www.m4news4.ga Open in urlscan Pro
94.130.55.83 Public Scan

URL:
https://www.m4news4.ga/
Submission: On March 15 via api (March 15th 2021, 7:25:28 pm UTC) from US

Summary HTTP 117 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 117 HTTP transactions. The main IP is 94.130.55.83, located in Bad Orb, Germany and belongs to HETZNER-AS, DE. The main domain is www.m4news4.ga.
TLS certificate: Issued by R3 on February 17th 2021. Valid for: 3 months.

This is the only time www.m4news4.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	94.130.55.83 94.130.55.83	24940 (HETZNER-AS) (HETZNER-AS)
5	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3037::ac43:8938	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 2	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
29	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
117	21

2 94.130.55.83 (Bad Orb, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.83.55.130.94.clients.your-server.de

www.m4news4.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:8938 (United States)

ASN13335 (CLOUDFLARENET, US)

go4kora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.57.120 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	facebook.com www.facebook.com	328 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	339 KB
13	go4kora.com go4kora.com	5 MB
10	doubleclick.net googleads.g.doubleclick.net	72 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	146 KB
7	fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	84 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com	129 KB
4	googletagservices.com www.googletagservices.com	129 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google.com 1 redirects adservice.google.com www.google.com	671 B
2	google-analytics.com www.google-analytics.com	19 KB
2	getbutton.io 1 redirects static.getbutton.io	84 KB
2	m4news4.ga www.m4news4.ga	56 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	638 B
1	jquery.com code.jquery.com	33 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
117	17

	Domain	Requested by
29	www.facebook.com	www.m4news4.ga www.facebook.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	go4kora.com	www.m4news4.ga go4kora.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.m4news4.ga pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
5	maxcdn.bootstrapcdn.com	www.m4news4.ga maxcdn.bootstrapcdn.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	scontent-frt3-2.xx.fbcdn.net	www.facebook.com www.m4news4.ga
3	scontent-frt3-1.xx.fbcdn.net	www.facebook.com www.m4news4.ga
3	fonts.googleapis.com	go4kora.com googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.getbutton.io	1 redirects www.m4news4.ga
2	www.m4news4.ga	www.m4news4.ga
1	www.google.com	1 redirects
1	scontent-frx5-1.xx.fbcdn.net	www.m4news4.ga
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	www.m4news4.ga
1	www.googletagmanager.com	www.m4news4.ga
117	22

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
getbutton.io

Subject Issuer	Validity	Valid
m4news4.ga R3	`2021-02-17` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.getbutton.io Sectigo RSA Domain Validation Secure Server CA	`2019-09-26` - `2021-09-23`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.m4news4.ga/
Frame ID: B9658D1BCC809A5731DA90723DD58B78
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
Frame ID: 4ACDF04967969D5641E3528FF98B70AD
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 57074CAFE0B38083A5838E2F64C82AF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246
Frame ID: FCDF7031C36BC8B698038D8A0AB60E94
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=3495635770&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310122&bpp=3&bdt=297&idt=247&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBv9M3iuN4&p=https%3A//www.m4news4.ga&dtd=251
Frame ID: 2174F0DB4CEC2344C225E702E65E954A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277
Frame ID: C2DB13296FD2308A9D2EBA08F1B32036
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&adk=1812271804&adf=3025194257&lmt=1615836310&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.m4news4.ga%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615836310126&bpp=1&bdt=301&idt=281&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280%2C360x280&nras=1&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=284
Frame ID: 0A3D72FD9E3E7967B8E43E3FB45BBF1E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: 058832808317DAE1270FA1A6BBFE96A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: 1353999A2A46EB4918947A2698FDBFD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 195F30EFCAD27968D9318FB0EEA50AEF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: 2C34F9B849DC89F0E98EDAF62AD24102
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 908ECAF5B6129A67D90331B2ED34D8EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

117
Requests

100 %
HTTPS

86 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

6251 kB
Transfer

8397 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/go4kora1001
Title: تويتر

Search URL Search Domain Scan URL

URL: https://www.facebook.com/go4kora.official
Title: فيسبوك

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=www.m4news4.ga
Title: GetButton

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

117 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.m4news4.ga/ 36 KB
8 KB 161ms
65ms Document
text/html 94.130.55.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.m4news4.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

94.130.55.83 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.83.55.130.94.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

839ead5486ebe82c357c86bad9250f55a24e32a8f1c8549dc433ed556e338e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.m4news4.ga
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 15 Mar 2021 19:25:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ci_sesee=sg6ko5cudhhk663p41j0turhe31f3m0a; expires=Mon, 15-Mar-2021 21:25:09 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 31ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.m4news4.ga
Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 113
cdn-cachedat: 2021-03-11 11:57:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d8f2815600004e9764b07000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 71f164031595a0356accd87ed621b35f
cf-ray: 630820488dab4e97-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-rtl.min.css
go4kora.com/assetslive/css/ 24 KB
4 KB 55ms
32ms Stylesheet
text/css 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/assetslive/css/bootstrap-rtl.min.css

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5655
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d8f2815e00004a7450afe000000001
last-modified: Wed, 13 Jun 2018 22:48:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5b219f56-6147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1efOgdmSIFi%2Bzgk2dp8DjWGa3GNvVcLUipF4e8oFe3EFJc%2Fr5UJMdU6TimD9cQ%2FKRvUF3szVgmNh4P4obal7pO%2BM56Ihw4gRnDF1dxgttQ%2Bm0wNTmBFUVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6308204898aa4a74-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 25ms
12ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 431858
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d8f2815300004ece6e0ae000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ac51d65409f7a6c773e04411dc506557
cf-ray: 630820488cfd4ece-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 home.css
go4kora.com/assetslive/css/ 8 KB
2 KB 56ms
32ms Stylesheet
text/css 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/assetslive/css/home.css

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375217941c43a71bb133a3d641640c1ab3c9bba0a671a9da5311a2a163af1132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5655
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d8f2815e00004a7447b3b000000001
last-modified: Mon, 22 Jun 2020 15:41:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ef0d113-1f75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bnpgsow%2Fnkm3jRuhJ%2Bax5e%2FF1TjgDclkYe1gJSUCeU0aBloULP6l633nn8YxpsWMwLaTM99aebKcKJ2X8eDkfWiJ7ZK4kYGbEnK83wLdTDzuXKPIhvTSGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6308204898ab4a74-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159987782-1

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b80d255a9a08c2e43c85f5b0ff587c58b73c860722157c1d3bcbcf806352b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39828
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 18:09:12 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 19:25:09 GMT

GET
H/1.1 200
OK logo.png
www.m4news4.ga/ 48 KB
48 KB 41ms
38ms Image
image/png 94.130.55.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.m4news4.ga/logo.png

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

94.130.55.83 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.83.55.130.94.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8c6c0da229c65f26c243ef5673eb6bc82b69210473aefb0eeaf46dc05a1bbdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 19:25:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 25 Jan 2020 20:15:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5e2ca1db-c095"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49301
X-XSS-Protection: 1; mode=block

GET
H2 200 e285b564c10fbd1fb116204fae59494c.jpg
go4kora.com/assets/articles/ 75 KB
76 KB 17ms
13ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/e285b564c10fbd1fb116204fae59494c.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

484dee95163243692caf367b2162156ff3fd1ff4ce7bddc58d1251b4650a9cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4389
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76945
cf-request-id: 08d8f2819a00004a744119c000000001
last-modified: Sun, 07 Feb 2021 15:30:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6020079c-12c91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNFy8qOvjaOqi5j%2FL%2BkhLyLiF9kknOMGRjBkYW2CgVvWN6QIIjGAvPu0KmZMV%2B99xBaL9RCTd7ukpgZ75ITVh8zGLP26kNZrSpNELS8wGPGX7gtYi6%2BvGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f9424a74-FRA

GET
H2 200 647e372765ae53536f7fb041a749cf9e.jpg
go4kora.com/assets/articles/ 1 MB
1 MB 22ms
19ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/647e372765ae53536f7fb041a749cf9e.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40361aea5098d5f7f58b7d8f9aaef94be6f91a1754d8eb5b289f77fce73878d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1182441
cf-request-id: 08d8f2819a00004a740f13f000000001
last-modified: Wed, 03 Feb 2021 20:27:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "601b073c-120ae9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0cUvaMuS7Z5gNopztlz1GOgr%2F1RkbTix1qzcdkp%2BuPO5a8J7TnfL8qAiK9xW3E5uzbKpnPU%2Bfkfjen7wNj%2F1GNJGsyXCAS9u%2BvroXeg5h2AxwWiF0cUiNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f9434a74-FRA

