09 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
112111
etag
"2b10a062e719c64b686e2e8fcdc216dc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
771
x-amz-cf-id
1mceljJIIfij_joKxd-sRlE9bZaHQMoMj23_UI-0cufr8GjQ0QaM-Q==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 07 Mar 2021 02:49:37 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
58744
etag
"b55d8d2b9321e381a3c38a4bddb74037"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
565
x-amz-cf-id
pxEeioNcGmWPTUy-PZHBc3j1C9YWBflRKVtJdomEzE91U2NvAuK7iw==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Feb 2021 02:26:52 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
2565709
etag
"9928d025bd5792b718ee0a185f62e67c"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
565
x-amz-cf-id
DdeG-hE-sudt2zJU-0_5gmZfNPNYA1SaNOkFXBSPnM1pGSIndPq0sQ==
si
googleads.g.doubleclick.net/pagead/drt/ Frame D503
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
133 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=3295201830&adf=2403669947&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119026&bpp=16&bdt=879&idt=16&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=2889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kWtLcWziKY&p=https%3A//newsonlineng.com&dtd=19
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 19:08:40 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 20:08:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:40 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 19:08:40 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9AA4 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnH8dvwnu8CFUka4Aod2YwMfw&gqi=tyRFYMvOC5nx7gOI842YDQ&layout=/sadbundle/%24csp%253Der3%24/10854031402549906775/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8974 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 08 Mar 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8974 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 08 Mar 2021 13:07:30 GMT
2b040956e0b852f74dc3ceeb77875d75.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/ Frame 8974 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/2b040956e0b852f74dc3ceeb77875d75.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
665912d0b6734bcd2c38d72e39ee9532b3502714f199191414e326a329a65fd2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
419570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18743
x-xss-protection
0
last-modified
Sat, 09 Jan 2021 11:45:02 GMT
server
sffe
date
Tue, 02 Mar 2021 22:35:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 22:35:50 GMT
css
fonts.googleapis.com/ Frame D53F 		4 KB
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,300
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1855debbf4c4bfdf6009eef3b1bdb0907fe13f8102bb7b78ba9acdf73c8e1c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:48:38 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:40 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D53F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 15:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:52:29 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D53F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 08 Mar 2021 13:07:30 GMT
usync.html
eus.rubiconproject.com/ Frame 6A87
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615144120342937076775
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsonlineng.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Mar 2021 19:08:40 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Sun, 07 Mar 2021 19:08:40 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=zFq5udUmaTCrcv1Q0ONR&pi=mgid&tc=1
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=zFq5udUmaTCrcv1Q0ONR&pi=mgid&tc=1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
50bb02fd-1f2e-4c36-9a45-d060f9274520
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d24dec64aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb08b0b00004aa3a8047000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=zFq5udUmaTCrcv1Q0ONR&pi=mgid&tc=1
pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT, Sun, 07 Mar 2021 19:08:40 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
cm.idealmedia.io/setmuidn/ 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l27EXNkAfP8b
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62c61d234e1e4e5c-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
08afb08a0b00004e5c2a2bf000000001
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDI3RVhOa0FmUDhi&muidn=l27EXNkAfP8b
  • https://cm.mgid.com/google?muidn=l27EXNkAfP8b&google_ula={guid},5&google_gid=CAESEOR5UdlI3drdcP5ooeLkkdM&google_cver=1
0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l27EXNkAfP8b&google_ula={guid},5&google_gid=CAESEOR5UdlI3drdcP5ooeLkkdM&google_cver=1
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d23ecbf4aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb08a6c00004aa3a2164000000001

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l27EXNkAfP8b&google_ula={guid},5&google_gid=CAESEOR5UdlI3drdcP5ooeLkkdM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=53f8eee7-a394-4784-a2dc-decafde43a0d&ttl=1617736120
43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=53f8eee7-a394-4784-a2dc-decafde43a0d&ttl=1617736120
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
3b7c2b2b-514b-4d71-9778-91f82da92bb1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d24eecc4aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb08b0d00004aa303a65000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=53f8eee7-a394-4784-a2dc-decafde43a0d&ttl=1617736120
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=24062b17-c2cb-49b0-9bbd-0f5833c6b947&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c&gdpr=&gdpr_consent=&us_privacy=
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
8da98fe3-daf8-4a15-9815-12c0fa0f0060
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d2669d14aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb08c0600004aa3fa15d000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 07 Mar 2021 19:08:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.lentainform.com/setmuidn/ 		0
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l27EXNkAfP8b
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62c61d234e7ac29a-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb08a0d0000c29aaeadf000000001
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l27EXNkAfP8b
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l27EXNkAfP8b
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c
49 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-568ff9c7d-77hd6
expires
-1

