Submitted URL: http://aaaaflam6twitter.blogspot.com/
Effective URL: https://pal4news.com/4640/
Submission: On November 27 via manual from PH — Scanned from DE

Summary

This website contacted 20 IPs in 6 countries across 15 domains to perform 111 HTTP transactions. The main IP is 95.216.29.35, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is pal4news.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 8th 2022. Valid for: 3 months.
This is the only time pal4news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
684 KB
21 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
ad.doubleclick.net — Cisco Umbrella Rank: 197
162 KB
19 pal4news.com
pal4news.com
1 MB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
109 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
ajax.googleapis.com — Cisco Umbrella Rank: 455
10 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
189 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
97 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
914 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12740
s4.histats.com — Cisco Umbrella Rank: 10066
5 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3342
pixel.wp.com — Cisco Umbrella Rank: 2850
3 KB
2 blogspot.com
aaaaflam6twitter.blogspot.com
16 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
696 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2025
2 KB
1 t.co
t.co — Cisco Umbrella Rank: 497
546 B
111 15
Domain Requested by
28 tpc.googlesyndication.com googleads.g.doubleclick.net
aaaaflam6twitter.blogspot.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
19 pal4news.com 1 redirects t.co
pal4news.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
aaaaflam6twitter.blogspot.com
googleads.g.doubleclick.net
12 pagead2.googlesyndication.com pal4news.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
6 www.gstatic.com googleads.g.doubleclick.net
5 www.google.com 4 redirects tpc.googlesyndication.com
5 fonts.googleapis.com pal4news.com
ajax.googleapis.com
googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
4 ad.doubleclick.net 2 redirects googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 s0.2mdn.net tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 aaaaflam6twitter.blogspot.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 pixel.wp.com pal4news.com
1 ajax.googleapis.com pal4news.com
1 secure.gravatar.com pal4news.com
1 s10.histats.com pal4news.com
1 stats.wp.com pal4news.com
1 t.co aaaaflam6twitter.blogspot.com
111 22
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
pal4news.com
cPanel, Inc. Certification Authority
2022-10-08 -
2023-01-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
histats.com
R3
2022-09-30 -
2022-12-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-23 -
2023-12-24
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 18 frames:

Primary Page: https://pal4news.com/4640/
Frame ID: 8364120EBD79A232D1832C5919802FB5
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 55325249443F6323A97EF48D04492B75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&adk=2969136045&adf=3689892565&lmt=1669516919&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpal4news.com%2F4640%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919179&bpp=4&bdt=466&idt=276&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=831545850653&frm=20&pv=2&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: B150CD0F384608BFA8B0CE2A456B4F4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Frame ID: C4ED4EFD72B305988D0E2CC360976A4C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Frame ID: 2B8BC14A3B16D9D5EB31A55978DAB032
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: CE84DCF32473D36A394F0EBB189C21A8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: E1F17DE55D71CE422EAD992A9215855A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10779814441389223269/728x90.html
Frame ID: 3F60CF811FEC694A5F07F27137B4F556
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/970x250.html
Frame ID: 011AB5AE171B28FC851B49B8D9E845EB
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_pre=CNn66perzfsCFbyg_QcdNsAFEA;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 9F7FC340673FE7E7A98F2D2312DF1DBB
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 45D73EEF344770CC76F9DF1818947F54
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 092F2CF449FBACF1F3EF28DB317A6C8C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A40910E45E649655882921817E047070
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 158C782AEDF086C6E749BCFB2C4EC06D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71535C9A557B6C5C2DA85A80A223F98D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: FF1EA834A064D3E1D0ACF42E88CCCF41
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 236E4B751C039AAAD2A5DFAAE3EA64F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D0820D4A4941204E91D4DD285519E36
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

كيفية تداول الفوركس للمبتدئين - فور نيوز

Page URL History Show full URLs

  1. http://aaaaflam6twitter.blogspot.com/ HTTP 301
    https://aaaaflam6twitter.blogspot.com/ Page URL
  2. https://t.co/lFy0Sxk5vX Page URL
  3. https://pal4news.com/4640 HTTP 301
    https://pal4news.com/4640/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