GET
H2 200 df481392de7a5316afac186a8ab747db.jpg
go4kora.com/assets/articles/ 68 KB
69 KB 22ms
19ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/df481392de7a5316afac186a8ab747db.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22bc71b5407c048113147d7cde16da33ab13e38d3746ffea0d2af0bf3407ff00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69906
cf-request-id: 08d8f2819b00004a746811a000000001
last-modified: Sun, 31 Jan 2021 18:17:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6016f440-11112"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bRfHopTAqrvv0rySwktsTSzGMBc83rldZqU8DuEWkkuillItyezV%2FEODck4TitPFvWl0D31qMEdCJCfQXgZzR66jJC%2FX6d4u4O8YKFdarOWBVb0M5Gq7Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f9464a74-FRA

GET
H2 200 a342aeb0d01f669ddc189eba731922e6.jpg
go4kora.com/assets/articles/ 138 KB
139 KB 23ms
20ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/a342aeb0d01f669ddc189eba731922e6.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02c304c9f16b751ea89bd4bbcb98662de9a885ecfb4aaa0ccdba530bc42f90ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 141199
cf-request-id: 08d8f2819b00004a7426336000000001
last-modified: Tue, 26 Jan 2021 20:59:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6010829c-2278f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0poYKZGXJPVHT%2FMPh%2Bb2r9lY4qQgnAdG8NAbKLagm%2FaD0p5O2vapuT7OQhai63Uxwf%2BFDC8eqo4okzoHkz3%2BWJRe9lalFp4Yao5irRqqvsG5XPkVYhd%2FUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f9474a74-FRA

GET
H2 200 d1094b878a7ab13037d50ee0d814a679.jpg
go4kora.com/assets/articles/ 94 KB
94 KB 22ms
19ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/d1094b878a7ab13037d50ee0d814a679.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65021ec837bb11a4e7c8552891dfa0d4f68222d491892289823c7be45885ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96117
cf-request-id: 08d8f2819b00004a74500e1000000001
last-modified: Sun, 24 Jan 2021 18:39:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "600dbec6-17775"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kGJfU2eIZMQLQe%2BHoXfuMBM8JcnlDCqJLs5lQRgY8PIADQgT7sSgp%2BGszTSShaVnJSlWLefN7qUwJdzM4r9sUjp8J5p9R9AHGSCodbwPE93ZLu5g7MF9Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f9484a74-FRA

GET
H2 200 07056945006906431518abc1ab1f3e97.jpg
go4kora.com/assets/articles/ 930 KB
931 KB 23ms
20ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/07056945006906431518abc1ab1f3e97.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

403223d9ec49f17e451e9d882bbb3cf5ccc5d806221e254d180f60787abf970e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 952041
cf-request-id: 08d8f2819b00004a7462b3d000000001
last-modified: Sat, 16 Jan 2021 17:01:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60031bd8-e86e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jU5FXJmKpEz%2BXgNyxseYfP24DErq98tK8UEaLkrE2xculMuQYqRWC0ElFg5MqYno%2Fq1%2Fw9SfQqXRq8FrxSHkzH4PXRaK5IXrTV3lFS37JZYRS0DCTzK19A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f94a4a74-FRA

GET
H2 200 0f37a81f08ef3c5bc79210b8f8fbe246.jpg
go4kora.com/assets/articles/ 222 KB
222 KB 23ms
21ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/0f37a81f08ef3c5bc79210b8f8fbe246.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb99026e64d7ab310f9da6d3815f4b6bcec154c7d98b284b2f62352d33ca358f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227018
cf-request-id: 08d8f2819b00004a74092b0000000001
last-modified: Sat, 16 Jan 2021 21:54:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60036089-376ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9klAlWca1pEGDX%2Fpamxd6%2BbWVHMAq4tN60RRKz%2BQNQK5mdyyvvYbicC551zlYV%2FhSmDLwwXxHR5P5tS44B3zXS2cOUdVnxEpBgIF82gfWUIDT9MOEfQ4Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f94b4a74-FRA

GET
H2 200 c33add637feaa7e6ef0ad793dd472da9.jpg
go4kora.com/assets/articles/ 288 KB
288 KB 22ms
20ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/c33add637feaa7e6ef0ad793dd472da9.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dba1d87c1171ee553990738ea98e941cf4b6394e2af67a18f2750b2e90bb168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 294689
cf-request-id: 08d8f2819b00004a741b9d7000000001
last-modified: Wed, 02 Dec 2020 20:37:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fc7fb17-47f21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zEbP8H990KopBxAvMNcPdVePXmlZVhLKoH1hOkUUbnmV0QuGRQ1cmnizRJgTyhHTiBa%2FW1CVrCFjCk8d%2FCJe%2FmIad%2FjutJoILhbVxJT8hA2AXsnyrJzxRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f94c4a74-FRA

GET
H2 200 15b81f76f497cf1dba43a7b9b9a6cec0.jpg
go4kora.com/assets/articles/ 891 KB
892 KB 21ms
20ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/15b81f76f497cf1dba43a7b9b9a6cec0.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ab53ebddecc9949966457ecd3dbf87207515e427a3fb803f63c2fce1a09944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 912486
cf-request-id: 08d8f2819c00004a741139e000000001
last-modified: Mon, 30 Nov 2020 22:00:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fc56b76-dec66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WMbIS7bxgn9tXjt3SD76KWLnYl4cFCFmG59mUdbEXSLqDjrTBB3vLB129vbn%2BsKKdvD1oipXcpaZWsIQGLTGr3k8aZYP2YMygqOJYutQ8Eei3LtuVE8oBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f94d4a74-FRA

GET
H2 200 81ffd824daeeeaacbb4595194f397ece.jpg
go4kora.com/assets/articles/ 847 KB
848 KB 21ms
19ms Image
image/jpeg 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/81ffd824daeeeaacbb4595194f397ece.jpg

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8dd48990bb13b8a985396c20265d700189b4487bbed862d98359736940f804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 867289
cf-request-id: 08d8f2819c00004a746f987000000001
last-modified: Mon, 30 Nov 2020 19:37:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fc549f9-d3bd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W3DQfS8WMsOB20PyuDx9E5TVKUi7FP64lZQF3xxKwCiMDyjQmSRDoBaOebZnamN4MXKvyPNK3D4zkSb%2BSB0qNiCskvBLZevxSxY4%2B2Yv4rilg4e97aPy%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f94e4a74-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f935c701cf4f28193cc917220550b6da379012569b445d0f2627255031456b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49963
x-xss-protection: 0
server: cafe
etag: 14654040754866382683
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 19:25:09 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
code.jquery.com/ 94 KB
33 KB 30ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: www.m4news4.ga
URL: https://www.m4news4.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-1762a"
vary: Accept-Encoding
x-hw: 1615836309.dop138.fr8.t,1615836309.cds210.fr8.hn,1615836309.cds227.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
9 KB 13ms
12ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.m4news4.ga
Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 113
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d8f2818200004e97b4008000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b660a2f9aa1697bd14d5a9d274df9f96
cf-ray: 63082048ce144e97-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 5 KB
621 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo:200,300,400,600,700&subset=arabic

Requested by

Host: go4kora.com
URL: https://go4kora.com/assetslive/css/home.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c3585bc899d3cce60c908ae7a78d586b248b84d0c15703ee2a62e2837154c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 19:21:28 GMT
server: ESF
date: Mon, 15 Mar 2021 19:25:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 19:25:09 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

264 KB
84 KB

58ms
58ms

Script
application/javascript

78.46.57.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: www.m4news4.ga
URL: https://www.m4news4.ga/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.57.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.57.46.78.clients.your-server.de
Software: nginx/1.6.2 /
Resource Hash: ad51f4624115345919c62d062e8fe1af3c006dd9bd7496d3685c033747b59e17

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 19:25:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 15:58:34 GMT
Server: nginx/1.6.2
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Mon, 15 Mar 2021 22:25:10 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Mon, 15 Mar 2021 19:25:10 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H2 200 back_originale_overlay.png
go4kora.com/assetslive/img/ 66 KB
67 KB 18ms
18ms Image
image/png 2606:4700:3037::ac43:8938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assetslive/img/back_originale_overlay.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/assetslive/css/home.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8938 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c66fe8cfa1f5b0d5b2d0ea367cd83973cbecd0af216e64483ae8b5047e87c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go4kora.com/assetslive/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6454
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67822
cf-request-id: 08d8f2819c00004a7434186000000001
last-modified: Thu, 28 Nov 2019 16:34:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ddff72f-108ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qcCtLKZVGKPEkdOMlFHCT1csZRoW23OZb%2FDpqIx62qomOGe4Bjdp9oWODjvPZe6fpYtJ3QV62vnQ%2FCyTV9UUBxkNwkdkHfBr8Spt0m6gmSbnfRMspuBovA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63082048f94f4a74-FRA