Redirect headers

location
//bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=2f3a4a10-ce9d-44bd-9c03-b909bcbcff8c
date
Sun, 07 Mar 2021 19:08:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
css
fonts.googleapis.com/ Frame 8974 		3 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/2b040956e0b852f74dc3ceeb77875d75.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e82ae8f8c8936b86711f86321ba3ed3f3e11d5003d4a7ca7bd8fbad0e24f804e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 17:47:01 GMT
server
ESF
date
Sun, 07 Mar 2021 19:08:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 19:08:40 GMT
d4a366443545897da1eafeab7ce29204.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/ Frame 8974 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/d4a366443545897da1eafeab7ce29204.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00a57a87c2d04a0811f1077bb6d08d17df458fc4da2f3ef081b6cc63fa9b0b97
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
75801
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40434
x-xss-protection
0
last-modified
Sat, 09 Jan 2021 11:45:02 GMT
server
sffe
date
Sat, 06 Mar 2021 22:05:19 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 22:05:19 GMT
97face7b4fdd4245225eb11905291dbb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/ Frame 8974 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/97face7b4fdd4245225eb11905291dbb.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43770dabce38d847ce1a73c61e292ce69ff60ed05a735d3679d53302bc89dc8c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
216462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2853
x-xss-protection
0
last-modified
Sat, 09 Jan 2021 11:45:02 GMT
server
sffe
date
Fri, 05 Mar 2021 07:00:58 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 07:00:58 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame D53F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
521588
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:15:32 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame D53F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:03:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
age
198292
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
expires
Sat, 05 Mar 2022 12:03:48 GMT
cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
pagead2.googlesyndication.com/bg/ Frame 67EF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
42678
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5702
x-xss-protection
0
expires
Mon, 07 Mar 2022 07:17:22 GMT
heroshot-300x600px_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame 67EF 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/heroshot-300x600px_1.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c26bce06eef7db54340db8004fe44bfd143b56dfccb5aeceaf43fda0869b4b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
206625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88832
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
server
sffe
date
Fri, 05 Mar 2021 09:44:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 09:44:55 GMT
cta_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame 67EF 		193 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/cta_1.png
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92b30aa6cd5435888ca9e8dd4dfb3cf2eabd8d148f2a104dd5d6184dd372ac2f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
126486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
server
sffe
date
Sat, 06 Mar 2021 08:00:34 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 08:00:34 GMT
deloitte-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame 67EF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/deloitte-logo.png
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc243b82595ef5f92667697d787a5030b90fff8d003bf163d00674502ee18fe3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
206625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1722
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
server
sffe
date
Fri, 05 Mar 2021 09:44:55 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 09:44:55 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 8974 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 03:11:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
age
230211
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
expires
Sat, 05 Mar 2022 03:11:49 GMT
JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 8974 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 03:21:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:08 GMT
server
sffe
age
402456
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19440
x-xss-protection
0
expires
Thu, 03 Mar 2022 03:21:04 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B65D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=704283951&adf=2279702821&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119186&bpp=13&bdt=1039&idt=13&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=4670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=rV902lUNdg&p=https%3A//newsonlineng.com&dtd=16
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 19:08:40 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 20:08:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:40 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 19:08:40 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2C70
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869608639929948&output=html&h=600&slotname=2724222375&adk=965708125&adf=2082691779&pi=t.ma~as.2724222375&w=300&fwrn=4&fwrnh=100&lmt=1615144119&rafmt=1&tp=site_kit&psa=0&format=300x600&url=https%3A%2F%2Fnewsonlineng.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1615144119128&bpp=2&bdt=980&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C297x600%2C300x600&nras=1&correlator=1271407612497&frm=20&pv=1&ga_vid=1575178446.1615144118&ga_sid=1615144119&ga_hid=1979514454&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=3768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530890%2C31060287%2C21066923%2C21068084&oid=3&pvsid=2332177466512096&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=f4wMPw5yLz&p=https%3A//newsonlineng.com&dtd=6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 19:08:40 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 07-Mar-2021 20:08:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 07 Mar 2021 19:08:40 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 07 Mar 2021 19:08:40 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
pagead2.googlesyndication.com/bg/ Frame D53F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
42678
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5702
x-xss-protection
0
expires
Mon, 07 Mar 2022 07:17:22 GMT
heroshot-300x600px_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame D53F 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/heroshot-300x600px_1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c26bce06eef7db54340db8004fe44bfd143b56dfccb5aeceaf43fda0869b4b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
206625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88832
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
server
sffe
date
Fri, 05 Mar 2021 09:44:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 09:44:55 GMT
cta_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame D53F 		193 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/cta_1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92b30aa6cd5435888ca9e8dd4dfb3cf2eabd8d148f2a104dd5d6184dd372ac2f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
126486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
server
sffe
date
Sat, 06 Mar 2021 08:00:34 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Mar 2022 08:00:34 GMT
deloitte-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/ Frame D53F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/deloitte-logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10854031402549906775/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc243b82595ef5f92667697d787a5030b90fff8d003bf163d00674502ee18fe3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
206625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1722
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 11:10:22 GMT
server
sffe
date
Fri, 05 Mar 2021 09:44:55 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 09:44:55 GMT
cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
pagead2.googlesyndication.com/bg/ Frame 8974 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
42678
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5702
x-xss-protection
0
expires
Mon, 07 Mar 2022 07:17:22 GMT
usync.js
eus.rubiconproject.com/ Frame 6A87 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
173344dfc2b06190b836201bf50d00def9748a3c1a6ac55ba3ed589b310f00f3

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 19:08:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26904
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Mon, 08 Mar 2021 02:37:05 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6A87 		284 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
activeview
pagead2.googlesyndication.com/pcs/ Frame A56E 		42 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh1jtGtzclYr3JrDbb0dRG6oWAbUXewZUiUCnA5t-qHTVHyuA7k5HOrbRv1_3UYXwAIZrm-_vOkBaRzPCIXoslQLzvuKjDZCwHfylUavMbC6e7Ws6nwM-4b5MhEA&sai=AMfl-YT5l2xltStYhgtQrXzB2df0wqDiflSMbAyjboOTY0x3eZ3zHumCCHtBwb92hONd8ucj4slfWdHInj_x&sig=Cg0ArKJSzD_5QgCTcPdzEAE&id=osdim&mcvt=1006&p=709,0,989,1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1137714943&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615144118998&dlt=460&rpt=117&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 6A87
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid
  • https://cm.mgid.com/m?cdsp=43070&c=KLZJ3W0F-G-5VOJ
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=43070&c=KLZJ3W0F-G-5VOJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
fabe4b9c-f6bf-43af-bd3b-35f8ca5a7e1e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62c61d279c094aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08afb08cc600004aa3d7a79000000001
server
cloudflare

