sudaneseonline.com Open in urlscan Pro
2606:4700:20::681a:b2e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sudaneseonline.com/
Effective URL:
https://sudaneseonline.com/
Submission: On August 25 via manual (August 25th 2021, 6:19:14 am UTC) from AE

Summary HTTP 244 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 25 domains to perform 244 HTTP transactions. The main IP is 2606:4700:20::681a:b2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is sudaneseonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time sudaneseonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700:20:... 2606:4700:20::681a:b2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18 82	2606:4700:20:... 2606:4700:20::ac43:4b3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.101.186 143.204.101.186	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
6 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5 34	2a04:4e42:1f::84 2a04:4e42:1f::84	54113 (FASTLY) (FASTLY)
1	5.135.83.165 5.135.83.165	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	51.158.146.105 51.158.146.105	12876 (Online SAS) (Online SAS)
1	107.6.185.250 107.6.185.250	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	163.172.219.20 163.172.219.20	12876 (Online SAS) (Online SAS)
1	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 50	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
244	44

3 2606:4700:20::681a:b2e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2606:4700:20::ac43:4b3e (United States) 18 redirects

ASN13335 (CLOUDFLARENET, US)

sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.186 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-186.fra50.r.cloudfront.net

xslt.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a04:4e42:1f::84 (United States) 5 redirects

ASN54113 (FASTLY, US)

s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.83.165 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.146.105 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-146-105.rev.poneytelecom.eu

d.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.6.185.250 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
PTR: am1.fcomet.com

sudan-uprisings.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.219.20 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-219-20.rev.poneytelecom.eu

a.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

j.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

bp1.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	sudaneseonline.com 20 redirects www.sudaneseonline.com sudaneseonline.com	662 KB
67	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	733 KB
34	pinimg.com 5 redirects s-media-cache-ak0.pinimg.com i.pinimg.com	1 MB
27	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	184 KB
15	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com	195 KB
12	google.com 6 redirects www.google.com adservice.google.com	1 KB
8	google-analytics.com 1 redirects www.google-analytics.com google-analytics.com ssl.google-analytics.com	63 KB
7	googletagservices.com www.googletagservices.com	251 KB
4	google.de www.google.de adservice.google.de	457 B
3	top4top.io d.top4top.io a.top4top.io j.top4top.io	136 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	facebook.net connect.facebook.net	69 KB
1	2mdn.net s0.2mdn.net	23 KB
1	blogspot.com 1.bp.blogspot.com	22 KB
1	blogger.com 1 redirects bp1.blogger.com	424 B
1	sudan-uprisings.org sudan-uprisings.org	40 KB
1	twimg.com pbs.twimg.com	33 KB
1	postimg.cc i.postimg.cc	11 KB
1	googleadservices.com partner.googleadservices.com	471 B
1	facebook.com www.facebook.com
1	jquery.com code.jquery.com	77 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	alexa.com xslt.alexa.com	623 B
0	Failed function sub() { [native code] }. Failed
0	annaqed.com Failed www.annaqed.com Failed
244	25

	Domain	Requested by
66	sudaneseonline.com	1 redirects sudaneseonline.com code.jquery.com
51	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
29	i.pinimg.com
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
19	www.sudaneseonline.com	19 redirects
16	pagead2.googlesyndication.com	sudaneseonline.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	www.google.com	6 redirects sudaneseonline.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	s-media-cache-ak0.pinimg.com	5 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	sudaneseonline.com www.google-analytics.com www.googletagmanager.com
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	ssl.google-analytics.com	1 redirects sudaneseonline.com
2	fonts.googleapis.com	tpc.googlesyndication.com
2	p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	sudaneseonline.com connect.facebook.net
2	www.google.de	sudaneseonline.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	1.bp.blogspot.com
1	bp1.blogger.com	1 redirects
1	j.top4top.io
1	a.top4top.io
1	sudan-uprisings.org
1	d.top4top.io
1	pbs.twimg.com
1	i.postimg.cc
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	code.jquery.com	sudaneseonline.com
1	www.googletagmanager.com	sudaneseonline.com
1	xslt.alexa.com	sudaneseonline.com
1	google-analytics.com	sudaneseonline.com
0	http Failed
0	www.annaqed.com Failed
244	41

This site contains links to these domains. Also see Links.

Domain
youtube.com
instagram.com
pinterest.com
www.linkedin.com
twitter.com
facebook.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
postimg.cc R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
top4top.io R3	`2021-07-17` - `2021-10-15`	3 months	crt.sh
sudan-uprisings.org R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://sudaneseonline.com/
Frame ID: DE2C6F18844653E122F029BAA14D2993
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210819/r20190131/zrt_lookup.html
Frame ID: E8872266E900637309745FCDC3697A0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1629807529&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338210&bpp=7&bdt=325&idt=244&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8144570799791&frm=20&pv=2&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
Frame ID: FC92C7405C47B6031DE39F421E408B11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1629807529&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338254&bpp=2&bdt=369&idt=234&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dfNT4n5OsK&p=https%3A//sudaneseonline.com&dtd=250
Frame ID: A6A4F1656EF92E08A018E60DFEFC261B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302
Frame ID: F5E4342B4B6959A58271332B5D3EE1DD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341
Frame ID: 9D1BEECAE1744188972BBEF838975FD9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412
Frame ID: 108E3A4B1CFF285088B8DA2D79D950F5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642
Frame ID: 900B6199E138F12A373897090660B2FF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5F6106629F75B847D5DDEE3870007C32
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14714646FA62A46F20229964003A5F30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795
Frame ID: 3B326031C6CF2B2F4C0DAFB6920B10CB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1629807529&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338270&bpp=2&bdt=386&idt=837&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=udjIyIPbbD&p=https%3A//sudaneseonline.com&dtd=909
Frame ID: 08B6BC11CD58C48D157F2354922D46DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 39ABE586206108ED8BCC4834781A53FD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 688228A831FC2D207BB02FDAD915EEC1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 40FAE9994AACBC88EC011185D7F93C0F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2B3FFB261FC239D636D6BF9F44864AE1
Requests: 2 HTTP requests in this frame

Frame: https://p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 3E533CB36607B99523250434666BDF92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: 96DF941BD685F58747C15DD11623F9EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 466608ED205D84A61707572C96C7FA33
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html
Frame ID: 4B45EF882EB6F538133ACE47C704B759
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: 3669A14BBA8A93F15C8EF7FB130C1A6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 99D9B7866F6D63AB2B2D1FADFCDE2656
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: 9996DB2C5705E6ED5D3011E60C6BDFA4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: 7E3CDFE392D718D63CBDD9ACF2B7BB35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

سودانيزاونلاين:Sudanese Online

Page URL History Show full URLs

http://www.sudaneseonline.com/ HTTP 301
https://www.sudaneseonline.com/ HTTP 301
http://sudaneseonline.com/ HTTP 301
https://sudaneseonline.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

244
Requests

99 %
HTTPS

82 %
IPv6

25
Domains

41
Subdomains

44
IPs

6
Countries

3974 kB
Transfer

6506 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/sudaneseonline/videos

Search URL Search Domain Scan URL

URL: https://instagram.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/sudaneseonline/pins/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sudaneseonline

Search URL Search Domain Scan URL

URL: https://twitter.com/sudaneseonline1

Search URL Search Domain Scan URL

URL: https://facebook.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+SudaneseOnline
Title: Google+

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sudaneseonline.com/ HTTP 301
https://www.sudaneseonline.com/ HTTP 301
http://sudaneseonline.com/ HTTP 301
https://sudaneseonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1388913011&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhid=308674468&utmr=-&utmp=%2F&utmht=1629872338370&utmac=UA-251719-1&utmcc=__utma%3D24067384.1003514159.1629872338.1629872338.1629872338.1%3B%2B__utmz%3D24067384.1629872338.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=473256828&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011&slf_rd=1&random=1075913523

Request Chain 58

https://s-media-cache-ak0.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg HTTP 301
https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg

Request Chain 59

https://www.sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg HTTP 301
https://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg

Request Chain 65

https://s-media-cache-ak0.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg HTTP 301
https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg

Request Chain 67

https://www.sudaneseonline.com/uploadpic/Feb09upload/gabra_0.bmp HTTP 301
https://sudaneseonline.com/uploadpic/Feb09upload/gabra_0.bmp

Request Chain 68

https://www.sudaneseonline.com/files/daily-writer/zohierclor_926382548.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/zohierclor_926382548.jpg

Request Chain 69

https://www.sudaneseonline.com/arabic/files/daily-writer/alsir_osman_405668506.jpg HTTP 301
https://sudaneseonline.com/arabic/files/daily-writer/alsir_osman_405668506.jpg