GET
H2 200 SLXLc1nY6Hkvalqaa46O59ZMaA.woff2
fonts.gstatic.com/s/cairo/v9/ 18 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v9/SLXLc1nY6Hkvalqaa46O59ZMaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:200,300,400,600,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef49b4a8da9073ffc2aa214b10b9ba1037c31c984b9eadb057e32cf10962f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.m4news4.ga
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:30:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:54:58 GMT
server: sffe
age: 3250
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18880
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:30:59 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 12ms
10ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.m4news4.ga
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 113
cdn-cachedat: 2021-03-11 11:57:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 08d8f2819f00004e97bab4e000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 32ea24b0303c39bbb1abb971df2da256
accept-ranges: bytes
cf-ray: 63082048fe554e97-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 18ms
17ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.m4news4.ga
Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 113
cdn-cachedat: 2021-03-11 11:57:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
cf-request-id: 08d8f2819f00004e9772342000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fa04a01d3396e708bfb03693dbc8db88
accept-ranges: bytes
cf-ray: 63082048fe574e97-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v9/ 18 KB
18 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v9/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:200,300,400,600,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e44a062d28d6d5058ae9567dddb28916851f2147d48363bf9c095d4cc1115e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.m4news4.ga
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:33:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:54:23 GMT
server: sffe
age: 3105
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17952
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:33:24 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v9/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v9/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:200,300,400,600,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.m4news4.ga
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:07:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:54:14 GMT
server: sffe
age: 425866
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20672
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:07:23 GMT

GET
H3-Q050 200 SLXLc1nY6Hkvalqaa46L59Y.woff2
fonts.gstatic.com/s/cairo/v9/ 20 KB
20 KB 38ms
22ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v9/SLXLc1nY6Hkvalqaa46L59Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:200,300,400,600,700&subset=arabic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e248efd3e174f94f68af6f92ef1f044ff94469ef3589ec80875b8f30706b9738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.m4news4.ga
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:46:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:54:49 GMT
server: sffe
age: 203930
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20584
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:46:19 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 4ACD 108 KB
24 KB 60ms
59ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId

Requested by

Host: www.m4news4.ga
URL: https://www.m4news4.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73f5ee1dc6fe70f29afd1d16e807c93c0e90bce95264266bf3be116c7bebaad7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: P6eL1DbYh+21zfIT3U8ddeWNYANxNwvhYJo92LHJHOzbtQVafGEtEDpUSOFyRz5X+Aj2AHPnX+M9qqNk4l0tGA==
date: Mon, 15 Mar 2021 19:25:10 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 74ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9192837513441482&plah=www.m4news4.ga&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 5707 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Mar 2021 23:47:12 GMT
expires: Sun, 28 Mar 2021 23:47:12 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 70678
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159987782-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7005
date: Mon, 15 Mar 2021 17:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 15 Mar 2021 19:28:25 GMT

GET
H2 200 ZvNSQ6X6spi.css
www.facebook.com/rsrc.php/v3/yh/l/0,cross/ Frame 4ACD 29 KB
9 KB 11ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f69b06e98c7774bb5ebb2c4b9b5f02e6ec05854a605e3bfb86d1e4f4b15119da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ULaGxlH3Wo/Q8Qr6pfJmKvGcTSbr22hQRgfNwqXaKyJOyhJcfefzsEFCtj9xTjrofuGMQ3odUUy+k6U4uUZxBg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: lpNSdCsIKG1DvC+O6EGdUQ==
date: Mon, 15 Mar 2021 17:28:37 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8478
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:28:37 GMT

GET
H2 200 COFZ7ITuwSz.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 4ACD 268 KB
71 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: idk45SwC3PoZ+9UibWBLtZiUKMexZFK8JdJu0c8q7FQ9lGlGoOed53D/tnGI8QxbbVdHXPfU20ko6gOG21mluQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: RdaRlLRvra/nUVf/g2gp9w==
date: Thu, 11 Mar 2021 00:44:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72280
x-fb-rlafr: 0
expires: Fri, 11 Mar 2022 00:44:51 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame 4ACD 65 KB
20 KB 17ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bea6892d84675a9af55a6aa8df0ed48031b955b87cabf13fe7448dd6eb2fed99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 11:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Cfo2M49o9x+I1QtbBGCQ5w==
cross-origin-resource-policy: cross-origin
content-length: 20250
x-fb-rlafr: 0
x-fb-debug: N97jhf8kv6ANDQ08dn/Z778dXTX5vXUfFPHkqX/K3JtpJ8ucGKG3NMG3mRdN5hwvzhVEztyfulpflrepx4UGAA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Mar 2022 11:13:30 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/ Frame 4ACD 122 KB
34 KB 17ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03e9d0d62b70ae8d31478335a324c17109d6e673237bc65bf6c72272c407cf7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aLql3jS0vbk1V25PSAAHKQ==
cross-origin-resource-policy: cross-origin
content-length: 34739
x-fb-rlafr: 0
x-fb-debug: NMjET0gg9VJB3HSRKRdAfopgTguftRu9FB+lPBrzBzNV8e7XUuJ7+OE4uz0Hipf1Kx79CZsiUWkrdTl/SPqvrA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Mar 2022 17:40:10 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame 4ACD 7 KB
2 KB 17ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 20:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAMp5DhlJ2pej3twf5dwWw==
cross-origin-resource-policy: cross-origin
content-length: 2304
x-fb-rlafr: 0
x-fb-debug: q9QYsaUbAC7jcc9xWqUCVxejJMXRnahZHYWQLU1IwfQw7CSGZSbXOufLsoUN1W7gceiKv8L8Uo+Ti4OBQa7qCg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Mar 2022 20:25:29 GMT

GET
H2 200 EiHUEqLovtm.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame 4ACD 43 KB
13 KB 17ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/EiHUEqLovtm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48ea09f0084bdb3cb647bc0d36d9ac719094c005d049da95589de9f199425c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 18:43:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: M2gJZdIoC0LugzQ/JrXNqw==
cross-origin-resource-policy: cross-origin
content-length: 12714
x-fb-rlafr: 0
x-fb-debug: z28R3cyVISCpBeYbYMLOQXcW/9H2Iusa5DsUE0Cf+IqDbegvBOoEPiwATTeE4GrsKPjYIOf4y4NmDK8k23P+WQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Mar 2022 18:43:08 GMT

GET
H2 200 0We0FKCV5Na.js Show response
www.facebook.com/rsrc.php/v3/y2/r/ Frame 4ACD 17 KB
6 KB 17ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/0We0FKCV5Na.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

419ef23176640e73e6691597d88b3ccfd9f57d1ee983f319be1b179ba8fbc8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DrI/OWNfRZuZgxSxBCGbUg==
cross-origin-resource-policy: cross-origin
content-length: 5651
x-fb-rlafr: 0
x-fb-debug: AlEs7dy5wndWXI/toSKF5+Vly1kKPHUobQjrVeMNyOJQKYVlMNtP2HVjLa/YOOoJzinyqgonKuk+nPq2qy+Ngw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 17:28:37 GMT

GET
H2 200 UdS7Amd3aXI.js Show response
www.facebook.com/rsrc.php/v3iLl54/y-/l/en_US/ Frame 4ACD 37 KB
10 KB 17ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/y-/l/en_US/UdS7Amd3aXI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55b8883a9f908ffce1d25c10579acbb6a65961ca7240eb6b20ca17bde45761e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 04:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: e1tRV0c6L/HzQA2Ab5r/ug==
cross-origin-resource-policy: cross-origin
content-length: 9886
x-fb-rlafr: 0
x-fb-debug: qGjkm+GOsrYnzP15d8HSXZMUSmMP4trCFsB7yv1SmHKPPf5OCAfvyVKW/BjAdlRfTVl4qIA+CZZR4mPbV4sQbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 12 Mar 2022 04:53:39 GMT

GET
H2 200 hkkaSyac7rx.js Show response
www.facebook.com/rsrc.php/v3/yn/r/ Frame 4ACD 210 KB
59 KB 17ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yn/r/hkkaSyac7rx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