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.mgid.com/m?cdsp=43070&c=KLZJ3W0F-G-5VOJ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
709414.gif
id.rlcdn.com/ Frame 6A87 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6A87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmNDRiZTg2N2UyMjI4OWIyMGMwYWNmMTZlMDY2ZWQ4NGQ4MTllYw
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmNDRiZTg2N2UyMjI4OWIyMGMwYWNmMTZlMDY2ZWQ4NGQ4MTllYw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmNDRiZTg2N2UyMjI4OWIyMGMwYWNmMTZlMDY2ZWQ4NGQ4MTllYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 6A87 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.78.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-78-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 6A87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLZJ3W0F-G-5VOJ&sigv=1&esig=2~e3724f35ca561b7507beb6c34ed5fbb52fbabb72
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLZJ3W0F-G-5VOJ&sigv=1&esig=2~e3724f35ca561b7507beb6c34ed5fbb52fbabb72
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLZJ3W0F-G-5VOJ&sigv=1&esig=2~e3724f35ca561b7507beb6c34ed5fbb52fbabb72
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6A87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaSjNXMEYtRy01Vk9K
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaSjNXMEYtRy01Vk9K
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaSjNXMEYtRy01Vk9K
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6A87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKI8yS1PAl6EUsxkzdzkjv4&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKI8yS1PAl6EUsxkzdzkjv4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKI8yS1PAl6EUsxkzdzkjv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6A87
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=0e796045-24b9-4600-a8eb-e449d9f21d6d
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=0e796045-24b9-4600-a8eb-e449d9f21d6d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Date
Sun, 07 Mar 2021 19:08:39 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=0e796045-24b9-4600-a8eb-e449d9f21d6d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 Mar 2021 19:08:38 GMT
tap.php
pixel.rubiconproject.com/ Frame 6A87
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YEUkuQAAAIXBtDoG
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEUkuQAAAIXBtDoG&_test=YEUkuQAAAIXBtDoG
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEUkuQAAAIXBtDoG&_test=YEUkuQAAAIXBtDoG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615144122.664608,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEUkuQAAAIXBtDoG&_test=YEUkuQAAAIXBtDoG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3927745be993d97d8a79c750f5bd4287b1b2a6c7a36d79fb2988432db5d941f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 19:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6578
x-xss-protection
0
Screenshot_695-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_695-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
2d52c43bfcb3df0747fd23a286d7cc01307373a50601134dc5562c4c996e9364

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
last-modified
Tue, 02 Mar 2021 16:36:55 GMT
server
nginx
etag
"603e69a7-2160"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8544
expires
Tue, 06 Apr 2021 19:08:41 GMT
docallbackinfo8c7886175e00403c89874698b8762614.js
ui.clevernt.com/ 		695 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.clevernt.com/docallbackinfo8c7886175e00403c89874698b8762614.js
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
host-109.clevernetwork.pt
Software
nginx /
Resource Hash
ca2236a98e265af31fcda140007f850848aadf9244c44767520a07087ff08026
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
cache
date
Sun, 07 Mar 2021 19:08:42 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=15768000
expires
Sun, 07 Mar 2021 20:08:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9869608639929948&plah=newsonlineng.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Mar 2021 19:08:41 GMT
single-woman-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/single-woman-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
4eee532ef634a5714e6fdddc5b1e1382e831187f9b117665fab1a69fc8542ef1

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
last-modified
Sun, 21 Feb 2021 11:21:58 GMT
server
nginx
etag
"60324256-1e1b"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7707
expires
Tue, 06 Apr 2021 19:08:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D672 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsonlineng.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://newsonlineng.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 07 Mar 2021 17:02:57 GMT
expires
Mon, 07 Mar 2022 17:02:57 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7544
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NLC-1-e1558516509158-218x150.jpg
newsonlineng.com/wp-content/uploads/2020/12/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/12/NLC-1-e1558516509158-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
4de29276cb7da8c4a0212c461c59470cb99882ac99bfe9abe32fa0cebd393a1d

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
last-modified
Mon, 25 Jan 2021 02:12:36 GMT
server
nginx
etag
"600e2914-31ba"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12730
expires
Tue, 06 Apr 2021 19:08:41 GMT
cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
pagead2.googlesyndication.com/bg/ Frame D672 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
42679
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5702
x-xss-protection
0
expires
Mon, 07 Mar 2022 07:17:22 GMT
Osun-state-218x150.jpeg
newsonlineng.com/wp-content/uploads/2021/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/Osun-state-218x150.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
cc328f26734f439fee0431b7bf13f024ca9618e25476db9d845797c296a52f00

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:41 GMT
last-modified
Sun, 07 Feb 2021 12:17:19 GMT
server
nginx
etag
"601fda4f-210f"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8463
expires
Tue, 06 Apr 2021 19:08:41 GMT
Barcelona-Ranked-Worlds-Richest-Football-Club-In-2021-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/Barcelona-Ranked-Worlds-Richest-Football-Club-In-2021-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
71ea5109586ad2202a95bc10caa0c39b9a4e3149dffd0f9c1c3a462e5b9b4a1d

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sat, 06 Feb 2021 13:57:30 GMT
server
nginx
etag
"601ea04a-475b"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18267
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_725-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_725-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
558c377c95189dbdd4698308ebe5975eb2cd9cbe812d5a44e0d56555e2fc115d