Request Chain 70

https://www.sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg HTTP 301
https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg

Request Chain 79

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg HTTP 301
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

Request Chain 82

https://s-media-cache-ak0.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg HTTP 301
https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg

Request Chain 89

https://www.sudaneseonline.com/uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg

Request Chain 95

https://www.sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG HTTP 301
https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG

Request Chain 96

https://www.sudaneseonline.com/uploadpic15/sep/sudan24.JPG HTTP 301
https://sudaneseonline.com/uploadpic15/sep/sudan24.JPG

Request Chain 104

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

Request Chain 107

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg HTTP 301
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

Request Chain 108

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg HTTP 301
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

Request Chain 109

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg HTTP 301
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

Request Chain 112

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

Request Chain 114

https://s-media-cache-ak0.pinimg.com/736x/cf/03/5e/cf035e0dc41453277f5021ced27969d1.jpg HTTP 301
https://i.pinimg.com/736x/cf/03/5e/cf035e0dc41453277f5021ced27969d1.jpg

Request Chain 118

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

Request Chain 129

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg HTTP 301
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

Request Chain 130

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg HTTP 301
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Request Chain 132

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg HTTP 301
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

Request Chain 135

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg HTTP 301
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

Request Chain 172

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl- HTTP 301
https://tpc.googlesyndication.com/simgad/1855790038366648222

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 218

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 224

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

244 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sudaneseonline.com/
Redirect Chain

http://www.sudaneseonline.com/
https://www.sudaneseonline.com/
http://sudaneseonline.com/
https://sudaneseonline.com/

38 KB
9 KB

22ms
21ms

Document
text/html

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3863d4dd13720d8040769ed404a704400c99c00513a0ae81998455feef2359e

Request headers

:method: GET
:authority: sudaneseonline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
content-type: text/html
cache-control: max-age=10800
expires: Tue, 24 Aug 2021 12:18:52 GMT
vary: Accept-Encoding
x-cache-status: BYPASS
x-powered-by: PleskLin
cf-cache-status: HIT
age: 64808
last-modified: Tue, 24 Aug 2021 12:18:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wShz5fRHwAA3j6hwuOYPvjGySyWFu2Go1TpPL9YWw1ku4T6sQJ5oL%2BNpkjWO7%2BrYeEcIYZ5061KbTukXXFMNTtazGGA5FnW9gHvilee%2BVxpH6MMbRR%2Bokxgf28eMsTyf3wWCEDraeOShugFFVz4SBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6842b4bf98724e9d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Wed, 25 Aug 2021 06:18:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 25 Aug 2021 07:18:57 GMT
Location: https://sudaneseonline.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrsG%2FtYxkk284u1%2BbsWrWzCGB%2BuFGfYhTWP10O8R%2BQjJyXTG8rCTMWgjpeAVlQLuRH86PyRMRE1G6voLE4fBXdnVv3QIOfFGwxME2urYKlmExPsZn7SXTnTw8yrjqRjhahhKKFj7y88DHzeZO0SF5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6842b4bf6f6cdfe3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 5FC2zOw_W9_dNWqSVD1R6XReqLM.js Show response
sudaneseonline.com/cdn-cgi/apps/head/ 6 KB
3 KB 25ms
14ms Script
application/javascript 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583

Request headers

:path: /cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10976007
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: AP27N2NGNDGHN8C5
x-amz-id-2: ogBlEfYvWzBmtu3Zq5OFqhi4hYey/BDBVeNcGTG1iJhsQpFIdc3Vdi2kwvmljUP+0NKLKIQMCkI=
last-modified: Mon, 24 Jul 2017 16:32:06 GMT
server: cloudflare
etag: W/"71e55573d60eceb049b3e5b8113546ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoVKcouNlun8cm7LGfXgWrMjaRG4GcvodUSg1vVqKbocOQnzZHhBbb2VGlDeAWF3I8vbEdxEoJK7oBMxi3%2BtkmXcZDfT1MURDHC%2Bda9LkNbs9ONjRUtl3fLvqC890ZCcPRYRTyj33ENsMQBl9WGQbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: sMxU3zQi_vRRZ5x5XHHTu9rDvofI_BJ0
cf-ray: 6842b4bfd8e15b44-FRA

GET
H3-29 200 rss2.css
sudaneseonline.com/ 1 KB
1013 B 269ms
261ms Stylesheet
text/css 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/rss2.css?v=1.137
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0

Request headers

:path: /rss2.css?v=1.137
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 02 Feb 2019 03:55:11 GMT
server: cloudflare
etag: W/"5c55149f-570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsOV5imZgKd53ufQgB5iC3%2Ffv0LpHYm5o%2Ba5Xu%2BkESmY5QiUXc25N4B5%2BS9Mv%2FbUmXGMPkJPuuMnN4gj3B4K%2FOQJnj2%2FSYq6Ly3kFbfQoR1q5k2KD7Smx4ROLNG6j5hGNefKT%2FiU5JN8UfbuQDMKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=172800
cf-polished: origSize=1392
cf-ray: 6842b4bfd8e05b44-FRA
cf-bgj: minify

GET
H3-29 200 youtube.png
sudaneseonline.com/files/social/ 1 KB
2 KB 11ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/youtube.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5

Request headers

:path: /files/social/youtube.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502
x-powered-by: PleskLin
content-disposition: inline; filename="youtube.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1122
last-modified: Sun, 06 Apr 2014 05:50:32 GMT
server: cloudflare
etag: "5340eb28-1e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09iGziEY8JvX5kBApaGinDZtqjpINOcwx9pDN%2BGbIp2vstXyIjLwyuiI4CwYTz3QPJ%2B0CNcFs1jBKbKlwRkuTJkzwJFMo09zzZXato91gP5ZhQWht%2BpDy5r9Bwij0uGOHZJa1Ga8iZEUp7V3UUpykA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=7708
accept-ranges: bytes
cf-ray: 6842b4bff9145b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 icon_in.png
sudaneseonline.com/files/social/ 31 KB
32 KB 22ms
19ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/icon_in.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2

Request headers

:path: /files/social/icon_in.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2298
x-powered-by: PleskLin
content-disposition: inline; filename="icon_in.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31788
last-modified: Fri, 14 Nov 2014 04:27:56 GMT
server: cloudflare
etag: "546584cc-e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RU2wrvnxAqSTxltInAYcvFemKMdcbqJv2FjJ8xjerVh0kn3pVSxSzZcnAOs%2Fo7Z4Py7C4qBuSStYxIVziAVMUadMK8z88q2sOJUfNwx2pVj1FLGls9nGGUBjSePkdpgyiKzmADFJR0Xzx0q5hE3aRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=57664
accept-ranges: bytes
cf-ray: 6842b4c0092a5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 pin.png
sudaneseonline.com/files/social/ 526 B
1 KB 31ms
28ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/pin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a

Request headers

:path: /files/social/pin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502
x-powered-by: PleskLin
content-disposition: inline; filename="pin.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 526
last-modified: Tue, 08 Apr 2014 18:29:42 GMT
server: cloudflare
etag: "53444016-1bde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2VQUZOJQ4touuZO5eH78gATF4BXdeVBqZLZlbZjBBgh%2FW4Q%2Baauz08PsD%2FYiNTFOsCg%2FTiUp%2FzkMu%2BKMoumFSAQEkHlXZFJTDD%2Fptf%2BG7sCvTPKrqA%2Fx9qNu8QjTpNyRq6rIud8EC89EeoHUehWXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=7134
accept-ranges: bytes
cf-ray: 6842b4c0092d5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 sudanese.gif
sudaneseonline.com/images/ 7 KB
8 KB 16ms
13ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/sudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb

Request headers

:path: /images/sudanese.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="sudanese.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7086
last-modified: Mon, 26 Jan 2009 20:14:07 GMT
server: cloudflare
etag: "497e198f-25a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pCb8JoiF7No8TFwQCV8P4kvXcBS7pJ3ksSJbGcicymS0y5dKIqcoOsIeT0ash7iTTlfw5w%2FhFNk3t0C%2Fl8krdtzaufIsgyzEOo4UfdPpXnGRgar3bHwH3ex9h1mkEB3dsNMMSGwjxGhIqx2A8ULLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=9641
accept-ranges: bytes
cf-ray: 6842b4c0092f5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 asudanese.gif
sudaneseonline.com/images/ 6 KB
7 KB 31ms
29ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/asudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76