98 %
HTTPS

68 %
IPv6

15
Domains

22
Subdomains

20
IPs

6
Countries

2626 kB
Transfer

5405 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aaaaflam6twitter.blogspot.com/ HTTP 301
    https://aaaaflam6twitter.blogspot.com/ Page URL
  2. https://t.co/lFy0Sxk5vX Page URL
  3. https://pal4news.com/4640 HTTP 301
    https://pal4news.com/4640/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://aaaaflam6twitter.blogspot.com/ HTTP 301
  • https://aaaaflam6twitter.blogspot.com/
Request Chain 48
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28741573.349867066;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28741573.349867066;dc_pre=CPj56perzfsCFTbsEQgdaRMFqA;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 52
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_pre=CNn66perzfsCFbyg_QcdNsAFEA;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 89
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 94
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 96
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
aaaaflam6twitter.blogspot.com/
Redirect Chain
  • http://aaaaflam6twitter.blogspot.com/
  • https://aaaaflam6twitter.blogspot.com/
72 KB
16 KB
Document
General
Full URL
https://aaaaflam6twitter.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
15762
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 02:41:57 GMT
etag
W/"0a2dacbe0a0311a7bbdf099915d1e7f43000fefcf27f3073b5d255bd71655f46"
expires
Sun, 27 Nov 2022 02:41:57 GMT
last-modified
Sun, 20 Nov 2022 23:13:38 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
183
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 02:41:56 GMT
Expires
Sun, 27 Nov 2022 02:41:56 GMT
Location
https://aaaaflam6twitter.blogspot.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
lFy0Sxk5vX
t.co/
230 B
546 B
Document
General
Full URL
https://t.co/lFy0Sxk5vX
Requested by
Host: aaaaflam6twitter.blogspot.com
URL: https://aaaaflam6twitter.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Referer
https://aaaaflam6twitter.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
175
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 02:41:57 GMT
expires
Sun, 27 Nov 2022 02:46:57 GMT
perf
7626143928
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
6613db1bb5520abeb41ae8e9ad151b69f6ac8a287fdb8909f0daf37042ea1a04
x-response-time
114
x-transaction-id
a0be733cd2e1f752
x-xss-protection
0
Primary Request /
pal4news.com/4640/
Redirect Chain
  • https://pal4news.com/4640
  • https://pal4news.com/4640/
148 KB
27 KB
Document
General
Full URL
https://pal4news.com/4640/
Requested by
Host: t.co
URL: https://t.co/lFy0Sxk5vX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
57b9379da22ed04b5af9c4828d67554dba07b58cd7d3a5a8780a321cf2304d69

Request headers

Referer
https://t.co/lFy0Sxk5vX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
26798
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 02:41:58 GMT
Link
<https://pal4news.com/wp-json/>; rel="https://api.w.org/", <https://pal4news.com/wp-json/wp/v2/posts/4640>; rel="alternate"; type="application/json", <https://pal4news.com/?p=4640>; rel=shortlink
Server
Apache
Vary
Accept-Encoding,Cookie
X-Pingback
https://pal4news.com/xmlrpc.php