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sat, 06 Mar 2021 17:46:25 GMT
server
nginx
etag
"6043bff1-1ba4"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7076
expires
Tue, 06 Apr 2021 19:08:42 GMT
1LKHK-683x1024-1-683x500-1-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/1LKHK-683x1024-1-683x500-1-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
618151495ee4732f6029faa323e428fe5050c29b97581a7766310c0afe06c503

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Fri, 05 Mar 2021 09:39:26 GMT
server
nginx
etag
"6041fc4e-2b3c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11068
expires
Tue, 06 Apr 2021 19:08:42 GMT
0003-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/0003-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
4c5da9d0e1693ee4741f915ae5c018359b6fcc251ce1a8d8a597aa1c8d16c154

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Wed, 03 Mar 2021 13:45:55 GMT
server
nginx
etag
"603f9313-1790"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6032
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_603-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/02/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/Screenshot_603-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
f926282c1134d613e80b05d0476b148474534e8bdbd41fa9a90be727382441af

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Tue, 23 Feb 2021 13:13:10 GMT
server
nginx
etag
"6034ff66-19ee"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6638
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_579-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/Screenshot_579-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
01e484b153888a0a5b0eedd1a886a6ae686e45a888316c28be7cd881e1a8fcfa

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 21 Feb 2021 23:34:19 GMT
server
nginx
etag
"6032edfb-18d6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6358
expires
Tue, 06 Apr 2021 19:08:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=2332177466512096&bg=!Y2ClYCPNAAWsVXnBrDsAKQB2-DxaeIDMUYhLFFmOLj1qDF0rPltwH6UW1hCEfKh4uIMo_ny3v83IAgAAAHFSAAAADGgBBwoAUfXjItt4-RXpYSWStki9r7k9cGh3IAhyHd_aT_oHFobE1BBFl5fMfG8sw6NZ3K29tWxL4j-KJmKc46nrc7ThUfBCyaAFq25nvH1TdLmePxTfJpkCB-KiGJbZ6oXMshDdGoMXKk-rTZxGTxF-K-SUcwlz6kZoyQjAZzYXNG6ZUNaFH1sY8KbuCpARN_QIvwn37QYdZIOsKMqK6Bpdk1UwHbzofTLY-7fL8s-xXBUsUO8sreSU9k8TN96xb9Lz6jhpO417W4SQGGTQwPs0ftNbDOXWLX244l-G-RWU5H1_rTRZCkth6W2gLrDADzhLioTjUqCzFwD4NSSOXJm3t6_BipF8pj-eA98K0oHHYqDOzGxaaZhkpqhZDQ1nY-dSMA-Z-x9QC5Ty1EVR6UkMvoMJiiTn797vtr24gDP6W71mDc7MLwtsX_htZNZdfqLk9KowOGJwvF3hi5kYAdwsMeiz1DVKcLYmowIN45Q0iGoypUPn5CYySEzsHDjIRH8OzrTxSLkDgV5OzXTgZ0nyysCHr6mF4XLB4KoPSNCmKy1o3rMHV1E9mNP03-98zFzuYgCxYjegVire96Bgy4rP_WSP_tNPHR_lXyj7GRp-OMpY197On5JQgVlffw5Ox6-4amMR-ngpo6Ut4jyvMMtUfnXfFy3gAZbPq2Ih5eq2P9Oy76M19Vs2MEcFRQDW-JNCHNQfHpgCwkzp9-uuC3lYHn8qDFWlz8XRDVEdWNN4U9EHGp2yrl6hz_O38AqyGPcNfjLP2auc-TuUD9rlXlohjxN1dvMdxzqw97MKCe_YaQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Screenshot_727-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_727-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
84a6b777c6adf524989ecfbe2838ce174f8be5e086bd88a6cad9c5d233733f52

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 06:47:10 GMT
server
nginx
etag
"604476ee-19d7"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6615
expires
Tue, 06 Apr 2021 19:08:42 GMT
UFC-3-title-fights-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/UFC-3-title-fights-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
1c34c8f67114417747de6d2fb9e97cb7bfc4746db277d49e146ba22dac51a98e

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 00:04:01 GMT
server
nginx
etag
"60441871-29a2"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10658
expires
Tue, 06 Apr 2021 19:08:42 GMT
Israel-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Israel-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
cca548668e49e7c11c73947dbfa31e737af25bf156e9e1763ae492972fac2c3e

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Fri, 05 Mar 2021 09:17:19 GMT
server
nginx
etag
"6041f71f-28d0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10448
expires
Tue, 06 Apr 2021 19:08:42 GMT
UFC-Schedule-2021-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/UFC-Schedule-2021-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
557f2fe22b04255cb070f18b521a17895620afa5c004216f590164823e34144f

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sat, 20 Feb 2021 22:04:47 GMT
server
nginx
etag
"6031877f-2e56"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11862
expires
Tue, 06 Apr 2021 19:08:42 GMT
Barca-PSG-600x375-1-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/02/Barca-PSG-600x375-1-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
9f4c9f147e4d2558c6842ecdb6affca209b8e42870e4d99b64b2cf42a20c1604

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Tue, 16 Feb 2021 19:30:26 GMT
server
nginx
etag
"602c1d52-303f"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12351
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_733-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_733-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
d3d8827ad8bb46beb5a7aaab94c8e74720894181f5be5411a0ac506505293bf4

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 17:04:50 GMT
server
nginx
etag
"604507b2-1ce5"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7397
expires
Tue, 06 Apr 2021 19:08:42 GMT
Joe-Biden-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/01/Joe-Biden-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
c7a2c3a179bf7669a7d8eeed296e9a921fe9829b0889a614f09a7dbf59690376