Request headers

:path: /images/asudanese.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="asudanese.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6540
last-modified: Mon, 26 Jan 2009 20:11:50 GMT
server: cloudflare
etag: "497e1906-2157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4BFaoMZXLf9fFHHbhK2ym9bLAhrFPXlXwvjQd17cPr6YMFMfffiS%2FBcKvrilfrXvzkHfnAwGCLhFEJYLdjjud1g5z8YJh54DuQKiI%2BK5HTeR%2BgDr72b7GoNfc1FnyNg%2BFqtJqpIE4MddPnbJbc97Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=8535
accept-ranges: bytes
cf-ray: 6842b4c009315b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 linkedin.png
sudaneseonline.com/files/social/ 488 B
1 KB 32ms
29ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/linkedin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b

Request headers

:path: /files/social/linkedin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="linkedin.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 488
last-modified: Wed, 09 Mar 2016 19:55:07 GMT
server: cloudflare
etag: "56e07f9b-352"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX6b4ogiMmrhWG1lSWIoPIKVpDtPb%2BnH9Sr8Fz9jtUJ3fApIbYdwfIMOtgCtzJNVB%2F9iZ9G%2FJNx07%2Bf42%2FP5eWOqXmzf%2B4RyMkjjIIwTaIKzaiGxYOAuNT3omh6G7m1qeMIofJdzCAjbB71g4y2MNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=850
accept-ranges: bytes
cf-ray: 6842b4c009345b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 chrome_twitter.png
sudaneseonline.com/files/social/ 392 B
1 KB 32ms
29ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/chrome_twitter.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53

Request headers

:path: /files/social/chrome_twitter.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502
x-powered-by: PleskLin
content-disposition: inline; filename="chrome_twitter.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 392
last-modified: Sun, 06 Apr 2014 05:45:54 GMT
server: cloudflare
etag: "5340ea12-1b22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkMSi%2BZU5ShvWzh2ic1UCp1vuegva2tmHA1yEIB0j093%2B7vsBYIyfMEK9kzpFlEzgGmgocHuQ8SuwUN43dHvJ6VV49kxNxkPM%2FOI6QRJ86gnoWc2UhlPY6tYmMuxJODKaucCpTa0s1dGcEGwmawyiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=6946
accept-ranges: bytes
cf-ray: 6842b4c009365b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 facebook.png
sudaneseonline.com/files/social/ 612 B
1 KB 17ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/facebook.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2

Request headers

:path: /files/social/facebook.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2298
x-powered-by: PleskLin
content-disposition: inline; filename="facebook.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 612
last-modified: Sun, 06 Apr 2014 05:44:12 GMT
server: cloudflare
etag: "5340e9ac-1b65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nH2Hy7GmQyKCX3M7AUtAcCOP6OH%2FjOoMeLLjfVvrhelgfHs%2B0duZQuloAD8WKEqsiCvVoG6VssDmdmIdsZSg7cUo6%2BSbbHbF19iHSrQnoJ4gXrxRYRujJrtxHlMAyqzGIA7K945Y5YHjfW%2B%2B4nC0uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=7013
accept-ranges: bytes
cf-ray: 6842b4c009375b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 halibsudanese.jpg
sudaneseonline.com/db/avatars/ 2 KB
2 KB 17ms
15ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/halibsudanese.jpg
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a

Request headers

:path: /db/avatars/halibsudanese.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7116
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1761
last-modified: Sat, 08 Aug 2015 04:14:05 GMT
server: cloudflare
etag: "55c5820d-6e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJIw9JmlKiA0QmhOZuR7EVPHhfq7CnhLTZEH6RTZye7wD2Jlb9oLSGBkrQq41Qhmums5R06lWtTrg%2FOYRZOW2OyKFqjUkgBNuaRswf2riYkeL4oA0Gel32aTbjpsMqMaFLzSYx0dCpNpa2e1XAxIfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6842b4c0093a5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 404 dot.gif
sudaneseonline.com/ 3 KB
3 KB 270ms
267ms Image
text/html 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/dot.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

:path: /dot.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4FHodeilW9kSVJwNyAnOHrj%2B98xObLzAo69zJ%2BWtnDJdTxG6Sq1k3lKtpAmDXz1MejqMCBYyEuCPg%2Fb0qDViRFqL4e0SiHmMCnl%2B5H7Ce5Ffhcj81dc9U2NG5oI4LwSxpnBu7EbVgJrqZiO%2FnPxrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6842b4c0093b5b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 page_13.gif
sudaneseonline.com/images/ 200 B
889 B 32ms
30ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_13.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026

Request headers

:path: /images/page_13.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="page_13.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 200
last-modified: Mon, 26 Jan 2009 20:13:03 GMT
server: cloudflare
etag: "497e194f-de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W0oC4HiUP7jMZ9Ot%2FnS6LOBz3U4kfEBzgtEoscZ93ExJ7Je%2Fw%2FKMHEdvATBvBM%2FVXkEYi5VBsTEOcCG5PRkSVCr%2BssQ%2BvrlDcQtu7Mg%2BLb7DqmcEHDxA2s4HHPa60AvhJbHOvvZfA5PYidP8s9ubw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=222
accept-ranges: bytes
cf-ray: 6842b4c0093d5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_15.gif
sudaneseonline.com/images/ 126 B
815 B 32ms
30ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_15.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7

Request headers

:path: /images/page_15.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="page_15.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 126
last-modified: Mon, 26 Jan 2009 20:13:05 GMT
server: cloudflare
etag: "497e1951-a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r07JRslwJktELJS4Gd12GlH5wtmp4jAF2%2BgxwJCkHXvzjV58Lom11LU13yZyc8C5Y7%2BOPyCE%2BUgLMNj%2BgZbVC4jfLMj2yR%2FWXz4Tdn5Ir3hSIb%2BB23bIL1poo4i0UgIasQ4hxP8O7V7GKrHDOHv1Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=169
accept-ranges: bytes
cf-ray: 6842b4c0093f5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_17.gif
sudaneseonline.com/images/ 160 B
846 B 32ms
30ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_17.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7

Request headers

:path: /images/page_17.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="page_17.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 160
last-modified: Mon, 26 Jan 2009 20:13:07 GMT
server: cloudflare
etag: "497e1953-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9Ql%2FbDO70cBszFWa7oyI6hUGRpdKwTPjIl4Ee%2F3bLYeLFmVLaVZ0PS3sOc1qHLScnMGs272ZukzXKZM%2BktuCr9V3eroj8BSwNs5dtjnS6%2BLQESELNKkZEgxg1kfJiyWVJ30NDHtxfdGpvbaoEEDHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=189
accept-ranges: bytes
cf-ray: 6842b4c009405b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_18.gif
sudaneseonline.com/images/ 894 B
2 KB 33ms
31ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_18.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d

Request headers

:path: /images/page_18.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: PleskLin
content-disposition: inline; filename="page_18.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 894
last-modified: Mon, 26 Jan 2009 20:13:08 GMT
server: cloudflare
etag: "497e1954-56c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geANOmGrUeYDEWY1SoQqvr1GqbUjonn3jJP%2BEm75vKYYmqSAE9I52dca6c7CvsaURJHYuPCfPrIlb2nfzq%2FUay7JxWa95botTzV7Nwx1tgfFrxc53gVtRSJFArmiElcpKmv4Ar86bdQIii4epNKUXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=1388
accept-ranges: bytes
cf-ray: 6842b4c009425b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_67.gif
sudaneseonline.com/images/ 133 B
795 B 33ms
31ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_67.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195

Request headers

:path: /images/page_67.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5947
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 133
last-modified: Mon, 26 Jan 2009 20:13:39 GMT
server: cloudflare
etag: "497e1973-8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b6A7pB6ydaHsj7SxnGA4OcwPJsiaMDaYyARgywCYGGnD4Cgtp43ftlmY6jAV1k9eqM5HI5tRcMtjZvKnPr9jVOxWlnQEcoIrQfQSULYNdxB%2FVa7GcS5w4zUyA%2BdAQyUFrjpJPHXjk%2FcgXdpx2he%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=172800
cf-polished: origSize=141, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c009445b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 rocket-loader.min.js Show response
sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 33ms
31ms Script
application/javascript 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 10:09:00 GMT
server: cloudflare
etag: W/"6114f33c-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCc4E78kq1C2B6xfK3ccM%2Fc8RHcFCUyIWOLjPe8xoBG2vflFw6t3sfbtIzGB8WNu2HSehYSFL5o5t%2BLprVEytk7PVg5Jbgt01xPmyidTHi2KAFNRZkCe9a7UbMA3zhujofDCWdbrVSUr1BTxpiTbvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6842b4c009475b44-FRA
vary: Accept-Encoding
expires: Fri, 27 Aug 2021 06:18:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3916
date: Wed, 25 Aug 2021 05:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 25 Aug 2021 07:13:41 GMT