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 02:41:58 GMT
Location
https://pal4news.com/4640/
Server
Apache
Vary
Accept-Encoding,Cookie
X-Pingback
https://pal4news.com/xmlrpc.php
X-Redirect-By
WordPress
autoptimize_91dab6622c1da932bffcae0eeb494285.css
pal4news.com/wp-content/cache/autoptimize/css/
610 KB
104 KB
Stylesheet
General
Full URL
https://pal4news.com/wp-content/cache/autoptimize/css/autoptimize_91dab6622c1da932bffcae0eeb494285.css
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
bf44487480ae49126a1a4b3cd6cf2d7f2a1f15367108c2be4feba978918e554c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Nov 2022 01:37:08 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=3, must-revalidate, public, immutable
Connection
close
Accept-Ranges
bytes
Expires
Fri, 17 Nov 2023 02:41:58 GMT
autoptimize_9f81b7c858a582b6866269fd0debea40.css
pal4news.com/wp-content/cache/autoptimize/css/
35 KB
7 KB
Stylesheet
General
Full URL
https://pal4news.com/wp-content/cache/autoptimize/css/autoptimize_9f81b7c858a582b6866269fd0debea40.css
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
8e1f566da539a794c4fe766ddb9a07248e4351cecaa48c1db534d8bfaeb65150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Nov 2022 01:37:08 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Content-Type
text/css
Cache-Control
max-age=3, must-revalidate, public, immutable
Connection
close
Accept-Ranges
bytes
Content-Length
6792
Expires
Fri, 17 Nov 2023 02:41:58 GMT
notosanskufiarabic
fonts.googleapis.com/earlyaccess/
1 KB
727 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/earlyaccess/notosanskufiarabic
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7713795cd12f9b0d56c032d0ea4bd3d083b1676354257c9346d5591198c3a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 27 Nov 2022 02:41:58 GMT
jquery.min.js
pal4news.com/wp-includes/js/jquery/
88 KB
88 KB
Script
General
Full URL
https://pal4news.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:58 GMT
Last-Modified
Wed, 02 Nov 2022 04:15:06 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
89684
Content-Type
application/javascript
%D8%B4%D8%B9%D8%A7%D8%B1-%D8%A3%D8%B2%D8%B1%D9%82-%D8%AD%D8%A8%D9%84-%D8%A5%D8%B7%D8%A7%D8%B1-%D8%A3%D8%B2%D9%8A%D8%A7%D8%A1-1_Wondershare.png
pal4news.com/wp-content/uploads/2022/07/
62 KB
63 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/07/%D8%B4%D8%B9%D8%A7%D8%B1-%D8%A3%D8%B2%D8%B1%D9%82-%D8%AD%D8%A8%D9%84-%D8%A5%D8%B7%D8%A7%D8%B1-%D8%A3%D8%B2%D9%8A%D8%A7%D8%A1-1_Wondershare.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
49c639cdb3423e7496278fc47a044afb62944b7cb3cb778657255143e4242444