657753c380b0c6dfd199ea48ed561777e27c27c439a99fa70c7cb8a2d3ec1ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: G3CLT7t3KZ5pe1hCqsU/wy97uszUfckktvlkQPTP8xro/wx6ZhbZvvxZSmNV5wcHdVV+6vAEqTu2S8tmhAgbqQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: DoSm2qfF7SfyppwXCzqLEw==
date: Sat, 13 Mar 2021 02:09:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 60655
x-fb-rlafr: 0
expires: Sun, 13 Mar 2022 02:09:23 GMT

GET
H2 200 X0zaXtEr1Mw.js Show response
www.facebook.com/rsrc.php/v3/yT/r/ Frame 4ACD 9 KB
3 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yT/r/X0zaXtEr1Mw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cef16c7f5a6a3d93f85943b8236b5ff1cbb4743a6c31cc178028a9e547f74fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: W+qVxBZUtOJroghjDFVnKt+tiXISXAZIGoiYfq5AqhdOLiKfAkZQzpzYqKRoc945yx/flLGtYCg5BKm8SSFs9w==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: pOVGEwyZbAhL7XTkL8W0kQ==
date: Mon, 08 Mar 2021 22:20:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2491
x-fb-rlafr: 0
expires: Tue, 08 Mar 2022 22:20:52 GMT

GET
H2 200 123953445_994883341013439_4294519225038148328_o.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/s350x350/ Frame 4ACD 4 KB
5 KB 22ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/s350x350/123953445_994883341013439_4294519225038148328_o.jpg?_nc_cat=108&ccb=1-3&_nc_sid=dd9801&_nc_ohc=_rfciGicnqQAX_qRkxB&_nc_ht=scontent-frt3-1.xx&tp=7&oh=df27c2b3050e767192587943e12cec55&oe=60769F25
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dc5b47f779da6d0f919000f63cbf68d8178147b9091196e681cb4e5b96177af4

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 729123526
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 2050670934
last-modified: Wed, 11 Nov 2020 17:30:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3280025702
x-fb-config-version-olb-prod: 1036
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4379

GET
H2 200 124947215_995003084334798_8833158796018209744_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 4ACD 1 KB
2 KB 25ms
6ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/124947215_995003084334798_8833158796018209744_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=VtEK1CFoOugAX_8270s&_nc_ht=scontent-frt3-2.xx&tp=27&oh=ac6f81539fe4a07a8037e00e424c2d6c&oe=60749A70
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 199fda2f4f1c7f9247116fe80bfc028bf2a9e313380ce2f748f384d5ab86fcbd

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4146203271
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 11 Nov 2020 21:00:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3581803099
x-fb-config-version-olb-prod: 1035
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1505

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 55ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2143521751&t=pageview&_s=1&dl=https%3A%2F%2Fwww.m4news4.ga%2F&ul=en-us&de=UTF-8&dt=%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%D9%85%D9%84%D8%AE%D8%B5%D8%A7%D8%AA%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D8%A8%D8%B3%D9%8A%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=547501799&gjid=749188327&cid=862841707.1615836310&tid=UA-159987782-1&_gid=546680877.1615836310&_r=1&gtm=2ou330&z=1525249898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 19:25:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.m4news4.ga
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 4ACD 573 B
792 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: fJjd4Q8/UE5ma3gT9h3lhkUzkREWvcEUy8hUiA02KHz5POt5BYI7SZBZGQ5Vsjj89R/6g42InoqCTB5Wxy6QVQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Tue, 09 Mar 2021 23:56:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Wed, 09 Mar 2022 23:56:02 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 4ACD 66 KB
17 KB 135ms
135ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.m4news4.ga%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8KEaVp63m1FwAxu13wqovzEdEc83WwvE3vx60Vo1upE4W0OE2Wwce1xwEw7BKdwl8G0me0iK0D83rw9O0RE2Jw8W&__csr=&__req=1&__beoa=0&__pc=PHASED%3Aplugin_default_pkg&__bhv=1&dpr=1&__ccg=EXCELLENT&__rev=1003450354&__s=%3A%3Awwr8ac&__hsi=6939964104389498389&__comet_req=0&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3579e7c64f2e4b395c868e25f9605391e2067f9007e661506210efeb8619f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: /qnCOo6eyTZz4r1Y2T3O7P0ZAxzB1JRTIKD51actC2lZC+daL3VYpxm3MbqCKDPy0e0OBj5ymimEByvneKTtyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Mar 2021 19:25:10 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 4ACD 138 B
555 B 29ms
29ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3435fcf9046a25270330d99d340a06f25a0815695bc26158c2625acce805a3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Rc/KDfPflk8PLpI9LRDEhoC/6/l2WZTOfH60L7UiqONPH5NRubH9HkAAJQRK+GOu+Kq8mI3wsima2aLsF+wtVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Mar 2021 19:25:10 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame 4ACD 4 KB
4 KB 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: yiplWkLosPxlImB8vZhKp76GmMlkZSN7t+H686ipyCv4QWewyYP8Ga8pKFkIiPdQmBitxlwOzhlCzBHvm+rBjw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OK0dmVpVmdoMRpKMP9eDcg==
date: Sun, 14 Mar 2021 19:06:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3944
x-fb-rlafr: 0
expires: Mon, 14 Mar 2022 19:06:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
638 B 128ms
71ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.m4news4.ga&callback=_gfp_s_&client=ca-pub-9192837513441482

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9192837513441482&plah=www.m4news4.ga&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5fd49ffe1b27b59ccfab4d34756224a58535ff87b795d3215fe4c8a04fd0bd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.m4news4.ga

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 33ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.m4news4.ga

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCDF 61 KB
24 KB 680ms
666ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c165a3f957f87b9d36a28a2278db585b1cbc27fb5665ee35be1732fe382f1c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 19:25:11 GMT
server: cafe
content-length: 24155
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 15-Mar-2021 19:40:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 19:25:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2174 58 KB
20 KB 286ms
285ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=3495635770&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310122&bpp=3&bdt=297&idt=247&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBv9M3iuN4&p=https%3A//www.m4news4.ga&dtd=251

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

154ed4da9279bda787d3a99abc943f8e562070e70bfbd255ef873f83799829c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=3495635770&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310122&bpp=3&bdt=297&idt=247&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBv9M3iuN4&p=https%3A//www.m4news4.ga&dtd=251
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 19:25:10 GMT
server: cafe
content-length: 20821
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 15-Mar-2021 19:40:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 19:25:10 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2DB 62 KB
21 KB 298ms
298ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e11d25477ea08230416ba551252457407cc610aa6ab0651955fffc38485d3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 19:25:10 GMT
server: cafe
content-length: 21819
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 15-Mar-2021 19:40:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 19:25:10 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A3D 8 KB
1 KB 109ms
108ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&adk=1812271804&adf=3025194257&lmt=1615836310&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.m4news4.ga%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615836310126&bpp=1&bdt=301&idt=281&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280%2C360x280&nras=1&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=284

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9af50648ccc195d3109fe6a9a419b34cf2ac120f231146ad030879d4773ac4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9192837513441482&output=html&adk=1812271804&adf=3025194257&lmt=1615836310&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.m4news4.ga%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615836310126&bpp=1&bdt=301&idt=281&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280%2C360x280&nras=1&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=284
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 19:25:10 GMT
server: cafe
content-length: 851
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 15-Mar-2021 19:40:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 19:25:10 GMT
cache-control: private

GET
H2 200 DEffraCttik.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame 4ACD 21 KB
5 KB 11ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/DEffraCttik.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d3bbcda0c7eca3105dfa169395e6799cb905b47d198bdcb1c5fd792013850b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 6Yb7FP4B9pFQtuzg1RHXUOETdz4lq7d6dLmJf15nd1kNCUV8nNn3zYBVWGY9BJW74gIHN7h5fnDIyL+L9Cd+sA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 55OoakRk27ruKaSB7sg3sw==
date: Tue, 09 Mar 2021 17:15:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5287
x-fb-rlafr: 0
expires: Wed, 09 Mar 2022 17:15:31 GMT

GET
H2 200 E4PPTB5sKSq.js Show response
www.facebook.com/rsrc.php/v3/y0/r/ Frame 4ACD 60 KB
15 KB 11ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y0/r/E4PPTB5sKSq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc145f90eba65ffc9cf93e467cf02f5dced81ef74c6b11abb781a0f2bde76919