GET
H3-29 200 page_11.gif
sudaneseonline.com/images/ 65 B
724 B 17ms
16ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_11.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc

Request headers

:path: /images/page_11.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5990
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 65
last-modified: Mon, 26 Jan 2009 20:13:01 GMT
server: cloudflare
etag: "497e194d-49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKnm82SCwWS5he2JfWmWsOMFcpUScciAPI8z5l%2FIWbgDS0BCsKn7VvZu3BW9UWpxciwwWPB10Gz4HufZDZi9LhnhhMIBYrqN1qSP6mIKdGljfvjfgjTmKadjUsQn8%2BdncShaUuVgD%2BT7ZxlexJSvOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=172800
cf-polished: origSize=73, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c019635b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_14.gif
sudaneseonline.com/images/ 112 B
797 B 24ms
24ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_14.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 943c6f64558b7891692150b4cd2b1999c4f3ab2a46ecf0ea830d10630a93a72a

Request headers

:path: /images/page_14.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="page_14.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 112
last-modified: Mon, 26 Jan 2009 20:13:03 GMT
server: cloudflare
etag: "497e194f-10a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwjPyEXMPd7HcBhJTkU%2BfTtB8d%2Ffesn46jPPCU1rfWJpWCQpGINuqarQBq9ettt5gCGndAhQjXQWv1Ngz%2BvCcdedD%2FtTYlJfxD7CRLWov0qh4l44egwyfu8NNhBkJaZ8mPUili0gUTDyECgmXceizg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=266
accept-ranges: bytes
cf-ray: 6842b4c019655b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_16.gif
sudaneseonline.com/images/ 118 B
809 B 20ms
20ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_16.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a

Request headers

:path: /images/page_16.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="page_16.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 118
last-modified: Mon, 26 Jan 2009 20:13:06 GMT
server: cloudflare
etag: "497e1952-13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1HXmJp2b139HSzYVST5PV1b%2FqcV2sDYpmEbpEBT%2BVciDvZ8Pj%2Fv%2FZ5HGsgxCpLKgYvIfgzD06nz5Dmul%2B1%2FllDbDjrTqBD0yXyM9j7HKYuSJVWaPvYBLKYx5Bd0nk0scHMASkoSU7r%2B3qu8ynflwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=318
accept-ranges: bytes
cf-ray: 6842b4c0296c5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_36.gif
sudaneseonline.com/images/ 43 B
701 B 15ms
14ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_36.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea

Request headers

:path: /images/page_36.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5950
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
last-modified: Mon, 26 Jan 2009 20:13:11 GMT
server: cloudflare
etag: "497e1957-33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LlO7UP8A7K6%2FHOK1P%2BqLDjfs1%2BYe6GO9Arf1DxClsJj306mt1EECz9Ntp2n6axtAllXqxGP1zD1DiSrgP1YUD11kIynI45SfyWcgcXor0m7uZ1f0clugvK81Z7Ectyg%2F3UW40uLQq%2F8sbIBgIY9Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=172800
cf-polished: origSize=51, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c0296e5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_65.gif
sudaneseonline.com/images/ 59 B
722 B 17ms
16ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_65.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a

Request headers

:path: /images/page_65.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5949
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 59
last-modified: Mon, 26 Jan 2009 20:13:37 GMT
server: cloudflare
etag: "497e1971-43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlI8369PG05MQv7LhruF3C%2BGZlSVXm%2FuICEiSwJWyXgo3VSCmKKOvHgjaDl0Lr%2BmoXTNh1AhyyEp%2B60taeYbnd%2BEQju2VbI1DJST6Zq80IXmhhB7F9KVymV8e6YUGANhCIUzN%2FLHgvi2t2JhMfjcAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=172800
cf-polished: origSize=67, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c0296f5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 page_69.gif
sudaneseonline.com/images/ 52 B
735 B 15ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_69.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3

Request headers

:path: /images/page_69.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="page_69.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 52
last-modified: Mon, 26 Jan 2009 20:13:41 GMT
server: cloudflare
etag: "497e1975-46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrbP1VHuAtl7NX59SMqSZwmR5Me%2BdonY%2BNHodQYwBmAOFz59nMMKQRPFnRjwThc6t3zC2wj1iaS8xqhZ5bInWbwcPSLT0TeyPNzeDATckKbo%2FsdtiVUEsHQYGnEhywOcT5TOYDD7XaRxjVJGC8qRbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=70
accept-ranges: bytes
cf-ray: 6842b4c029705b44-FRA
cf-bgj: imgq:85,h2pri

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
26 B 32ms
31ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=308674468&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=665946014&gjid=1005389596&cid=857375138.1629872338&tid=UA-251719-1&_gid=1933411748.1629872338&_r=1&_slc=1&z=731923114

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 urchin.js Show response
google-analytics.com/ 22 KB
7 KB 42ms
5ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/urchin.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 13:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 62274
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Tue, 07 Sep 2021 13:01:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03e44449ec6beba4d249d1a0c5fa6cc28ab817ee856b71560f9beafd7862acf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49974
x-xss-protection: 0
server: cafe
etag: 10314429758278276807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 06:18:58 GMT

GET
H/1.1 200
OK a Show response
xslt.alexa.com/site_stats/js/s/ 151 B
623 B 103ms
26ms Script
binary/octet-stream 143.204.101.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xslt.alexa.com/site_stats/js/s/a?url=sudaneseonline.com
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.186 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-186.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 15:06:40 GMT
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Oct 2017 21:53:09 GMT
Server: AmazonS3
Age: 54738
ETag: "394d6f2c6c2041a2fbcdaad0e525aa7b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 151
X-Amz-Cf-Id: w8AxKvfidDrl8Wx-If2FD_D0RlVQiT2C23npGPJO5H-T63NR_cB7NQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b416a4e3309dc082b017a970e55dc84948a2a773a25d1f050b95c45820e03db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41179
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Aug 2021 06:18:58 GMT

GET
H2 200 jquery-1.8.3.js Show response
code.jquery.com/ 260 KB
77 KB 44ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.3.js
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-40f49"
vary: Accept-Encoding
x-hw: 1629872338.dop101.fr8.t,1629872338.cds233.fr8.hc,1629872338.cds225.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78927

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-251719-1&cid=857375138.1629872338&jid=665946014&gjid=1005389596&_gid=1933411748.1629872338&_u=IEBAAEAAAAAAAC~&z=1644002298

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 Aug 2021 06:18:58 GMT
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-251719-1&cid=857375138.1629872338&jid=665946014&_u=IEBAAEAAAAAAAC~&z=1016337357

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-251719-1&cid=857375138.1629872338&jid=665946014&_u=IEBAAEAAAAAAAC~&z=1016337357

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 149ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862665169833586&plah=sudaneseonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa9cdf9e3f9d95bc258c6aad323775e7d53770eead4c23191a4a2ef5ad66bfa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95604
x-xss-protection: 0
server: cafe
etag: 190350966155053234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 06:18:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210819/r20190131/ Frame E887 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210819/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210819/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Aug 2021 04:52:14 GMT
expires: Wed, 08 Sep 2021 04:52:14 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 5204
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5163
date: Wed, 25 Aug 2021 04:52:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 25 Aug 2021 06:52:55 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ff0912dd44d629167459ee299ca362877213bf224f51a68296ef360538eb2ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ragl8szzzfkDD7x02sK73A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 8B3xgl74BY+n1R0IM1KVlHFmB4pNxUCCr/NDa1rE0tfDIRCkM0aE83uxi5SBQxwuh7cX36IQucKru79wr6xyJA==
x-fb-trip-id: 686109401
x-fb-content-md5: 021d0f0837b39bb134d5b8d2087c876d
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 25 Aug 2021 06:18:58 GMT
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1d59afcf643ff3a845b8b3931d57114c"
timing-allow-origin: *
expires: Wed, 25 Aug 2021 06:19:51 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 100ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03e44449ec6beba4d249d1a0c5fa6cc28ab817ee856b71560f9beafd7862acf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49974
x-xss-protection: 0
server: cafe
etag: 10314429758278276807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 06:18:58 GMT

GET
H3-29 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
4 KB 202ms
200ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bfd08c3b6d10f81d4fe970b53368d29d1245661740e7ce9aa32ace9cc4e19408