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:58 GMT
Last-Modified
Sat, 02 Jul 2022 03:27:42 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
63814
Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1113589023391245
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15cdcaeaff81a69026cd452cf280b12fc47bd0b9071435ef41aee948ae0324a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Origin
https://pal4news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49108
x-xss-protection
0
server
cafe
etag
11778642052940022480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 02:41:59 GMT
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-52.png
pal4news.com/wp-content/uploads/2022/11/
326 KB
326 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/11/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-52.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
a842cd0a09a62bea7b1141b92b065165498df3e978814cb653cd0318c92f8531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Thu, 10 Nov 2022 01:01:27 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
333758
Content-Type
image/png
autoptimize_cb6eee962b2e2df0f395aa6388b30877.css
pal4news.com/wp-content/cache/autoptimize/css/
2 KB
1021 B
Stylesheet
General
Full URL
https://pal4news.com/wp-content/cache/autoptimize/css/autoptimize_cb6eee962b2e2df0f395aa6388b30877.css
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
a9e4f9ffa04884d132f234e67ee863eec7b46751faca06b6c85cd107525c3c08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Nov 2022 01:37:08 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Content-Type
text/css
Cache-Control
max-age=3, must-revalidate, public, immutable
Connection
close
Accept-Ranges
bytes
Content-Length
661
Expires
Fri, 17 Nov 2023 02:41:59 GMT
e-202247.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202247.js
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
br
server
nginx
etag
W/"62f6b688-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 12 Nov 2023 22:56:25 GMT
autoptimize_fb80a41914aac56cd58fd596e4bc9d50.js
pal4news.com/wp-content/cache/autoptimize/js/
165 KB
51 KB
Script
General
Full URL
https://pal4news.com/wp-content/cache/autoptimize/js/autoptimize_fb80a41914aac56cd58fd596e4bc9d50.js
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
a8b758ac4591de777c47d2aaad616fd10ca6fb82b0d96ad332115aa692af10b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Nov 2022 01:37:10 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Content-Type
application/javascript
Cache-Control
max-age=3, must-revalidate, public, immutable
Connection
close
Accept-Ranges
bytes
Content-Length
51764
Expires
Fri, 17 Nov 2023 02:41:59 GMT
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:37:25 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
39093455
NotoSansKufiArabic-Bold.woff2
fonts.gstatic.com/ea/notosanskufiarabic/v2/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/ea/notosanskufiarabic/v2/NotoSansKufiArabic-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanskufiarabic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df69e4f334e2275515a11cd543074c487f33b69b0ea84e5e413e4767b52bbb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pal4news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 19:47:46 GMT
x-content-type-options
nosniff
age
543253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31276
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 19:47:46 GMT
tielabs-fonticon.woff
pal4news.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/
40 KB
40 KB
Font
General
Full URL
https://pal4news.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: pal4news.com
URL: https://pal4news.com/wp-content/cache/autoptimize/css/autoptimize_91dab6622c1da932bffcae0eeb494285.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer
https://pal4news.com/wp-content/cache/autoptimize/css/autoptimize_91dab6622c1da932bffcae0eeb494285.css
Origin
https://pal4news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Sat, 02 Jul 2022 02:56:25 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
40536
Content-Type
font/woff
9ff80cf26009aceb94fa5e6aef8986b5
secure.gravatar.com/avatar/
2 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/9ff80cf26009aceb94fa5e6aef8986b5?s=140&d=mm&r=g
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
75c48da0c2de6b357969f59ffb9152a2239089397ee29715d9cab44e3c26e80c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 27 Nov 2022 02:41:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="9ff80cf26009aceb94fa5e6aef8986b5.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/9ff80cf26009aceb94fa5e6aef8986b5?s=140&d=mm&r=g>; rel="canonical"
content-length
2094
expires
Sun, 27 Nov 2022 02:46:59 GMT
admin-ajax.php
pal4news.com/wp-admin/
69 B
467 B
XHR
General
Full URL
https://pal4news.com/wp-admin/admin-ajax.php?postviews_id=4640&action=tie_postviews&_=1669516918985
Requested by
Host: pal4news.com
URL: https://pal4news.com/wp-includes/js/jquery/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
85d106794e35a45a0434640e9d77bb81ad7b011f005427ca239873b62c06299e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://pal4news.com/4640/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
X-Robots-Tag
noindex
Expires
Wed, 11 Jan 1984 05:00:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:21:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 12:21:22 GMT
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-51-390x220.png
pal4news.com/wp-content/uploads/2022/11/
122 KB
122 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/11/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-51-390x220.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
4260bad66b4e11a69d67cf670a30964f29d61b5c50f40272b87f345f592cc2d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Wed, 09 Nov 2022 13:30:13 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
124925
Content-Type
image/png
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-53-390x220.png
pal4news.com/wp-content/uploads/2022/11/
156 KB
156 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/11/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-53-390x220.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
c4b7a2f599d440271873d09fd9c27945a40d639907dd8141c048c6ebd2e927f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Fri, 11 Nov 2022 06:29:31 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
159853