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 1cjI2vpoz05EO4S83ODzu2zJauv117blXoUgaSqih11tTKenI6r3xhxwowS/3gyFq7ufJwG+Ny1cB5uoPC4hVA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: pqgSBsyQrs/I0G8malYwwQ==
date: Mon, 15 Mar 2021 09:03:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15432
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 09:03:27 GMT

GET
H2 200 3gKIw20zpPx.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame 4ACD 18 KB
6 KB 11ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JxklXWIUFJ/V53r1B155cg==
cross-origin-resource-policy: cross-origin
content-length: 5952
x-fb-rlafr: 0
x-fb-debug: 9fDMYMvvJHDDEozDWchbyZU9xz+MxxxYd19SZp1QEOPatv+5keQGQQVPLjqdicRpEKxlIlYVM7zv0EHl6hNtsA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 14 Mar 2022 14:38:41 GMT

GET
H2 200 fJUbbXS0i_1.js Show response
www.facebook.com/rsrc.php/v3iEBX4/yd/l/en_US/ Frame 4ACD 25 KB
7 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEBX4/yd/l/en_US/fJUbbXS0i_1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed3442f2fe3f62563bcdaa6cd31982130de17593a0b05828fd008c7f3253b296

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: TFSPPfMmyzDDK8SYtX34DY97pDaa3Q/4No0IjWmLgOAoq0n4GnCRbj2KH/b3H/c72IoA+Y/i5K436SGu3ZaYSg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mhqR43ACT0kAPFsBfWO8jw==
date: Tue, 02 Mar 2021 21:08:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7427
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 21:08:35 GMT

GET
H2 200 rANakOivQ8r.js Show response
www.facebook.com/rsrc.php/v3/y1/r/ Frame 4ACD 6 KB
2 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y1/r/rANakOivQ8r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62aedfc64b5a264549cba4f3642437342f37f798287336ab4b792a91fbe22bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: DSLWtQc9ARBzsACEVOiIVeMv+/YrFyScvuRNtL9qVR4Qc4gChzxJ5E655mENHRBVOJsprPTq0jFPwm75SnXF/w==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: wUzIwIfKF0Dw8GgEKi9qlA==
date: Sat, 06 Mar 2021 14:40:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2206
x-fb-rlafr: 0
expires: Sun, 06 Mar 2022 14:40:22 GMT

GET
H2 200 8lEos4dxMMq.js Show response
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4ACD 22 KB
8 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/8lEos4dxMMq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ef6ed451f5d0b3aeffe0447a6f2c8806902e3200cf4bb289d9a03eebffa7db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: MwpkwBPJl+ZLJSUQo2VvfiDkrCit2Un3nHvueL76Av0QuRqWnTOvjOoURszj+PVACUQdALaHssLySed6Z/aTlg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: cOQq/EfZ/K+CGM3fcFUlsg==
date: Mon, 15 Mar 2021 17:29:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7636
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:29:18 GMT

GET
DATA 200
OK truncated
/ Frame 4ACD 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9adf40f2d62a7ea105d6b36b53ca0228c603957a3dc4bc135df78f747c6e440

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 L6n6sNhPkaW.css
www.facebook.com/rsrc.php/v3/yz/l/0,cross/ Frame 4ACD 2 KB
969 B 11ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yz/l/0,cross/L6n6sNhPkaW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5591443aae04ce6cf67dd2f4b646abee252f301b3f5c3ba18fbb4c711e864163

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 71pL1Yc6U7Hx0St5gZL/QBegFabwoGJXrsFhib83yUyepQWQiFmbQ2E7+vSxsLS4pYc7ioEsEwOR+ZyQ8xzpUQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: M5syocQWqbM3v4YFsO2hgA==
date: Mon, 15 Mar 2021 17:34:46 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 754
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:34:46 GMT

GET
H2 200 megOYoQ0ZI5.css
www.facebook.com/rsrc.php/v3/ym/l/0,cross/ Frame 4ACD 1 KB
673 B 9ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ym/l/0,cross/megOYoQ0ZI5.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb530525a8f8aae094add4c90f59ce145c4ec86678bc7feed3208f20df6b4d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: QfHDXGQFIAXHsUFRKH0gr44CNO2VyFeuoU+46mO9ATfprDDPWvwL0yQeY8ZNjHypzrusTTkUrBEng/00QdPzNg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: fuzCEqc1nRh8PSicXJ0Igw==
date: Sat, 06 Mar 2021 14:40:28 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 456
x-fb-rlafr: 0
expires: Sun, 06 Mar 2022 14:40:28 GMT

GET
H2 200 124947215_995003084334798_8833158796018209744_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 4ACD 1 KB
2 KB 6ms
6ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/124947215_995003084334798_8833158796018209744_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=VtEK1CFoOugAX_8270s&_nc_ht=scontent-frt3-2.xx&tp=27&oh=ac6f81539fe4a07a8037e00e424c2d6c&oe=60749A70
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 199fda2f4f1c7f9247116fe80bfc028bf2a9e313380ce2f748f384d5ab86fcbd

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4146203271
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 11 Nov 2020 21:00:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3581803099
x-fb-config-version-olb-prod: 1035
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1505

GET
H2 200 159698023_1075177596317346_1457083287734762608_o.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.0-0/s526x395/ Frame 4ACD 18 KB
18 KB 7ms
6ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-0/s526x395/159698023_1075177596317346_1457083287734762608_o.jpg?_nc_cat=101&ccb=1-3&_nc_sid=110474&_nc_ohc=2fN-XcSkz50AX-7dqNS&_nc_ht=scontent-frt3-2.xx&tp=7&oh=cd66b8f336a9ea1df47e3dfe762dab68&oe=607473B3
Requested by: Host: www.m4news4.ga
URL: https://www.m4news4.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ddedd3cdb29b4bbf45b89b73d0330c2c698ca7e947fc5e139584ebf549dfd1c8

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4110136807
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 10 Mar 2021 17:48:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 400049089
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 18679

GET
H2 200 135078126_1031264090708697_4598935282911717485_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/p235x350/ Frame 4ACD 24 KB
24 KB 7ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/p235x350/135078126_1031264090708697_4598935282911717485_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=110474&_nc_ohc=dSIMrB46n2EAX90qLrI&_nc_ht=scontent-frt3-1.xx&tp=6&oh=9520c7f7f3047017b9470e51379d0105&oe=6075C719
Requested by: Host: www.m4news4.ga
URL: https://www.m4news4.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b4a0d9ebb57c463f795a7b852dab43e627a29fe9eeaba4bf36d32727d8670b7a

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 747692709
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 2050670934
last-modified: Fri, 01 Jan 2021 16:22:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3830904754
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24833

GET
H2 200 134583932_1030448850790221_3376977933698393473_o.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/s526x296/ Frame 4ACD 22 KB
22 KB 12ms
11ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/s526x296/134583932_1030448850790221_3376977933698393473_o.jpg?_nc_cat=109&ccb=1-3&_nc_sid=110474&_nc_ohc=-fzkT19FdysAX-uSEZC&_nc_ht=scontent-frt3-1.xx&tp=7&oh=370447d4ab1d5ecedf67218a13f52e55&oe=60768E53
Requested by: Host: www.m4news4.ga
URL: https://www.m4news4.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 85aec6d6b301dcc0e856b4e055d4718494cceab3965ac38b293a702bd7df6f08

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 130859913
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 2050670934
last-modified: Thu, 31 Dec 2020 13:08:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3352548275
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 22305

GET
H2 200 132810908_1026078031227303_5725161610333666757_o.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p75x225/ Frame 4ACD 11 KB
12 KB 7ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p75x225/132810908_1026078031227303_5725161610333666757_o.jpg?_nc_cat=100&ccb=1-3&_nc_sid=110474&_nc_ohc=bop_yKdaoN8AX_6nDnt&_nc_ht=scontent-frx5-1.xx&tp=6&oh=56da48cfa8465d400a05319c03b967b6&oe=6075E1D6
Requested by: Host: www.m4news4.ga
URL: https://www.m4news4.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6e1492584c05313d0e32e2f801a3fee8caa3e738e00074ad59d9ef6856c69d30

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2076562604
date: Mon, 15 Mar 2021 19:25:10 GMT
x-fb-trip-id: 917726464
last-modified: Thu, 24 Dec 2020 11:53:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4024551315
x-fb-config-version-olb-prod: 2dee580334c349b28254b5de29a02d5a
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11637