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmb=24067384; __utmc=24067384; __utmz=24067384.1629872338.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
:path: /cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccXkpjJ43j%2F0vcBG0Zr1QRMsxpkzx0SZXCZHqXZq00jeoGq%2FgXKYtPSU0P5fe2Tb1YcRSvSuctDz9WZzEqjkR4g53xCBc%2FDiBvxUbGabfGxjihm%2BIJNCa8EG9ObzmiZZGOdJcJuHc2JKNZNz9F%2BO6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
set-cookie: sdLASTVISIT=1629872339; expires=Thu, 25-August-2022 06:18:59 GMT; sdTMPVISIT=1629872339;
cf-ray: 6842b4c24c705b44-FRA
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 14 KB
3 KB 298ms
296ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 967f8ff0af2094033432c8e9dc522bc1661e3dac01c9bd4d04d0b263cc718e46

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmb=24067384; __utmc=24067384; __utmz=24067384.1629872338.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
:path: /cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MD0TEkVS%2F2dPPe9pHNzMAMWh0u%2FKzxgNUUuYZoTutnfk82Za4iIlZWsMEb9WekJepkJqHTFEhNFrijFqDIT27IbV%2BGp9ftWtXICI5F87hXKA6SqiH9RPEmiTrw1Xc4ayAWbxirkifpAYGFoxNHSyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
set-cookie: sdLASTVISIT=1629872339; expires=Thu, 25-August-2022 06:18:59 GMT; sdTMPVISIT=1629872339;
cf-ray: 6842b4c24c715b44-FRA
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 321ms
319ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ab7fa79a76104519ca55289caab769739ededf93c97bc1e48647e1b4756ea761

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmb=24067384; __utmc=24067384; __utmz=24067384.1629872338.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
:path: /cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pqM7BWuJMycsla35bCpXitktPgOmBZLlq%2Bn3LPDIAlLfUH0ff5QNLDKhglP4WDj%2BsF0yyWA5cjUIagVhYhagznEEpbpmtvKf0VPqIc48c2HYXo1YRxUOU29v0grx%2BhpcJtxi34ckh9cKSIjOP0aJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
set-cookie: sdLASTVISIT=1629872339; expires=Thu, 25-August-2022 06:18:59 GMT; sdTMPVISIT=1629872339;
cf-ray: 6842b4c24c745b44-FRA
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
3 KB 322ms
320ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 348f0a54cacd3b63d2c1ab2be44ed1148f49b95a5c917ee8af9adab0e73fa087

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmb=24067384; __utmc=24067384; __utmz=24067384.1629872338.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
:path: /cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpXvAYkAOWuH%2BD1srXrjPplwCGIMsSX1aivINQ0JrmA9DEgsZK0Iohevxu%2F%2BVLnVCFlUm6BoGuGUpn4LiTfPXHkgvf%2Fz51zSkcE0%2BLATRq7%2FN1cLasgglAp5KjCPx4TsXFmdAaMe%2FLS2f%2BQZMPpyBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
set-cookie: sdLASTVISIT=1629872339; expires=Thu, 25-August-2022 06:18:59 GMT; sdTMPVISIT=1629872339;
cf-ray: 6842b4c24c755b44-FRA
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 321ms
320ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8381a872a04642c944fc50b6077667b6ac3321372c808c62e7303743eeedb1b2

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmb=24067384; __utmc=24067384; __utmz=24067384.1629872338.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
:path: /cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99hu1W3Z8QT%2F9v9n91epas2nJBNPNFxZjvG0ANiNH1G%2Foh8p32gyNeHufl3WZ%2BRmlm4UetxEGRsxgfd23KFl9yr%2BHvYePH9sG4k%2BQ47csltzW7L5n2rz%2BqbpCXodH6h0Db7y3WlBGWX9wzjP3QoK9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
set-cookie: sdLASTVISIT=1629872339; expires=Thu, 25-August-2022 06:18:59 GMT; sdTMPVISIT=1629872339;
cf-ray: 6842b4c24c775b44-FRA
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 12 KB
3 KB 322ms
321ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fe45955078b49244aade9f8593fd2d0257665356ed68e5a1116ae05c9eefe711

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmb=24067384; __utmc=24067384; __utmz=24067384.1629872338.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
:path: /cgi-bin/esdb/2bb.cgi?seq=rss2&board=12
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3RfHwBfx9krbpMs%2B5mpA1JIeMvSLOO%2B%2BmroK%2Flz7ARFoAAmEKVLXvlvax5pg7EyauJ%2F9g1Db%2B9u4mOn7J%2BhJqab1eBjauxtE3LHKvuvxSKisMTkAEdV1p2LborPWRxnL6Z%2BLDymQ%2Fqekzb0C%2Bx73Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
set-cookie: sdLASTVISIT=1629872339; expires=Thu, 25-August-2022 06:18:59 GMT; sdTMPVISIT=1629872339;
cf-ray: 6842b4c24c795b44-FRA
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 16ms
14ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1003514159&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhn=sudaneseonline.com&utmhid=308674468&utmr=-&utmp=/&utmac=UA-251719-1&utmcc=__utma%3D24067384.1003514159.1629872338.1629872338.1629872338.1%3B%2B__utmz%3D24067384.1629872338.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 03:16:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10965
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
23 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=308674468&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=24067384.1003514159.1629872338.1629872338.1629872338.1&_utmz=24067384.1629872338.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1629872338293&_u=aEDCAUABAAAAAC~&jid=241037911&gjid=166279801&cid=857375138.1629872338&tid=UA-115921305-1&_gid=1933411748.1629872338&_r=1&gtm=2ou8n0&z=2013890882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3917
date: Wed, 25 Aug 2021 05:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 25 Aug 2021 07:13:41 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 230 KB
67 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=80b2e99fe55d9275018754887c98dab6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0d3ebac683deacb5a3b131a58b843270fb11f0abdd33e15789372705836981d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://sudaneseonline.com
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /6VLBeKlOLFBJegUcgvqmg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68351
x-fb-rlafr: 0
x-fb-debug: 35NxtNierO4smc2UGn0PoDhfT7YaPsu/VAAFiVnUN36Ef7g5M/YZXY+KiHUHUlvICdzeVc5Vl1IF/t2KprR9rg==
x-fb-content-md5: 965fcd0a5b587f0541e6616fbab6a698
x-frame-options: DENY
date: Wed, 25 Aug 2021 06:18:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "df60957613b0ddcec1fca66155b9384f"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 Aug 2022 04:18:22 GMT

GET
H3-29

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1388913011&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011&slf_rd=1&random=1075913523

42 B
63 B

22ms
19ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011&slf_rd=1&random=1075913523

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1003514159.1629872338&jid=473256828&_v=5.7.2&z=1388913011&slf_rd=1&random=1075913523
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ 0
0 31ms
31ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=653080081416030&input_token&origin=1&redirect_uri=https%3A%2F%2Fsudaneseonline.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=80b2e99fe55d9275018754887c98dab6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: lLjML3lW1kJIwTss+i2uwfyQzLct/iZp4fLogr3I7H44BWajA/tTSW/bXEoTXg4ol0O2U1LmTl5QeDLxIhznbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 Aug 2021 06:18:58 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sudaneseonline.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 256 B
471 B 49ms
47ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sudaneseonline.com&callback=_gfp_s_&client=ca-pub-9862665169833586&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862665169833586&plah=sudaneseonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6084f8ce225061ed6a3b29b8b36b3a4aa17ef76b8701d11fad655a8a09a308e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC92 9 KB
4 KB 491ms
487ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1629807529&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338210&bpp=7&bdt=325&idt=244&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8144570799791&frm=20&pv=2&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe908e1f4120ffc109dc589d0f20dab17c875114dab951ad9b9e09cd5be612c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1629807529&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338210&bpp=7&bdt=325&idt=244&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8144570799791&frm=20&pv=2&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:58 GMT
server: cafe
content-length: 4035
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 06:33:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:58 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
29ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210819&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2fa6e4e375418690ff9dd712e48656ce0b3f463bcd43952f3dd9d041f976c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8580
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718286636491"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27620
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:58 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6A4 101 KB
28 KB 360ms
360ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1629807529&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338254&bpp=2&bdt=369&idt=234&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dfNT4n5OsK&p=https%3A//sudaneseonline.com&dtd=250

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2501a50dc61d9731f9ad9741b0d8d18c7d73257ae029bfb0064c497272d55e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1629807529&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338254&bpp=2&bdt=369&idt=234&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dfNT4n5OsK&p=https%3A//sudaneseonline.com&dtd=250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:58 GMT
server: cafe
content-length: 28572
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 06:33:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:58 GMT
cache-control: private

GET
H2

200

97b6d0e6ea884632c0772aefbc4cd594.jpg
i.pinimg.com/originals/97/b6/d0/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg

26 KB
26 KB

175ms
101ms

Image
image/jpeg

2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f6e6582296b1d29ca0bc18449883ee26d4791a204a2d8a4aa3396465209e5aa

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "270e6df56703418776a441367d7c296f"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 26939

Redirect headers

location: https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
accept-ranges: bytes
content-length: 0
vary: Origin
retry-after: 0

GET
H3-29

200

shawqi_badri_878170412.jpg
sudaneseonline.com/arabic/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg
https://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg

9 KB
10 KB

15ms
15ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 931e70ddbceb45fcd26e45a6cb0b0257a101b6fa89b6658aeef7f2db7efdadc7

Request headers

:path: /arabic/files/daily-writer/shawqi_badri_878170412.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9548
last-modified: Thu, 01 May 2014 18:35:15 GMT
server: cloudflare
etag: "536293e3-6d49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H68BMosByKglRlF41xOKMUT3GD8EJK5o%2FEV9WQBenZb29ar%2FqUjd9W%2F2qMeYjMqWkxUYEk886nJcooysIvBVzQVM1qwsqOZjoFNXTXrsQqClsftGz2fIMGsVmU4U%2FYGvpuLwv3sASaYhdV1XwFFhYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=27977, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c41f135b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZsNpnSKlfDGic6rhrom0zniIpVoe4JcVdelTFGbSydQML3VIHBS2jjvCTC0JLP3PjjvrRVzhsrx%2FZGHQr48HHM1DKpZ5FY8ZuWvYshYF8ecntph%2FxC6%2Fp3KQH%2FPBLEYUe%2FUMqmlZCDStXPGnokvCQh8D0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg
cache-control: max-age=172800
cf-ray: 6842b4c3ce915b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 c320c643ed0eb07c020d00b3808c3515.jpg
i.pinimg.com/originals/c3/20/c6/ 186 KB
186 KB 277ms
169ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c3/20/c6/c320c643ed0eb07c020d00b3808c3515.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a101b45e2d75716f73ac665eadedacaef83267360581922837dece7aa1b9ba3f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "3bc00f17e5ee77d9dbbab982b0540e6a"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 190616

GET
H2 200 a250a1a7040039702be10ffd80ecd430.jpg
i.pinimg.com/564x/a2/50/a1/ 12 KB
12 KB 147ms
40ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/a2/50/a1/a250a1a7040039702be10ffd80ecd430.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3a93ef00953b3e0bb2630ec5215478b1ae00d8abc6ea36e8ce4670e770d5b984

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "b203eb0a815e962e8f1e2935a7dc1f01"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 12548

GET
H3-29 200 000nothing_476480549_754956420.jpg
sudaneseonline.com/db/avatars/ 672 B
1 KB 20ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f

Request headers

:path: /db/avatars/000nothing_476480549_754956420.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1485
x-powered-by: PleskLin
content-disposition: inline; filename="000nothing_476480549_754956420.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 672
last-modified: Thu, 30 Jul 2015 15:58:07 GMT
server: cloudflare
etag: "55ba498f-60f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcQW%2FjKPPhqnDgXYvQl1W%2FCCnnTrCSAW71ZAU340KKzrUNAljm3fdlitU9lGDmNOwn%2FUsZYtvdrVkwwXH5qfIMEBUEA5WgCfjRPkZ2lkLDqbQ%2FGivQx5zrIGHCY%2BcjHRmf8YxMpfgHIFWuoB%2FXvjlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=1551
accept-ranges: bytes
cf-ray: 6842b4c3ce935b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 nuraldin_Madani_618166527.jpg
sudaneseonline.com/files/daily-writer/ 10 KB
11 KB 25ms
17ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/nuraldin_Madani_618166527.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d5d945265b85e7b1096755168a5509322d5b088eb0cb97adf51fc4a6bb4beb6d

Request headers

:path: /files/daily-writer/nuraldin_Madani_618166527.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 888
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10524
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-3d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M5bumcAe6N%2F0uok17zkcKfdvi3ymZbOpfmsLR3xsqZnpxYsCaIZfrCPIjeoWbxYs9%2FabWeXGBDG2oCRGkPYerQxTdWfacUrPHJZ6KGiIi6fxpqLF42Hl3pLWArYOHR4c2z6T%2BjUz9ybNaxGiJ8t7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=15710, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c3ce945b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 e8537a2e674a901497443e1f544a2324.jpg
i.pinimg.com/originals/e8/53/7a/ 21 KB
21 KB 146ms
40ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e8/53/7a/e8537a2e674a901497443e1f544a2324.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b96d52bbeaf4b1e8233c9f95a3c15219649eda5f59216c604241322f109f2c09

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "12de398acacc133965b44a8af8cb41e2"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 21277

GET
H2

200

c4febb7d361abfef7763ccb68406db37.jpg
i.pinimg.com/originals/c4/fe/bb/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg

30 KB
30 KB

184ms
99ms

Image
image/jpeg

2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd1665c06814cd2459affd4cc6aa2b48ac9229dee9bedfe1df7717056c9c732d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "a6573d6cf4210ac7ecac873ed74c349b"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 30512

Redirect headers

location: https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
accept-ranges: bytes
content-length: 0
vary: Origin
retry-after: 0

GET
H2 200 5dbb8d181bf54ff972ce4c65b4b740e0.jpg
i.pinimg.com/originals/5d/bb/8d/ 10 KB
10 KB 155ms
50ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/5d/bb/8d/5dbb8d181bf54ff972ce4c65b4b740e0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5d2cca8826edf60c734bd15b702a303778194e5faf93e4c4123924e252596691

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "9720cdb4819acc5592324c40ccb119bd"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 10571

GET
H3-29

200

gabra_0.bmp
sudaneseonline.com/uploadpic/Feb09upload/
Redirect Chain

https://www.sudaneseonline.com/uploadpic/Feb09upload/gabra_0.bmp
https://sudaneseonline.com/uploadpic/Feb09upload/gabra_0.bmp

85 KB
86 KB

18ms
18ms

Image
image/x-ms-bmp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic/Feb09upload/gabra_0.bmp
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3d6d4d9bfe05d74caf16cb20f639700e997214563af26c11478cc4c97c9f9f67

Request headers

:path: /uploadpic/Feb09upload/gabra_0.bmp
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 87374
last-modified: Fri, 27 Feb 2009 05:11:25 GMT
server: cloudflare
etag: "49a775fd-1554e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HN4O7lF2bpNDF6iXm2bfMEnAmv0o787cIXkhIrlUnqcon9qd9FkdMeRW0PVBGUpMhVZk%2ByjXT5ca7x%2F4UiDtXecgNm3HJFFROhgTmkGq8ObuA8FfyD4W8LAFtfJGJZjlOfwEkx86Y78hf7Q7UbSuNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-ms-bmp
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 6842b4c41f045b44-FRA

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF50Z53XZ3dc6qxwGoMRruJQ0UFtbg%2FiMi25UMJLizrL0Pi65OnIx04YOSHo%2FiS4PALzIeBZhGlJKuGAW8C2i%2F8pluEJArrYIRpuxbYIKF0%2BT6DE%2BUD3RkZF9nYsing2u%2FrCIO1YtiaraYXpsB4P%2FVN5VlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic/Feb09upload/gabra_0.bmp
cache-control: max-age=172800
cf-ray: 6842b4c3ce955b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

zohierclor_926382548.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/zohierclor_926382548.jpg
https://sudaneseonline.com/files/daily-writer/zohierclor_926382548.jpg

8 KB
9 KB

13ms
12ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/zohierclor_926382548.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c7fd4c6980b897d0e5b39cce99ebd930bd97239128538ec6d4927900e370282a

Request headers

:path: /files/daily-writer/zohierclor_926382548.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6874
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8328
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-6dba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt1KlC6k9XHzf0uxRN5eUk1cwZgXVOLG5pXTIR9YRaK7pah0A5Us8UHLxrwthjL6xyZ5%2BJ5Gk2vQtE7GzDInj4DuOuLPJanSUHYj4G%2BLr%2BQLtO0ffqMAPNpoCPXs%2BKZHybz72szsUY%2FfcGO3Rwy78g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=28090, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c41f0f5b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eemP6rvfwMk5TLUyEL89PPqogTnWzup3tlnHLdzJBhUE%2BsmX7P8dBxi9gmcMW5hcvJVBXwvvreqKRddOxsY7aLe6Smh3XOBVfnbwT9RwRcDGDxC6TYhvAJBbVpzBjhKKHFpXBUlHT9MXl8acD9iRzlMC6PY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/files/daily-writer/zohierclor_926382548.jpg
cache-control: max-age=172800
cf-ray: 6842b4c3ce965b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

alsir_osman_405668506.jpg
sudaneseonline.com/arabic/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/arabic/files/daily-writer/alsir_osman_405668506.jpg
https://sudaneseonline.com/arabic/files/daily-writer/alsir_osman_405668506.jpg