Content-Type
image/png
%D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D9%8A-%D8%A3%D8%B9%D9%84%D9%86-%D8%B9%D9%86-%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%AB%D9%85%D8%A7...
pal4news.com/wp-content/uploads/2022/04/
40 KB
40 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/04/%D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D9%8A-%D8%A3%D8%B9%D9%84%D9%86-%D8%B9%D9%86-%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%AB%D9%85%D8%A7%D8%B1-%D9%81%D9%8A-%D9%85%D9%88%D8%B3%D9%83%D9%88-%D9%81%D9%8A-%D8%B8%D9%84-%D8%AA%D9%81%D8%A7%D9%82%D9%85-%D8%A7%D9%84%D8%AD%D8%B1%D8%A8-%D9%81%D9%8A-%D8%A3%D9%88%D9%83%D8%B1%D8%A7%D9%86%D9%8A%D8%A7-1-5-768x372.jpg
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
9026b9867d3f45513bed311e209716823e8e1f7caf6e7bd0d593c2f45c49fdc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Wed, 06 Apr 2022 21:54:12 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
40996
Content-Type
image/jpeg
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-1-4-390x220.png
pal4news.com/wp-content/uploads/2022/10/
163 KB
163 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/10/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-1-4-390x220.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
f6ae3d1a91e365bc360035ff84f442800337f94f775a4ecf281d72899107493d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Mon, 17 Oct 2022 22:28:23 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
167180
Content-Type
image/png
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-24-1-220x150.png
pal4news.com/wp-content/uploads/2022/11/
20 KB
20 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/11/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-24-1-220x150.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
096420b0ab5591a4d185afe60c072b58b4874a688f9f9e08d3836ff7fdc200e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Sat, 19 Nov 2022 16:58:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
20447
Content-Type
image/png
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-7-300x180.png
pal4news.com/wp-content/uploads/2022/07/
79 KB
79 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/07/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-7-300x180.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
c451bbabc71a04bc15bec9edfaaed6db96b80f60248e657841aabe6d90c0fbec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Fri, 01 Jul 2022 14:27:56 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
80418
Content-Type
image/png
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-52-220x150.png
pal4news.com/wp-content/uploads/2022/11/
48 KB
48 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/11/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-52-220x150.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
3338789f89131d163c3cef6a44072f4eb2706852d858dfa99f58cc395303d331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Thu, 10 Nov 2022 01:01:28 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
48943
Content-Type
image/png
%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-21-220x150.png
pal4news.com/wp-content/uploads/2022/11/
11 KB
12 KB
Image
General
Full URL
https://pal4news.com/wp-content/uploads/2022/11/%D9%82%D8%A7%D9%84%D8%A8-%D9%81%D9%88%D8%B1-%D9%86%D9%8A%D9%88%D8%B2-21-220x150.png
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.29.35 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.webrand.co
Software
Apache /
Resource Hash
f52793c2621e01bc377b0e372d54cac4fd1d852c6d972dbd0825988f7b963c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/4640/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Last-Modified
Sat, 05 Nov 2022 18:59:31 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
11741
Content-Type
image/png
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=191763421&post=4640&tz=3&srv=pal4news.com&j=1%3A11.5.1&host=pal4news.com&ref=https%3A%2F%2Ft.co%2F&fcp=1071&rand=0.5263483579530495
Requested by
Host: pal4news.com
URL: https://pal4news.com/4640/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 27 Nov 2022 02:41:59 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
0.php
s4.histats.com/stats/
51 B
185 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4668882&@f16&@g1&@h1&@i1&@j1669516919122&@k0&@l1&@m%D9%83%D9%8A%D9%81%D9%8A%D8%A9%20%D8%AA%D8%AF%D8%A7%D9%88%D9%84%20%D8%A7%D9%84%D9%81%D9%88%D8%B1%D9%83%D8%B3%20%D9%84%D9%84%D9%85%D8%A8%D8%AA%D8%AF%D8%A6%D9%8A%D9%86%20-%20%D9%81%D9%88%D8%B1%20%D9%86%D9%8A%D9%88%D8%B2&@n0&@ohttps%3A%2F%2Ft.co%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-183058107&@b3:1669516919&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpal4news.com%2F4640%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
7669951da411dcd12b10bbf37acf940a437c7a33b4bdb23d45117bb559728c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 02:41:59 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/
354 KB
116 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1113589023391245
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbf1551f2b7ac8a6368ae3cd30a94cbb363f005fa0edc2eb35d08189a862954c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119220
x-xss-protection
0
server
cafe
etag
72817153379297604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 02:41:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5532
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1113589023391245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:42:07 GMT
etag
10353107486223812946
expires
Sat, 10 Dec 2022 10:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/
2 KB
540 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat&subset=latin&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 02:41:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 02:41:59 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pal4news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:34:14 GMT
x-content-type-options
nosniff
age
364065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 21:34:14 GMT
cookie.js
partner.googleadservices.com/gampad/
391 B
696 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pal4news.com&callback=_gfp_s_&client=ca-pub-1113589023391245&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff04a2930982f8ce3827a3fd0c8306a32c73e1267cf60b9681f6431bfccf7057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pal4news.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pal4news.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B150