GET
H2 200 cQH7wcbHb6b.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame 4ACD 3 KB
3 KB 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y8/r/cQH7wcbHb6b.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/DEffraCttik.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/DEffraCttik.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: aG2yxTjAMeBPHl2jxDmRSuy+rmpEkRqyw6xh2WNz+SrbAvD6D9JDDBqx8BPYXR1SAFY1hG8gsUkdwYy0laIw0A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VrHQyF8wNkH5pOhUYwyBPQ==
date: Sun, 14 Mar 2021 19:06:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3170
x-fb-rlafr: 0
expires: Mon, 14 Mar 2022 19:06:47 GMT

GET
H2 200 2714.png
www.facebook.com/images/emoji.php/v9/t51/1/16/ Frame 4ACD 404 B
621 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/images/emoji.php/v9/t51/1/16/2714.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

025ddacf312f1c4b45d4d0ff431e1852aee90cdd05696b0366ab38b06dc06df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: VpZzJSogFOL5FD8c7T3D6z/smww7Qgj6S+826t3XzHpUkaegLTXMs7Sh9G3kE6EyuKHnxIkw2H2AGTG/fnencQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: WFAn8LD0ylHkh2ftsxfTqw==
date: Thu, 11 Mar 2021 06:32:46 GMT
strict-transport-security: max-age=15552000; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 404
x-fb-rlafr: 0
expires: Fri, 11 Mar 2022 06:32:46 GMT

GET
H2 200 1f970.png
www.facebook.com/images/emoji.php/v9/tea/1/16/ Frame 4ACD 679 B
901 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/images/emoji.php/v9/tea/1/16/1f970.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cc00be999c382cc4ab8cb12fef2d36ff0d27037ca35375f14c634d868a8d59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-md5: dDEQT4QjxRYcxtTOFTJ9SQ==
cross-origin-resource-policy: cross-origin
content-length: 679
x-fb-rlafr: 0
x-fb-debug: 9/3sCXe/Or0/vegdxMQ2wZ7ghum9uxjkq9CmIcIhlSSpeOfxy5B378QYOmjMON6a/1Ecu+rDVh4qDH/1/nd2Ew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Mar 2021 02:21:19 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Mar 2022 02:21:19 GMT

GET
H2 200 1f914.png
www.facebook.com/images/emoji.php/v9/t34/1/16/ Frame 4ACD 630 B
847 B 7ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/images/emoji.php/v9/t34/1/16/1f914.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c74307a8855003a9e42a6bde652c0aec383a562c76595f13b2c6d67baee7cefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: WsyAqYTdZ08Aaq7NWdTzWO6fAlcxv0P970bWPTFCuRJqq9EjEfRjyew+A2XHo2Yc3rc4iKzw7wfdpUPruwKhDQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: PicXcOha4aSNdnCXDVNBtw==
date: Fri, 12 Mar 2021 00:35:15 GMT
strict-transport-security: max-age=15552000; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 630
x-fb-rlafr: 0
expires: Sat, 12 Mar 2022 00:35:15 GMT

GET
H2 200 1f6a8.png
www.facebook.com/images/emoji.php/v9/t45/1/16/ Frame 4ACD 634 B
852 B 7ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/images/emoji.php/v9/t45/1/16/1f6a8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60693d6a606540052f32df0e43ad850322256cbe52d614032ee6455e0cee1611

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fgo4kora.official&tabs=timeline&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 91hgjBX12mnjVmDlXmBFs64tp131NhCeJk7brmJfuJJjk3n/9XB/WChPhiRwmXjdcpjEUQ90n6ectIIl3FEOPw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 02 Mar 2021 21:06:01 GMT
strict-transport-security: max-age=15552000; preload
content-type: image/png
access-control-allow-origin: *
content-md5: CyUhckRyclzkcvLVFJr2hw==
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 634
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 21:06:01 GMT

GET
H2 200 n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame 4ACD 3 KB
3 KB 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: R2uBlsor0K3daRRQQ44Mc6f6LOUPdoudBTUXn/DYtk4LS6hLE4n8sWqzZAqOcZbyOZv5CmgTC0hfr3NESWunVw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FxoGPHP5kucUksTSZgXu4w==
date: Sun, 14 Mar 2021 19:06:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3249
x-fb-rlafr: 0
expires: Mon, 14 Mar 2022 19:06:47 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 2174 2 KB
974 B 42ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=3495635770&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310122&bpp=3&bdt=297&idt=247&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBv9M3iuN4&p=https%3A//www.m4news4.ga&dtd=251

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04f6abfdaebd7170b5c22848a8ab4f2a5e9fcd76276d5de379d5ab0f14645fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 18:01:13 GMT
server: ESF
date: Mon, 15 Mar 2021 19:25:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H2 200 bg_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/ Frame 2174 6 KB
3 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/bg_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2cbcc84dfbbf8f8710d19318a66a1cab1f33a3e9fe44f21bb242231a950176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 19:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 16546800807379158965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Mar 2021 19:40:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 2174 2 KB
1001 B 35ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:23:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame 2174 17 KB
7 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:22:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 2174 2 KB
1 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:22:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2174 112 KB
34 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 2174 13 KB
6 KB 35ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:23:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:23:49 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 2174 26 KB
11 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2174 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGdL5lrRPYKOvGI-u-wblt5dQr_nZ6WGBp-niyQ23mM_h-QkQASDAmNBQYJUCoAGhlfLtAsgBCakCLZEZ_jMCtD6oAwHIA8sEqgTFAU_Qhe8cKNDlwDhQASpslBL5W_0lnqh1JsHnTwNkpry5GhjFTLyEGLYrCTWllmUGH_iZ_VRGuXv3zNWEWSKbDlUHQSYLmGJlrGoWzi9NJF_SDVKJOToqbeUnPOkxmB_yyRSH_ePkX7SD4DqwS6IZitGZ4xsSQKSer_cYTTYQTzWQVAqjIyXhyrQpub-dr49838IVKL6lWkLrx5RpzrELbakWn_F0wmFGghBjpo8-r18KXQTPPdZSQgbpaPPPvXw5s8zPsPGwwAT7-LK7tQOSBQQIBBgBkgUECAUYBKAGLoAHx-qNkgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQt94B0ggJCIDhgBAQARgfgAoByAsB2BMNmBYBshcaChgIABIUcHViLTkxOTI4Mzc1MTM0NDE0ODI&sigh=9HsgL6c7OL4&template_id=5000&tpd=AGWhJmucPG0OXP9Xj2F6QbVRNJ6lhX4HTlkqJzGcGuR30OacNQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=3495635770&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310122&bpp=3&bdt=297&idt=247&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBv9M3iuN4&p=https%3A//www.m4news4.ga&dtd=251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 19:25:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2324773345470499923/ Frame 2174 15 KB
15 KB 55ms
41ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2324773345470499923/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe80fe1d14d18e7b140bf6005c4311ac31cda02d54bd418de0deaf342dd748d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:45:32 GMT
x-content-type-options: nosniff
age: 326378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14941
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 09:55:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 00:45:32 GMT

GET
DATA 200
OK truncated
/ Frame 2174 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2174 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59abe47ea6eb7f82da009418d1817b2f7ab58cc7798dcc2c2c4dc503f5980b65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame C2DB 4 KB
639 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 18:02:24 GMT
server: ESF
date: Mon, 15 Mar 2021 19:25:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame C2DB 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:23:44 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame C2DB 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:22:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame C2DB 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:22:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2DB 112 KB
34 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 19:25:10 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame C2DB 13 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:23:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:23:49 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame C2DB 26 KB
11 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2174 15 KB
15 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 2003
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/524948147417648234/ Frame C2DB 6 KB
6 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/524948147417648234/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5b72a574b5817cbd2a9e42838f69014983f59491a19637e36cac9dfc4bdcaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 08:51:28 GMT
x-content-type-options: nosniff
age: 210822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6498
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 08:31:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 08:51:28 GMT