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Mon, 25 Jan 2021 02:10:28 GMT
server
nginx
etag
"600e2894-1d88"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7560
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_727-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_727-218x150.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
84a6b777c6adf524989ecfbe2838ce174f8be5e086bd88a6cad9c5d233733f52

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 06:47:10 GMT
server
nginx
etag
"604476ee-19d7"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6615
expires
Tue, 06 Apr 2021 19:08:42 GMT
UFC-3-title-fights-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/UFC-3-title-fights-218x150.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
1c34c8f67114417747de6d2fb9e97cb7bfc4746db277d49e146ba22dac51a98e

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 00:04:01 GMT
server
nginx
etag
"60441871-29a2"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10658
expires
Tue, 06 Apr 2021 19:08:42 GMT
federal-government-declares-tuesday-public-holiday-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/federal-government-declares-tuesday-public-holiday-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
3c7b680f8e5ab3aa9f74a9795b1d8e5a23165f13dc1d4584683c58d6b1b7cbb2

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sat, 06 Mar 2021 11:16:05 GMT
server
nginx
etag
"60436475-1db6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7606
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_732-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_732-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
9264ab59c19b41dc61298193924dde26ac629d61cce342a1605c9999b3b541ac

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 15:36:35 GMT
server
nginx
etag
"6044f303-172f"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5935
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_728-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_728-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
a9c740a1f48c9e5c2be90e74ecf724c6da8a1da658f2e55153dbaf77e7545093

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 09:09:02 GMT
server
nginx
etag
"6044982e-9ed"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2541
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_726-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_726-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
94b402d79f619a6a25ad55ceb180fa3faffd4824064a534bdace9211346e8fb9

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sat, 06 Mar 2021 23:51:48 GMT
server
nginx
etag
"60441594-d92"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3474
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_718-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_718-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
cdd83aa1a0ee9290f0f08cde272dd1179d614eec7bc039b6e6fb250c41fa7345

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Fri, 05 Mar 2021 17:05:14 GMT
server
nginx
etag
"604264ca-2b0d"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11021
expires
Tue, 06 Apr 2021 19:08:42 GMT
Nnamdi-Kanu-ESN-696x391-1-218x150.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Nnamdi-Kanu-ESN-696x391-1-218x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
4757fe58567d37bfffa52b395e4453d2d3ab6d57f27743f5c4032357adc06e59

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Fri, 05 Mar 2021 13:18:29 GMT
server
nginx
etag
"60422fa5-1feb"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8171
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_733.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_733.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
3cd3d339786ec4640f607b0afe4e242f93489b07103974f914de0221f0e3e5c8

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 17:04:48 GMT
server
nginx
etag
"604507b0-7729"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30505
expires
Tue, 06 Apr 2021 19:08:42 GMT
Aso-Rock-Presidential-Villa.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Aso-Rock-Presidential-Villa.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
bd1c731081f039a026cbc30b302f4bf36ef34242d95abe3b7b0a0267778c7583

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 16:49:21 GMT
server
nginx
etag
"60450411-62a1"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25249
expires
Tue, 06 Apr 2021 19:08:42 GMT
Mbaka-cries.jpg
newsonlineng.com/wp-content/uploads/2020/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/12/Mbaka-cries.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
e6aa4141ed397531cc7d46cd42e70910abb4c66872862e890e84d929d7ec73b6

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Mon, 25 Jan 2021 02:13:45 GMT
server
nginx
etag
"600e2959-5dfb"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24059
expires
Tue, 06 Apr 2021 19:08:42 GMT
Screenshot_733.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Screenshot_733.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
3cd3d339786ec4640f607b0afe4e242f93489b07103974f914de0221f0e3e5c8

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 17:04:48 GMT
server
nginx
etag
"604507b0-7729"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30505
expires
Tue, 06 Apr 2021 19:08:42 GMT
Aso-Rock-Presidential-Villa.jpg
newsonlineng.com/wp-content/uploads/2021/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2021/03/Aso-Rock-Presidential-Villa.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
bd1c731081f039a026cbc30b302f4bf36ef34242d95abe3b7b0a0267778c7583

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Sun, 07 Mar 2021 16:49:21 GMT
server
nginx
etag
"60450411-62a1"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25249
expires
Tue, 06 Apr 2021 19:08:42 GMT
Mbaka-cries.jpg
newsonlineng.com/wp-content/uploads/2020/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonlineng.com/wp-content/uploads/2020/12/Mbaka-cries.jpg
Requested by
Host: newsonlineng.com
URL: https://newsonlineng.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.101.79.230 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
538286.cloudwaysapps.com
Software
nginx /
Resource Hash
e6aa4141ed397531cc7d46cd42e70910abb4c66872862e890e84d929d7ec73b6

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 19:08:42 GMT
last-modified
Mon, 25 Jan 2021 02:13:45 GMT
server
nginx
etag
"600e2959-5dfb"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24059
expires
Tue, 06 Apr 2021 19:08:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-9869608639929948&su=newsonlineng.com&eid=42530890&doc=complete&pg_h=12500&pg_w=1600&pg_hs=12500&c=13&aa_c=0&av_h=523.846&av_w=651.308&av_a=285900&s=42&all_s=42&b=810.094&all_b=810.094&d=0.545&all_d=0.545&ard=0.186&all_ard=0.186&dt=d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8974 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=723.0000&a1=https&f1=layout_html&s1=0&d1=8.0000&i=490699616841&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F8938190272366586647%2Findex.html&gqi=tyRFYI70DIuIgAe8kbOIAw&qqi=CIrm8tvwnu8CFYS63godiScG4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 19:08:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