283 KB
69 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&adk=2969136045&adf=3689892565&lmt=1669516919&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpal4news.com%2F4640%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919179&bpp=4&bdt=466&idt=276&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=831545850653&frm=20&pv=2&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c9b59e9b4b9fa4cd7a898fbcd6ebd96c13371a9244ad049806b763c64cc1639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
70752
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 02:41:59 GMT
expires
Sun, 27 Nov 2022 02:41:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C4ED
90 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
422a370b0ff56069f0eb50ca6cfe773b3a07472a36be8df854a85b54ce0b73c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33236
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 02:42:00 GMT
expires
Sun, 27 Nov 2022 02:42:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B8B
142 KB
46 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec48f31413e96b6c79ecbfc1203fb82d2463c9c2a5016152d6abcd6e665d769e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJndwJerzfsCFdPtuwgd9x8LRg&gqi=d86CY8qEI-rD7_UPif6vgAY&layout=/sadbundle/%24csp%253Der3%24/17201856483093828370/970x250.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
47153
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJndwJerzfsCFdPtuwgd9x8LRg&gqi=d86CY8qEI-rD7_UPif6vgAY&layout=/sadbundle/%24csp%253Der3%24/17201856483093828370/970x250.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 02:42:00 GMT
expires
Sun, 27 Nov 2022 02:42:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/reactive_library_fy2021.js?bust=31070968
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97b82653fd3efb54b07db9849d2c8496a98eaa9c3f2135a71054373732e178d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52287
x-xss-protection
0
server
cafe
etag
11512999012101823611
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 02:42:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pal4news.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pal4news.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pal4news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame CE84
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:43:57 GMT
etag
10353107486223812946
expires
Sat, 10 Dec 2022 10:43:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame E1F1
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1113589023391245&plah=pal4news.com&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pal4news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:43:57 GMT
etag
10353107486223812946
expires
Sat, 10 Dec 2022 10:43:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame CE84
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 00:57:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 02:42:00 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CE84
205 B
742 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:05:32 GMT
x-content-type-options
nosniff
age
9388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Nov 2023 00:05:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CE84
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 21:56:57 GMT
x-content-type-options
nosniff
age
17103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 26 Nov 2023 21:56:57 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame CE84
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 11:55:15 GMT
728x90.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10779814441389223269/ Frame 3F60
3 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10779814441389223269/728x90.html
Requested by
Host: aaaaflam6twitter.blogspot.com
URL: https://aaaaflam6twitter.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b99d8b1d83bda86523e663dd12124697a1212d835bf39055114bf3d38efbd9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
109267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1391
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 20:20:53 GMT
expires
Sat, 25 Nov 2023 20:20:53 GMT
last-modified
Fri, 21 Oct 2022 15:05:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B28741573.349867066;dc_pre=CPj56perzfsCFTbsEQgdaRMFqA;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame E1F1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28741573.349867066;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28741573.349867066;dc_pre=CPj56perzfsCFTbsEQgdaRMFqA;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28741573.349867066;dc_pre=CPj56perzfsCFTbsEQgdaRMFqA;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28741573.349867066;dc_pre=CPj56perzfsCFTbsEQgdaRMFqA;dc_trk_aid=541200439;dc_trk_cid=180462959;ord=1349994603;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E1F1
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_rWxd86CY4jbI4WL7_UP5JCgqA7hzO2wbfLtiNPvENnZHhABIOC55YoBYJXikIKgB6AB9Li_xQPIAQmoAwHIA0iqBO4BT9DTY9mLf345pesorZheIbQEfS95DBNQW7IF0aNT5SNA9vpX8JQTPQGPjueluUZVHhToGDlVhXkc72qleU2bXX1Hw9_rnEiamVIu2cds_7q4arsvoccUUkELD26lCjDiEn8qtZqoZ9utyOsLQ6M_iZzp_uPVEewA2jwC7Hh9Y_cxle59EojxT9iYtWKubwQueD64FeTJDTjq56v5ST5sAdSKvYBGDR7RB_5XKPiA07DYFqqdqy8ooBpnilHW0Pv4QikKVEdAvWfLKpQ9KUBb4Kw8pvb84kHa92Yhc67CFjgNOtJ_scAtMSGoVjnz_sAE8Jn46IwEkgUECAQYAZIFBAgFGASgBi6AB-yhqKYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyr0P0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMTExMzU4OTAyMzM5MTI0NRgA&sigh=S_dBMMqJPeU&uach_m=[UACH]&cid=CAQSGwDq26N9Wa738FJG-vCVtN2y15_x5GVi53ZIOxgBIBM&template_id=419
Requested by
Host: aaaaflam6twitter.blogspot.com
URL: https://aaaaflam6twitter.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Nov 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Nov 2022 02:42:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E1F1
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
69998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 07:15:22 GMT
970x250.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/ Frame 011A
3 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17201856483093828370/970x250.html
Requested by
Host: aaaaflam6twitter.blogspot.com
URL: https://aaaaflam6twitter.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32010235762d19b85b4a29de454c762cd6ca2d33c5d8d2f7cc5bb368ea40e80c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