9 KB
9 KB

15ms
14ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/arabic/files/daily-writer/alsir_osman_405668506.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4890ee291ee6aa027778a3e9a26ef86bd74ed7f765a08ef1d63983ccce391de9

Request headers

:path: /arabic/files/daily-writer/alsir_osman_405668506.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8932
last-modified: Thu, 01 May 2014 17:52:47 GMT
server: cloudflare
etag: "536289ef-6922"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NY6dBffx7odXpNGaxjmp%2FmbDhelbaCnpeiNH1W9yQbWyvraqpeD2XytJLr2NBx%2FT%2B5kZe4sN4b2%2BW6iy87yx%2F5sir38x3zjkxZWAfxwwZaX1qLlbiCUsH3%2BWOwelbJtSfODm2yHcbGQNpoyhVl0SIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=26914, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c41efe5b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3Nvq3jOFk9BT%2FGUuU0TX98iGcos3S%2FNoz94m4qaoUco%2BitFqgQj%2BWvck17BcSuSjbbK7Y2nDQ2Zv9aYigEkavypAQh3PouShmLB%2Baz8CjNI%2FyCSDaPgkF0cGxT9KRfw%2BgV%2BreQ%2BfpznVNhI805aTI7avYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/arabic/files/daily-writer/alsir_osman_405668506.jpg
cache-control: max-age=172800
cf-ray: 6842b4c3ce975b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

000nothing_476480549_754956420.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg

672 B
1 KB

12ms
11ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f

Request headers

:path: /db/avatars/000nothing_476480549_754956420.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1485
x-powered-by: PleskLin
content-disposition: inline; filename="000nothing_476480549_754956420.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 672
last-modified: Thu, 30 Jul 2015 15:58:07 GMT
server: cloudflare
etag: "55ba498f-60f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5ukVNYseypSH3CpI%2B%2F5eM3SskiUBGlCImEf83vjiWxEcwz57TBgqaz1pUu6d1mPK2WF5i%2FF5RIcBHvqklDC3VLcnsze3nF7QwPGpfPohnVgPWw1F77xMdeAAYjnidIG4s%2B%2B4djYMpq81%2FkL1%2B8HSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=1551
accept-ranges: bytes
cf-ray: 6842b4c41f115b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DnIMfkZ7QeQHEvOMXZf0j1mj8MvFHF8ZBTL33yggPG0kHg80x6La9TGl%2BS2KJIJ%2BTa%2BoTZtIko1rp%2FFLJoTXt04zxxTKlsQdli%2Bat8ucJV7zdMwDVwQ2Xj%2FagQp%2BOqFf5lM5nKsvwF%2F7m4SGet9%2FO2dtzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
cache-control: max-age=172800
cf-ray: 6842b4c3ce985b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 419bc003d2ce0372925329e071fa671d.jpg
i.pinimg.com/originals/41/9b/c0/ 58 KB
58 KB 154ms
50ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/41/9b/c0/419bc003d2ce0372925329e071fa671d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c990926de4ccd371acf6560885ae5a357a2f6e062bb8bbf4d831c730609aa044

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "c1f5d48a00f17edb3b8a03a8fdbe6b11"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 59112

GET
H2 200 MY-PHOTO.jpg
i.postimg.cc/j5VBw98q/ 10 KB
11 KB 83ms
26ms Image
image/jpeg 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/j5VBw98q/MY-PHOTO.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: 1c4f1a9488c3f6301aae3a559e40d8155d6a3dd59b8931212193647d6d715033

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
last-modified: Mon, 03 Jun 2019 13:57:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10625
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb35e07c349127d94e51b93e87e9b68c.jpg
i.pinimg.com/originals/fb/35/e0/ 61 KB
61 KB 154ms
50ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/fb/35/e0/fb35e07c349127d94e51b93e87e9b68c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 27587e1ff1d4d06320d484731179de589b003007ff05b369592ce4a16edc0bb7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "bfbce8a7898d7e2f60983047b2484de5"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 62107

GET
H2 200 e37d57009df4f1cd809d1dbbb5898cbc.jpg
i.pinimg.com/originals/e3/7d/57/ 43 KB
43 KB 170ms
168ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e3/7d/57/e37d57009df4f1cd809d1dbbb5898cbc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 104fb306a0d86629e0ca0a63261b35c8a60b8f52ddd8cfb9271875c26bc16b33

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "be47407add55e1b8d63d9bc465e4247d"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 44308

GET
H3-29 200 majid1org.jpg
sudaneseonline.com/uploadpic/Feb09upload/ 5 KB
6 KB 18ms
13ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic/Feb09upload/majid1org.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a7b16ac81020d35be7427d787a76016edd3b0bf56f828186f9323c6d634441be

Request headers

:path: /uploadpic/Feb09upload/majid1org.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248
x-powered-by: PleskLin
content-disposition: inline; filename="majid1org.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5132
last-modified: Mon, 11 May 2009 11:10:45 GMT
server: cloudflare
etag: "4a0807b5-2ee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtG2csIaDlXNN7syHfFRqUEpA30idkN1OL2lcrYx4wIsd8AdMBHO4uAhMHP8z0gIUpJEmr21bJoe15WMsf5ankF8mxEYeW%2F2EE5IhJgtxKaIC7Xmvw5I848CwW%2BSF92Xn0WOZuiRbl8OSbXegiAlrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=12000
accept-ranges: bytes
cf-ray: 6842b4c3ce995b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
i.pinimg.com/originals/f7/07/db/ 79 KB
80 KB 170ms
168ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/f7/07/db/f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "bc33d1db3a3ba61c6260c0c86e04f7d8"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 81366

GET
H2 200 ad4ecbfcc290e06c8f33be3ae2969b5b.jpg
i.pinimg.com/736x/ad/4e/cb/ 12 KB
12 KB 170ms
168ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/ad/4e/cb/ad4ecbfcc290e06c8f33be3ae2969b5b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e9e33a6e29e9d4852f65cefae0304e8b49a99724d3327c2ca3840ee432952bb1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "3816b777c8875e7efdd1993a82cb84b1"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 12431

GET
H3-29 200 hamid_fadalla_402316769.jpg
sudaneseonline.com/files/daily-writer/ 12 KB
13 KB 17ms
12ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/hamid_fadalla_402316769.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5ff724d0581b622b8d6deaaf52407f2c677f097971182b61e036a66a84c92abd

Request headers

:path: /files/daily-writer/hamid_fadalla_402316769.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 889
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12611
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-655f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrCtHsiJq1ptrIcamyUEgLynZjYzLIl%2FyIqVrXuzYNmuvR7MKRIwRrmA0m5P9vGqKwgrQAZrFJ6TApjCwPjvP4sjrtA4mxqKvdTmbG%2Fy4oIH0A6xgUyA9Bx4qFa6upO3HFerghnIz6Ot2WBz3RBD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=25951, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c3ce9a5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

200

4sudanews_jpg10.jpg_500x400_841775616.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

1 KB
2 KB

14ms
13ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c

Request headers

:path: /db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517
x-powered-by: PleskLin
content-disposition: inline; filename="4sudanews_jpg10.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1290
last-modified: Thu, 30 Jul 2015 15:58:15 GMT
server: cloudflare
etag: "55ba4997-73c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7BD5kgzuX0sbV790e9o%2By2%2FwJalYtcuxTA%2FTytT1LGL19JbSr8SxAqx%2FbUtfCLRDeFiCmhLIAfc1w%2BGFgjsdoazF2jJY1gfne47J3CwU1u71q4a5mlhGbykaj4Q1pMj2mUioNb4nABRnyfFTgFN0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=1852
accept-ranges: bytes
cf-ray: 6842b4c41f085b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAiT%2BUlr8v62U9IXxKHD5PgnHFvDXMF8rJ83XMW9ITkyv5K5tMG0p3Fgprw3N0V4RXrc4m2sf0TcH%2BUz%2F15EthDpATXgeWzq8Vted5yUTN91cTlGnV7e2%2FUuMCEmKnXJIDh2ju09Nvq4Btn7a7hcaQAIgPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
cache-control: max-age=172800
cf-ray: 6842b4c3ce9c5b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 d49f9589d6601dffdf647d79af8ee9e8.png
i.pinimg.com/originals/d4/9f/95/ 95 KB
95 KB 170ms
168ms Image
image/png 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d4/9f/95/d49f9589d6601dffdf647d79af8ee9e8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ac0e8d13ec5f276feada45b806b85af037f734e0ee5a8aa7ce4b9e1e9110d5fc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "887b46dd348b773cbc3cce0411f0ae66"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 97168