291 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _wpemojiSettings function| advanced_ads_ready object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ undefined| $ function| jQuery function| gtag object| dataLayer object| tdb_globals object| tdwGlobal function| documentInitOneSignal object| OneSignal object| adsbygoogle object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| block_tdi_1_ff1 object| block_tdi_2_644 object| block_tdi_3_334 object| google_tag_manager object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| block_tdi_4_20c object| block_tdi_5_6e5 number| google_lpabyc object| block_tdi_13_066 object| block_tdi_16_024 object| block_tdi_21_425 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| block_tdi_24_b01 object| block_tdi_34_905 object| block_tdi_48_56a object| block_tdi_52_541 object| block_tdi_64_d46 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| block_tdi_68_453 object| block_tdi_80_764 object| block_tdi_84_0c0 object| block_tdi_96_752 object| block_tdi_100_052 object| block_tdi_112_540 object| block_tdi_116_759 object| block_tdi_128_645 object| block_tdi_132_bc4 object| block_tdi_144_69b object| block_tdi_148_b64 object| block_tdi_160_455 object| block_tdi_164_d5b object| block_tdi_176_f29 object| block_tdi_179_3ed number| td_screen_width boolean| mgCanLoad992273 boolean| mgFallback992273 boolean| mgShortWidget992273 boolean| mgUseConvertedCode992273 string| mgRootId992273 object| div992273 string| rootDiv992273 string| mgPreloadId992273 object| _mgIntExchangeNews object| MarketGidInfC992273 function| MarketGidCContextBlock992273 function| MarketGidCMainBlock992273 function| MarketGidCAdvertLinkBlock992273 function| MarketGidCInternalExchangeBlock992273 function| MarketGidCColorBlock992273 function| MarketGidCUtilsBlock992273 function| MarketGidCMonitorBlock992273 function| MarketGidCRejectBlock992273 function| MarketGidCCriteoBlock992273 function| MarketGidCAmpRenderBlock992273 function| MarketGidCInternalExchangeLoggerBlock992273 function| MarketGidCObserverBlock992273 function| MarketGidCSspDoubleClickBlock992273 function| MarketGidCSendDimensionsBlock992273 function| MarketGidCAntifraudBlock992273 function| MarketGidCAntifraudStatisticsBlock992273 function| MarketGidCRtbBlock992273 function| MarketGidCActivateDelayBlock992273 function| MarketGidCIframeSizeChangerBlock992273 function| MarketGidCAccidentalClicksBlock992273 function| MarketGidCExternalCountersBlock992273 function| MarketGidCYandexTurboBlock992273 function| MarketGidCContentPreviewBlock992273 function| MarketGidCCountersBlock992273 function| MarketGidCGradientBlock992273 function| MarketGidCResponsiveBlock992273 object| onClickExcludes function| mgReject992273 function| mgLoadAds992273_11218 function| MarketGidCReject992273 function| MarketGidLoadGoods992273_11218 function| AdskeeperCReject992273 function| AdskeeperLoadGoods992273_11218 function| LentaInformCReject992273 function| LentaInformLoadGoods992273_11218 function| IdealMediaCReject992273 function| IdealMediaLoadGoods992273_11218 boolean| mg_loaded_617634_992273 string| _mgCanonicalUri boolean| _mgPageView617634 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| LoadCriteoAllPlaces992273_11218 boolean| i.js.loaded boolean| i-noref.js.loaded function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| _stq function| st_go function| linktracker_init object| wpcom object| _oneSignalInitOptions object| hstpnetwork number| HstpnetworkRegistryLoaded object| GoogleGcLKhOms object| google_image_requests boolean| hstpchecker

9 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: audit
Value: 1|YkMRfHpVFrX18qxN6HomzmWXL0AO/N76gixRYTlMOO0Fxyf1bXrJohxDWSjf/uqzVUBzGWmYUlAiZ07GJqnMno4BjqNRGrmz
.rubiconproject.com/ Name: khaos
Value: KLZJ3W0F-G-5VOJ
.doubleclick.net/ Name: DSID
Value: NO_DATA
eus.rubiconproject.com/ Name: pux
Value: 1512%3D98012%262249%3D98012%262307%3D98012%263778%3D98012%26idl%3D98012%262249-DV360-Hosted%3D98012%26brx%3D98012%26goog%3D98012%26
.newsonlineng.com/ Name: __gads
Value: ID=e4f172558e9404d8-221942c8b3ba00e2:T=1615144119:RT=1615144119:S=ALNI_MY_ABzpFADXuRrH_QXyv2HmKbWWDw
.doubleclick.net/ Name: IDE
Value: AHWqTUlICO5E-yLjs9FBzm2ip2fzB_hy9RaCR9-qFsnxTJ4HkZ_ErVdb0KqFZyysbHM
newsonlineng.com/ Name: st_shares_https://newsonlineng.com/
Value: [object Object]
newsonlineng.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C992273%22%3A%7B%22page%22%3A1%2C%22time%22%3A1615144120333%7D%7D
.newsonlineng.com/ Name: _gat_gtag_UA_169801043_1
Value: 1