GET
DATA 200
OK truncated
/ Frame C2DB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame C2DB 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBNQ9lrRPYP_PGcGxzAb72ZqgAdjd_5FhmMXAgYgN9ejav80BEAEgwJjQUGCVAqABpPP79wLIAQmpAhPxVEz7ALQ-qAMByAPLBKoExgFP0GHXFxsEU3HFKWj9unGBNzhk_Cfv1i6Vhtu5fFpgjaBmSOATiVCo6Apk-gCxai54iLQgRYwi7supdiSGIGAB7Vwzgba7IRWXNc5Gsu4MJY0uGc14uWX3qZ3rpGT-fm2FGV0o4vodsdcaMB_REf3qqJRUH7Aebe7d5xOyMLVlY2jd8Aw8DGqMqSvQQRbM6cLoqSBNHtdeeaP6447N_lGhz_Y01rVqPU7Nk3LfbfYEX8el4sIi9qC9BBDrBQhHQsAkjtOHMmLABM_YptGgA5IFBAgEGAGSBQQIBRgEoAYugAfEjISIAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD7rgPSCAkIgOGAEBABGB-ACgHICwHYEwKIFAGyFxoKGAgAEhRwdWItOTE5MjgzNzUxMzQ0MTQ4Mg&sigh=o8bu-K6ujm4&template_id=5000&tpd=AGWhJmvdys0F1BLDqvUUz1mqJv-uV5g_0z30rJ2phedE2FT9YA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 19:25:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C2DB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23e1276aa84a8f5a41aae9d5eb99f62be6268f6b75ae6efaff30a1ee317ced5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 0588 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/bg_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 10226
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Tue, 15 Mar 2022 16:34:44 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C2DB 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 3451
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C2DB 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 2003
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 1353 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=2403415656&adf=2813807421&pi=t.ma~as.3722782739&w=360&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310125&bpp=1&bdt=300&idt=275&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C360x280&correlator=8669871219851&frm=20&pv=1&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BxgfEjUeiE&p=https%3A//www.m4news4.ga&dtd=277

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 10226
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Tue, 15 Mar 2022 16:34:44 GMT

GET
H3-Q050 200 1562984646412181440
tpc.googlesyndication.com/simgad/ Frame FCDF 83 KB
83 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1562984646412181440?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnRxxK0gZvJZsC-mUc4NnFnRjM-gw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e640aea36fd16067038c4454ab97b584c33abb0d55520f17f81960f45b890ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 12:38:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:50:21 GMT
server: sffe
age: 370019
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85157
x-xss-protection: 0
expires: Fri, 11 Mar 2022 12:38:12 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame FCDF 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:22:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame FCDF 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:22:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCDF 112 KB
34 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 19:25:11 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame FCDF 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:23:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 19:23:49 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame FCDF 26 KB
11 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9586547f5e7dc1cae6c2b7b06f373428c7ee0c2b781c9f115d7c1eff9a15301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10850
x-xss-protection: 0
server: cafe
etag: 16879352419962319349
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 00:57:30 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCDF 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc_7llrRPYIC-GKy6-waopq2gAYqT9Nthr57s15UN8p7coNQBEAEgwJjQUGCVAqABwp_tgQPIAQKoAwHIA8kEqgTFAU_QNZU1An5mm0vdqpNsQNIzC8C1Ji3LSbdJYqG-H7zHQEi0Mp3qYOOFjymdfl5-WzWqYYj6YTaLg1RnmxreCaO_mCY-SV0TDjDKjkO5-tamUVMXqQ5WW_sUsfMXcepudYACa-2jqFG7UC0HWiZOtfiCnGpRFnCC9OXRckXCWnhJDOqGjbsBQT3VzFy6VQ31grFdnAdpd0oN2Au8mwffqp2Vw9NFbm-zlm3ZDX75n5fYfEfghs08fcep8CkWG0uWA8esONCswAT04Pv7vwOSBQQIBBgBkgUECAUYBKAGAoAHpuCSfqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDE3wrSCAkIgOGAEBABGB-ACgHICwHYEwKyFxoKGAgAEhRwdWItOTE5MjgzNzUxMzQ0MTQ4Mg&sigh=bpkm_E-yizs&tpd=AGWhJms6XKe3a-jJ1g0Z8GHQabnT3ps8_UStsqqTbIxd5kDIHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 19:25:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 195F 143 B
215 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmo1LAoKsmT9nZAhIODoZoiE9Gx-hUFp-VwSalNdCsujY6oTMcZAQxoRiaL_jk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Mar 2021 19:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 111
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FCDF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3656124b857da52d547fde7d1bcd3a27c990340cc8e00bd6f120dd53fb44140f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 66ms
53ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6d7c44e5acacd1b9a95b864773a1f4275427b5c0c060d0eac12334401f80b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 19:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6514
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 195F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

39ms
39ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmo1LAoKsmT9nZAhIODoZoiE9Gx-hUFp-VwSalNdCsujY6oTMcZAQxoRiaL_jk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 19:25:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 15-Mar-2021 20:25:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 19:25:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 19:25:11 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C34 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9192837513441482&output=html&h=280&slotname=3722782739&adk=1644935723&adf=1321228541&pi=t.ma~as.3722782739&w=750&fwrn=4&fwrnh=100&lmt=1615836310&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.m4news4.ga%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615836310107&bpp=15&bdt=282&idt=232&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8669871219851&frm=20&pv=2&ga_vid=862841707.1615836310&ga_sid=1615836310&ga_hid=2143521751&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060287&oid=3&pvsid=915858852005300&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FjtoaKpe6S&p=https%3A//www.m4news4.ga&dtd=246