160872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1388
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 06:00:48 GMT
expires
Sat, 25 Nov 2023 06:00:48 GMT
last-modified
Fri, 04 Nov 2022 09:05:34 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B28891371.350800958;dc_pre=CNn66perzfsCFbyg_QcdNsAFEA;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 9F7F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_pre=CNn66perzfsCFbyg_QcdNsAFEA;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_pre=CNn66perzfsCFbyg_QcdNsAFEA;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Protocol
H3
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28891371.350800958;dc_pre=CNn66perzfsCFbyg_QcdNsAFEA;dc_trk_aid=542382427;dc_trk_cid=181661523;ord=985446652;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9F7F
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CToeid86CY9nFI9Pb7_UP97-ssAS_wuOxbanruO3wENnZHhABIOC55YoBYJXikIKgB6AB9Li_xQPIAQmoAwHIA0iqBO0BT9AlFiMlBheX6yq3d66jz4n-Th-fQmyILpTLrooSBysONYryItAvsgW1LQVSPO5QYNyVrY2I9AeDfa1UF14L9X0sn8z9n3nCppKyyti33E4cuHw2YtZFl-6B4yHz8WTKi_RdyD0SwG0PA0jzGbuI8ALRQJSaYXzpHGou-AGyxdpdGY9pCWelVDT2ylU7gPBVDGyEr-l6IDSvpKBzVkT8M6zzxFECdSBEfJthb2ySMvb4WfeJ5ygouS-43c26ITDCFFsmT3ryqGVPW4NO6hkSJOPh1c1FtgcSs5dT6kfgNI6sLql_7yJ-NueWEuPiwATcn_2QggSSBQQIBBgBkgUECAUYBKAGLoAH7KGopgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCZ-wjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMTEzNTg5MDIzMzkxMjQ1GAA&sigh=8m-xsenjyPQ&uach_m=[UACH]&cid=CAQSGwDq26N9B3L1slmatL3ImdoKUH3LyOTMKhGHfxgBIBM&template_id=419
Requested by
Host: aaaaflam6twitter.blogspot.com
URL: https://aaaaflam6twitter.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Nov 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Nov 2022 02:42:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9F7F
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
69998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 07:15:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9F7F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 17:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
31325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 17:59:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9F7F
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
51492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 12:23:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F7F
154 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=2836486754&adk=719783326&adf=2388624977&pi=t.ma~as.2836486754&w=688&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=688x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919185&bpp=1&bdt=473&idt=342&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q7SB4toLid&p=https%3A//pal4news.com&dtd=345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 02:42:00 GMT
css
fonts.googleapis.com/ Frame 45D7
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 02:16:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 02:42:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 45D7
2 KB
818 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 11:55:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 45D7
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
69998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 07:15:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 45D7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 17:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
31325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 17:59:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 45D7
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
51492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 12:23:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45D7
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 02:42:00 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 45D7
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
92d0eacbdd534f81de4b06016912d49f.js
www.gstatic.com/mysidia/ Frame C4ED
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4142
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:47 GMT
71e59f4e7c1ff3257428cb688bf08820.js
www.gstatic.com/mysidia/ Frame C4ED
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/71e59f4e7c1ff3257428cb688bf08820.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea25a82fc8550aa425b9bfce9d621f22a15ca6a381c515ce6c7404d17edbc50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4402
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 08:18:43 GMT
css
fonts.googleapis.com/ Frame C4ED
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 01:29:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 02:42:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C4ED
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 11:55:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C4ED
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
69998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 07:15:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C4ED
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 17:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
31325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 17:59:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C4ED
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
51492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 12:23:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4ED
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 02:42:00 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame C4ED
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113589023391245&output=html&h=280&slotname=4548776250&adk=3916231457&adf=1318467558&pi=t.ma~as.4548776250&w=1200&fwrn=4&fwrnh=100&lmt=1669516919&rafmt=1&format=1200x280&url=https%3A%2F%2Fpal4news.com%2F4640%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669516919183&bpp=2&bdt=470&idt=300&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=831545850653&frm=20&pv=1&ga_vid=866979173.1669516919&ga_sid=1669516919&ga_hid=1755831998&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C31070968&oid=2&pvsid=3696489618404192&tmod=140819907&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dh4Kl8A1iy&p=https%3A//pal4news.com&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 092F
143 B
166 B
Document