3 Console Messages

Source Level URL
Text
console-api log URL: https://newsonlineng.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api debug URL: https://jsc.mgid.com/n/e/newsonlineng.com.992273.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
bh.contextweb.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.mgid.com
cdn.onesignal.com
clevernt.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
count-server.sharethis.com
creativecdn.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
jsc.mgid.com
l.sharethis.com
match.adsrvr.org
newsonlineng.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.wp.com
pl15984711.topprofitablecpm.com
platform-api.sharethis.com
platform-cdn.sharethis.com
s-img.mgid.com
secure-assets.rubiconproject.com
servicer.mgid.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
ui.clevernt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.newsonlineng.com
x.bidswitch.net
104.16.221.74
104.19.136.78
104.19.216.61
142.250.186.66
142.250.74.194
148.69.64.109
151.101.114.49
18.197.64.250
18.203.78.129
185.184.8.30
185.29.133.52
192.0.76.3
192.243.59.12
198.148.27.140
23.37.42.132
2600:9000:206f:4800:c:abe:f440:93a1
2600:9000:20d7:9e00:c:a9b7:ddc0:93a1
2600:9000:211e:2a00:1d:85c3:6640:93a1
2600:9000:211e:3600:1c:8a07:5e80:93a1
2606:4700:20::681a:a75
2606:4700::6812:e234
2a00:1288:80:800::7000
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9c
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
35.157.168.25
35.174.194.37
35.244.174.68
46.101.79.230
52.29.155.194
69.173.144.138
69.173.144.139
00a57a87c2d04a0811f1077bb6d08d17df458fc4da2f3ef081b6cc63fa9b0b97
01e484b153888a0a5b0eedd1a886a6ae686e45a888316c28be7cd881e1a8fcfa
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a4f81bf2cfbc8e32debf780905397c66a4a4b9502c1dd61fc89ad34ab76ef6f
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e64d4cde04758b3a1b82de12748d2a7f3e18b1c7977cc2acf3822f0723495ff
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119546e56ecce3c2ab44fff0aff926439a24d7796ce2d7988f0b8c788783ce91
13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
173344dfc2b06190b836201bf50d00def9748a3c1a6ac55ba3ed589b310f00f3
175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1855debbf4c4bfdf6009eef3b1bdb0907fe13f8102bb7b78ba9acdf73c8e1c7f
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1c34c8f67114417747de6d2fb9e97cb7bfc4746db277d49e146ba22dac51a98e
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
20c370e6623337e2bc4c3598a7e336d88942792956c8f1f2d4f3fcc3520d95c0
222825f47caa58b84bec227122d28d06cc270f8f4b8e80bb940f1fef9b68f28e
222ee58618ed44bc79102e6264212216d442ce197d15cb2c7d1a7d760281a34b
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c26bce06eef7db54340db8004fe44bfd143b56dfccb5aeceaf43fda0869b4b5
2d52c43bfcb3df0747fd23a286d7cc01307373a50601134dc5562c4c996e9364
2ee606377a07d7144828fa6bdc128d7efe8e91fc186b931978594f323df7e2ce
2fa17df01e7a09866f95bee961dedde23f58681a4ff01d7dabb70e7545e384af
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f
3927745be993d97d8a79c750f5bd4287b1b2a6c7a36d79fb2988432db5d941f3
3c7b680f8e5ab3aa9f74a9795b1d8e5a23165f13dc1d4584683c58d6b1b7cbb2
3cd3d339786ec4640f607b0afe4e242f93489b07103974f914de0221f0e3e5c8
3e2bb71a4ee6a3e00d6512638c5c27440720a3f0c35aed3f2ccc4d49f6205be1
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e
431db16cc204c26f37c9fc9e5addf13399b9e7624ab4e15ac4ff7ae876e01ba9
43770dabce38d847ce1a73c61e292ce69ff60ed05a735d3679d53302bc89dc8c
45e111e731afc90d89650257f0bcba3f145dd5d50a1ffff6dfa69e61e246c855
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46cf5d10e1351ba8cd038352efd68ccb2de9845bfbaa8919e0f3cbf05154aef5
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4757fe58567d37bfffa52b395e4453d2d3ab6d57f27743f5c4032357adc06e59
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4c5da9d0e1693ee4741f915ae5c018359b6fcc251ce1a8d8a597aa1c8d16c154
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4de29276cb7da8c4a0212c461c59470cb99882ac99bfe9abe32fa0cebd393a1d
4eee532ef634a5714e6fdddc5b1e1382e831187f9b117665fab1a69fc8542ef1
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
547c447ccc3c333e8b6b7c87199889e3c64aceb807b07a060d01394d47075576
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
557f2fe22b04255cb070f18b521a17895620afa5c004216f590164823e34144f
558c377c95189dbdd4698308ebe5975eb2cd9cbe812d5a44e0d56555e2fc115d
55ba63b52d9e694bafe04f35ec11d52150105548d1adc7a212ba846620f8cbad
59f0151c21d999ed4a2a4c67011ebc89549fd5d2851221b6b29b4b5773a7f382
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f2a67619082b4f4d8b742daba4a66b0f7549f0d99da9f26b4015b30db025eeb
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61624ae4a69515c0c2e2f2d4f1684966daccd2835c3dffd63d5d5e8feb4bf405
618151495ee4732f6029faa323e428fe5050c29b97581a7766310c0afe06c503
6562c1a4929f3222c77d2d40a5c95bfb81fbad7cf922e15bfbf4d5a86a6405e7
66158c424b8c1278a1e20269a637ba3e8f702ba05db5f7bd8744357b3495f68f
665912d0b6734bcd2c38d72e39ee9532b3502714f199191414e326a329a65fd2
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