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 10227
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Tue, 15 Mar 2022 16:34:44 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 15 Mar 2021 19:25:11 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 908E 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.m4news4.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.m4news4.ga/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 15 Mar 2021 17:49:30 GMT
expires: Tue, 15 Mar 2022 17:49:30 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5741
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 908E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 10227
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Tue, 15 Mar 2022 16:34:44 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=915858852005300&bg=!CwilCEvNAAUO7zDoDjsAKQB2-DxaNLKpu16ZJh0X6z9IO565GTa__ri77AQdlJkTJcLwr6BEFJysAgAAAEhSAAAAC2gBBwoAY7mtq6-PC57Ygba7BnOyx_R9JOtsEhtOWrDpvEAPfeYW8doyMepbJGY42ZGdULVifU_jTgShBAm-YPYAc8FMzNd4HJCVnQIHi-j9Ue5xeO6zQQK-3Krqgouu13gsZ5-r3_E_3pkCDfMf97DBfpxvG81s2FCjpOVFmolO4B4uSLN2AQPlRR9q_qsWmX1i0li8tQ57n4R-FoeeNFEae4545EBnIuSgDKhRjFrT-289Ye1GNxoZSDrdO3ZN1TxeSI87ixJNOgg9aet4M5b552bDCqojR3qWqGpPabvqVDonPE2OpjRUYbtUzm_S_1n0Lx5zyDTIZxpO4c6hgu3lpGFWiHPZhgyR0v0zyRCGZgtrpzQr39O7jN_crJwzI45Uc4yjNL1ybfni4Wl8pt3TQANaO6PADtoxCXSfgTzxVLkq9cDk09Zn-DPwaWjpEnWkh4ush9-Ru115utJYZNCAuQLBvSl2odT839-AEIZE7gTqAsorNuijFQpeL8iyBWg8EE0XIo30qVm6FJtSFzrM7oyY7uSoy0felRAH0yMcXfGzGTwCSBKJ2F68vSUHb7pUPZs3thYhabWN_0lXrzbIPwSFVp92tcgi-ttfXDjMcKi8rQALYEZydUWiQsEyI0JTtjL62rfExlboNmAyK9F5KMODejm16DzMZQX13zRPqY3_KrdIzzxahHC5RQ0wtjzVV_a2asPEZnV5aO5vNfb5P8pTkbj1Ei4mEcZdlUVcI1qAo1N6qLqxlwht3BqXikR1znaqxQiu212QUNvPG0v4K-MRalpTLgYSMb4_XTrZahA_c123tdvbq7h-kZXWjRcjZsT3xNcdbA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.m4news4.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 19:25:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2174 42 B
132 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtrCK_Sp4596aM4dULnY8MS59AFwH3XuQHbyhkD7nuQjXMytHl1NXqt3gXonc6oYprFQEO--36AC9dZsb1A0lU1iTW8l9twLImQp40qadcUpIIAYCNK_V7ur4U2g&sai=AMfl-YQa5QJqDZ0uLEIqD_rNAj4poH-F2lovFZGksECcs0zTXc7SYo4Ew77bo9KUJPm3kp2ERyTYzd3ydaeC&sig=Cg0ArKJSzOKcVeZwnpkgEAE&id=osdim&mcvt=1001&p=363,230,643,590&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2403415656&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615836310375&dlt=288&rpt=48&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 19:25:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:50:37	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 02:12:12	Name: IDE Value: AHWqTUmo1LAoKsmT9nZAhIODoZoiE9Gx-hUFp-VwSalNdCsujY6oTMcZAQxoRiaL_jk
.m4news4.ga/	1970-01-20 02:12:12	Name: __gads Value: ID=1b94597c6aea05c9-22061200c9ba0038:T=1615836310:RT=1615836310:S=ALNI_MaHlws4DS3KZSmX0hRz1Bbuxudu1g
.m4news4.ga/	1970-01-19 16:52:02	Name: _gid Value: GA1.2.546680877.1615836310
.m4news4.ga/	1970-01-20 10:21:48	Name: _ga Value: GA1.2.862841707.1615836310
.m4news4.ga/	1970-01-19 16:50:36	Name: _gat_gtag_UA_159987782_1 Value: 1
www.m4news4.ga/	1970-01-19 16:50:43	Name: ci_sesee Value: sg6ko5cudhhk663p41j0turhe31f3m0a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
go4kora.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
static.getbutton.io
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.m4news4.ga
142.250.185.162
2001:4de0:ac18::1:a:3b
2606:4700:3037::ac43:8938
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
78.46.57.120
94.130.55.83
025ddacf312f1c4b45d4d0ff431e1852aee90cdd05696b0366ab38b06dc06df4
02c304c9f16b751ea89bd4bbcb98662de9a885ecfb4aaa0ccdba530bc42f90ee
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
03e9d0d62b70ae8d31478335a324c17109d6e673237bc65bf6c72272c407cf7e
04f6abfdaebd7170b5c22848a8ab4f2a5e9fcd76276d5de379d5ab0f14645fb2
0c66fe8cfa1f5b0d5b2d0ea367cd83973cbecd0af216e64483ae8b5047e87c76
0cef16c7f5a6a3d93f85943b8236b5ff1cbb4743a6c31cc178028a9e547f74fd
0d8dd48990bb13b8a985396c20265d700189b4487bbed862d98359736940f804
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
154ed4da9279bda787d3a99abc943f8e562070e70bfbd255ef873f83799829c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199fda2f4f1c7f9247116fe80bfc028bf2a9e313380ce2f748f384d5ab86fcbd
1e11d25477ea08230416ba551252457407cc610aa6ab0651955fffc38485d3ff
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1ef6ed451f5d0b3aeffe0447a6f2c8806902e3200cf4bb289d9a03eebffa7db4
1f935c701cf4f28193cc917220550b6da379012569b445d0f2627255031456b9
22bc71b5407c048113147d7cde16da33ab13e38d3746ffea0d2af0bf3407ff00
23e1276aa84a8f5a41aae9d5eb99f62be6268f6b75ae6efaff30a1ee317ced5f
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b80d255a9a08c2e43c85f5b0ff587c58b73c860722157c1d3bcbcf806352b6c
2dba1d87c1171ee553990738ea98e941cf4b6394e2af67a18f2750b2e90bb168
33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
3435fcf9046a25270330d99d340a06f25a0815695bc26158c2625acce805a3f0
3656124b857da52d547fde7d1bcd3a27c990340cc8e00bd6f120dd53fb44140f
375217941c43a71bb133a3d641640c1ab3c9bba0a671a9da5311a2a163af1132
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
3a5b72a574b5817cbd2a9e42838f69014983f59491a19637e36cac9dfc4bdcaa
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3c3585bc899d3cce60c908ae7a78d586b248b84d0c15703ee2a62e2837154c30
3d3bbcda0c7eca3105dfa169395e6799cb905b47d198bdcb1c5fd792013850b9
403223d9ec49f17e451e9d882bbb3cf5ccc5d806221e254d180f60787abf970e
40361aea5098d5f7f58b7d8f9aaef94be6f91a1754d8eb5b289f77fce73878d4
419ef23176640e73e6691597d88b3ccfd9f57d1ee983f319be1b179ba8fbc8a4
41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9
484dee95163243692caf367b2162156ff3fd1ff4ce7bddc58d1251b4650a9cbc
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48ea09f0084bdb3cb647bc0d36d9ac719094c005d049da95589de9f199425c94
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ef49b4a8da9073ffc2aa214b10b9ba1037c31c984b9eadb057e32cf10962f6c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5591443aae04ce6cf67dd2f4b646abee252f301b3f5c3ba18fbb4c711e864163
59abe47ea6eb7f82da009418d1817b2f7ab58cc7798dcc2c2c4dc503f5980b65
5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
5fd49ffe1b27b59ccfab4d34756224a58535ff87b795d3215fe4c8a04fd0bd95
60693d6a606540052f32df0e43ad850322256cbe52d614032ee6455e0cee1611
62aedfc64b5a264549cba4f3642437342f37f798287336ab4b792a91fbe22bb6
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
657753c380b0c6dfd199ea48ed561777e27c27c439a99fa70c7cb8a2d3ec1ac0
67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1492584c05313d0e32e2f801a3fee8caa3e738e00074ad59d9ef6856c69d30
6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed
73f5ee1dc6fe70f29afd1d16e807c93c0e90bce95264266bf3be116c7bebaad7
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7a2cbcc84dfbbf8f8710d19318a66a1cab1f33a3e9fe44f21bb242231a950176
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
839ead5486ebe82c357c86bad9250f55a24e32a8f1c8549dc433ed556e338e0a
85aec6d6b301dcc0e856b4e055d4718494cceab3965ac38b293a702bd7df6f08
8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92
8c6c0da229c65f26c243ef5673eb6bc82b69210473aefb0eeaf46dc05a1bbdba
8cc00be999c382cc4ab8cb12fef2d36ff0d27037ca35375f14c634d868a8d59d
9af50648ccc195d3109fe6a9a419b34cf2ac120f231146ad030879d4773ac4c7
a2ab53ebddecc9949966457ecd3dbf87207515e427a3fb803f63c2fce1a09944
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d7c44e5acacd1b9a95b864773a1f4275427b5c0c060d0eac12334401f80b8c
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
ad51f4624115345919c62d062e8fe1af3c006dd9bd7496d3685c033747b59e17
b4a0d9ebb57c463f795a7b852dab43e627a29fe9eeaba4bf36d32727d8670b7a
b9586547f5e7dc1cae6c2b7b06f373428c7ee0c2b781c9f115d7c1eff9a15301
b9adf40f2d62a7ea105d6b36b53ca0228c603957a3dc4bc135df78f747c6e440
bb99026e64d7ab310f9da6d3815f4b6bcec154c7d98b284b2f62352d33ca358f
bea6892d84675a9af55a6aa8df0ed48031b955b87cabf13fe7448dd6eb2fed99
c165a3f957f87b9d36a28a2278db585b1cbc27fb5665ee35be1732fe382f1c92
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c55b8883a9f908ffce1d25c10579acbb6a65961ca7240eb6b20ca17bde45761e
c74307a8855003a9e42a6bde652c0aec383a562c76595f13b2c6d67baee7cefc
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc5b47f779da6d0f919000f63cbf68d8178147b9091196e681cb4e5b96177af4
ddedd3cdb29b4bbf45b89b73d0330c2c698ca7e947fc5e139584ebf549dfd1c8
e248efd3e174f94f68af6f92ef1f044ff94469ef3589ec80875b8f30706b9738
e3579e7c64f2e4b395c868e25f9605391e2067f9007e661506210efeb8619f5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a062d28d6d5058ae9567dddb28916851f2147d48363bf9c095d4cc1115e82
e640aea36fd16067038c4454ab97b584c33abb0d55520f17f81960f45b890ed4
e65021ec837bb11a4e7c8552891dfa0d4f68222d491892289823c7be45885ab2
ed3442f2fe3f62563bcdaa6cd31982130de17593a0b05828fd008c7f3253b296
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f69b06e98c7774bb5ebb2c4b9b5f02e6ec05854a605e3bfb86d1e4f4b15119da
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb530525a8f8aae094add4c90f59ce145c4ec86678bc7feed3208f20df6b4d49
fc145f90eba65ffc9cf93e467cf02f5dced81ef74c6b11abb781a0f2bde76919
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe80fe1d14d18e7b140bf6005c4311ac31cda02d54bd418de0deaf342dd748d1

www.m4news4.ga Open in urlscan Pro 94.130.55.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

86 %IPv6

17 Domains

22 Subdomains

21 IPs

3 Countries

6251 kBTransfer

8397 kBSize

7 Cookies

3 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.m4news4.ga Open in urlscan Pro
94.130.55.83 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

86 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

6251 kB
Transfer

8397 kB
Size

7
Cookies

117 HTTP transactions
6 data transactions