693f86dcae216b58ee9cae8208a071ffcfe3ab6ed549bec08a358d3589da8bef
69aa54bf0658aba7d5cf36b8f6fa25130b464ee8fc074feb3bfc33caa07bf42c
69ae101158d423fa34b2ea71d85f07c948acdf4eeef211700c492b5bca2a7832
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcdcad7a653774b5d9aa714099ea2ed6d6353cd9f7a428455c5dd15d09d885c
6cbf8bb84eedb6164282a1f6cf644bd095bf977c6aaabf3a5a1d3842654cce9c
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
71ea5109586ad2202a95bc10caa0c39b9a4e3149dffd0f9c1c3a462e5b9b4a1d
71fdd6407142b9204763c21a4fca03acb28b117feb4c7d5a202ffaa4f80ba3f6
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84a6b777c6adf524989ecfbe2838ce174f8be5e086bd88a6cad9c5d233733f52
86ddc45dd3f52c7f58dc748fec429785bb29678ccd67f8657e17b6b4c267938b
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
877a9b6b27119aea6dfb567731b710942a54845cd692b61efab0bd0927e0374c
890614a56a95a602185e512d584bca01f6e965a6f9811edfbd028a5b2a5c2011
8c4f9e301de77477d549a684a94ebef9d48d39a8e89fa6bb39a5976db5c88305
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9264ab59c19b41dc61298193924dde26ac629d61cce342a1605c9999b3b541ac
92b30aa6cd5435888ca9e8dd4dfb3cf2eabd8d148f2a104dd5d6184dd372ac2f
94b402d79f619a6a25ad55ceb180fa3faffd4824064a534bdace9211346e8fb9
95e60b9391931dc4d5cc9b3b0c28b0eb2751b9066037f7594ba76c47739c187b
9ac7f4d6d148f4a2a426106389e7a46a9bcaa8f2d0041e405020b481a5c01d71
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d583ac50249907442970cca189b01263229da93b2feb725850fb886bc267e68
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e98f21f0473158f4eeb49b447e78533565f9c2ce7bbfdd366eb310a43b96ee4
9f4c9f147e4d2558c6842ecdb6affca209b8e42870e4d99b64b2cf42a20c1604
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a54833ccf77624d1aa2beb1461da6c2e8f81db546a78dce3adbc1adbd351025b
a9c740a1f48c9e5c2be90e74ecf724c6da8a1da658f2e55153dbaf77e7545093
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
ba3f268596d2fbc40fe2c644b4af3663a844a6c48ffa9cc2045080a8853d7d54
bd1c731081f039a026cbc30b302f4bf36ef34242d95abe3b7b0a0267778c7583
bef68150a61b79f71c0f81f23efe27a78da8f6e60e0f188d378b407f9276225a
c01fc004a430a5ecb5e2f37de39c1f72183ca9f516455679cccbb56b15b8ef96
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c133aa971dd74e53b850f17236b10b4847f4930cfa472baf646964b49d643707
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c27ad5ff9062de09eb9d1c3a0fdbf9aa1ad0d28f8a5ec1f90f067c10117e67ed
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c3438263637aef6cebe783f994f39f9e2204c5db6f150217465816615451a4a5
c3a2268282f4633de5b1c734ea61d54761b1a0738e275bc1db914d786304afe6
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c47b1fca3f45df91667916387c59c9a95e5dc01c828e01765a909e3c222ea597
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c7a2c3a179bf7669a7d8eeed296e9a921fe9829b0889a614f09a7dbf59690376
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ca2236a98e265af31fcda140007f850848aadf9244c44767520a07087ff08026
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cc328f26734f439fee0431b7bf13f024ca9618e25476db9d845797c296a52f00
cca548668e49e7c11c73947dbfa31e737af25bf156e9e1763ae492972fac2c3e
cdd83aa1a0ee9290f0f08cde272dd1179d614eec7bc039b6e6fb250c41fa7345
cf27b40d85b585d2bb071c66ba272c7c9ffa85a392008c76a29f56eab9705deb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d3d8827ad8bb46beb5a7aaab94c8e74720894181f5be5411a0ac506505293bf4
d5059f32fbb319603fd421035ba8ae20f2a80c2978279efb10cba65961bdcfe9
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbf3e6a0d9cb2d51f0294ad09614896012a369ddb6c90ee2001a45887fa7fe30
dc243b82595ef5f92667697d787a5030b90fff8d003bf163d00674502ee18fe3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc
df5bc69db7be730a795d8fed5d3e48694cde2b67ac0149ec4817d52436264c57
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da5e0433bf22e01492857f511cd101938e2b5e513d515f3961a4d6c7a3d162
e6aa4141ed397531cc7d46cd42e70910abb4c66872862e890e84d929d7ec73b6
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e82ae8f8c8936b86711f86321ba3ed3f3e11d5003d4a7ca7bd8fbad0e24f804e
ea0bffaff436b2a750ceaeb80b2c0c550b9c0693222116fcdd80f5f576ce0bfd
eaa629d9f0548932ed3e6e758bb03ba934aa479ca2b03a992e4730d0b4668ae9
ec3f1b57b3fd738ebb95c34914a52d147f466db39760e5ae2c7731ecdc9e9d67
ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2
edb6885fa4646140f223c8cfe7bf7d1887830cc998c6f178c88d9019d987165d
eea1490778379b3cb73ab252012a8cb4756de3b9998732d43b0bc525561dfafa
eedb7d038bea7ea22c1cba19b00d8f0acc0a86c03198a858968b59577976502f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef65223803dcd950990c9ed8445091abe672fde874114fa7363fd1ef4e0d7b9f
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f0300e6243307279dea081242f5c1e9039479351015378bb0b53ce1498c47c50
f37c8c0d92722e1c8994e15a3139b1ec362ecfda196b43c21807cf8e4ae1b450
f37dfb46203578d1e12659a5c622dd001612306bfaed68c09ed31765370cbc7e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f926282c1134d613e80b05d0476b148474534e8bdbd41fa9a90be727382441af
fc93ef40e69e8e164108d8ad834e001319a377df2f76682990e2706c4f0ef301
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40