GET
H2 200 7b6d3b362a37dc4f9fd418db42cfef54.jpg
i.pinimg.com/originals/7b/6d/3b/ 52 KB
53 KB 170ms
168ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7b/6d/3b/7b6d3b362a37dc4f9fd418db42cfef54.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dad400480ed910066d05fde9e1a0f1525d78d3d37f3321571af05672075bf41e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "51844701a9cf7583682c3ad994628cd3"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 53758

GET
H2

200

80c3dce5efbc748d66aacdda6fe6996f.jpg
i.pinimg.com/736x/80/c3/dc/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg

64 KB
64 KB

185ms
100ms

Image
image/jpeg

2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4de7b51725d4bb70235fb155bc24eec9d215d5693a3b6f6774ac1d19bb2ca024

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "da3d9aefeb9eaff0ca2fef3947874296"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 65760

Redirect headers

location: https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
accept-ranges: bytes
content-length: 0
vary: Origin
retry-after: 0

GET
H2 200 0b806f617a61c419960bc1358a35d881.jpg
i.pinimg.com/originals/0b/80/6f/ 37 KB
37 KB 171ms
169ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0b/80/6f/0b806f617a61c419960bc1358a35d881.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 772029ffddff8892ab9484f7ac91a8a9d7e12d1edef3390dc336054184c880d3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "bc18dcfbeecae83eedc2426466e8d3af"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 37565

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5E4 110 KB
36 KB 302ms
301ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4867bad1c889d8aa10e1aaa3858631313fbf97023b01959b56913b391e814f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIHOlM7Dy_ICFciBewodKFgJtg&gqi=0uAlYbrgIua17_UP2Muw8A0&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIHOlM7Dy_ICFciBewodKFgJtg&gqi=0uAlYbrgIua17_UP2Muw8A0&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:58 GMT
server: cafe
content-length: 37115
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 06:33:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:58 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:58 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D1B 65 KB
25 KB 446ms
440ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

037600afdbf2b5d8fe542d0bb882bc5d8a3fb492b12b64671f79d171247f6ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:59 GMT
server: cafe
content-length: 25127
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 06:33:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:59 GMT
cache-control: private

GET
H3-29 200 00000asudaneseonline.jpg
sudaneseonline.com/db/avatars/ 13 KB
13 KB 44ms
35ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c

Request headers

:path: /db/avatars/00000asudaneseonline.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1485
x-powered-by: PleskLin
content-disposition: inline; filename="00000asudaneseonline.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12846
last-modified: Thu, 30 Jul 2015 15:58:05 GMT
server: cloudflare
etag: "55ba498d-be2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNXtRJM%2BSk63aKi5o4nVRt8VZEJoqOloygUtgL0AENEegh%2FIrit0tRxIzmeZRxKTtat8nvAjh%2BMn9p%2FjMROhMi1nkg0T5ETvaY9t4DEl142LItMRV0ZnbT40bnQyt2S8tf1AgVcShjfHZpDJkjDavA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=48686
accept-ranges: bytes
cf-ray: 6842b4c45f8f5b44-FRA
cf-bgj: imgq:85,h2pri

GET critic.gif
www.annaqed.com/images/ 0
0

GET
H3-29

200

sudansudansudansudansudansudansudansudansudan58.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg
https://sudaneseonline.com/uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg

18 KB
18 KB

87ms
19ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7c4c3da451884e100648a65bb3627db2825858e124ab0196a6f0abf1023c071f

Request headers

:path: /uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484
x-powered-by: PleskLin
content-disposition: inline; filename="sudansudansudansudansudansudansudansudansudan58.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18148
last-modified: Wed, 18 Feb 2015 20:01:34 GMT
server: cloudflare
etag: "54e4ef9e-4fc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnO6Ps1%2FtE3NsTLZpEFFhWb9RjWV%2F26i7n%2BnxMUjSUaZmjDnmldhVRoLgs7Q0x59At9550wPZJlPpsuonIM6NoXo%2Bc3UQdUVMJ6a8trvU9EbEfJeF4%2BWvfHaGMILptpCTP8mK5C7xei1GTO%2FP2PMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=20425
accept-ranges: bytes
cf-ray: 6842b4c5fa295b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 249
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUDHdzDWVY9zCSiKu0rMg%2BvI3G6Fy8K4KdLpT0MyXNsu%2F2v7vjFVYc7%2FQxstKpZaJqdNJyY9yhwdcwdL9RU3DpHTFqvM%2FEQbs4TGVwZZJL74LO7pHDqDwzrIxQD2Y1OR5RPgXdQGl6D%2BMQl9GLL9EFI6CNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic14/nov/sudansudansudansudansudansudansudansudansudan58.jpg
cache-control: max-age=172800
cf-ray: 6842b4c45f915b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 0a4f926a09c25a10e05f5cee2d35cfd5.jpg
i.pinimg.com/originals/0a/4f/92/ 36 KB
36 KB 170ms
168ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0a/4f/92/0a4f926a09c25a10e05f5cee2d35cfd5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99c1d606773767eec58bc7c39f89713894577fb5b8ac3c11c86504c512d2cb97

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "d15a5165585a4c1eac56c86122051311"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 36986

GET
H2 200 NRst8TqQ_400x400.jpg
pbs.twimg.com/profile_images/1198562165675962368/ 33 KB
33 KB 39ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1198562165675962368/NRst8TqQ_400x400.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

e10dba2b62a403e299ad9ab9cf4d137389e7db2d016d7aaec2f25b78884942cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-content-type-options: nosniff
age: 489790
x-cache: HIT
content-length: 34031
surrogate-key: profile_images profile_images/bucket/6 profile_images/1198562165675962368
last-modified: Sun, 24 Nov 2019 11:19:03 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3fe484013f4f2b8d1c13627dceef1e6688e5862a8ca8152425dd8d1a0c65490
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 p_1824g8oaq1.jpg
d.top4top.io/ 41 KB
41 KB 146ms
77ms Image
image/jpeg 51.158.146.105
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.top4top.io/p_1824g8oaq1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.158.146.105 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-146-105.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 4838de5492f836d9565c73beeecad18332c0fd02fca68348eaff0b366793f565

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-file-id: x36086211x
date: Wed, 25 Aug 2021 06:18:58 GMT
last-modified: Tue, 29 Dec 2020 08:22:17 GMT
server: nginx
etag: "5feae739-a21f"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="AdelAbbas001.jpg"
accept-ranges: bytes
content-length: 41503
expires: Wed, 25 Aug 2021 08:18:58 GMT

GET
H2 200 Mohammed-Issa-Dodo.jpg
sudan-uprisings.org/wp-content/uploads/2019/06/ 39 KB
40 KB 171ms
26ms Image
image/jpeg 107.6.185.250
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudan-uprisings.org/wp-content/uploads/2019/06/Mohammed-Issa-Dodo.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.6.185.250 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: am1.fcomet.com
Software: Apache /
Resource Hash: f980381a6d7c3219c534917bbfc5d57c5c79ee22551ae2684a4a7608475b2e6a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:57 GMT
last-modified: Tue, 11 Jun 2019 08:12:12 GMT
server: Apache
accept-ranges: bytes
content-length: 40437
content-type: image/jpeg

GET
H3-29 200 images.jpeg
sudaneseonline.com/db/avatars/ 12 KB
13 KB 48ms
40ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/images.jpeg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6c2ae1f41fe86b4dccd71aab882db89f3cb078128ada71768c0fa1f950e9eea7

Request headers

:path: /db/avatars/images.jpeg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6885
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12732
last-modified: Mon, 21 Jan 2019 22:50:49 GMT
server: cloudflare
etag: "5c464cc9-3324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIoBh1mJiO77sQIm2LtHnHz6aFE5IOyrfbXMPOUBSVxQVZpgppkKWaanolI0H95aUGwSmlzLZP6pthx%2FrecSlGbYAVTuVa7b1laZRqEnY5D4qYn0c03EdAX8sjwpmOICTR1WmrEMz4cQJ7%2B3PYXw3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: origSize=13092, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c46f935b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

200

adamb_cowboy1.JPG
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG

14 KB
14 KB

110ms
27ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4240475704d5c6560364fd97b581ab0a38024b705ec7c4e41e100c4ed8f97792

Request headers

:path: /uploadpic14/mar/adamb_cowboy1.JPG
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1313112
x-powered-by: PleskLin
x-cache-status: BYPASS
content-disposition: inline; filename="adamb_cowboy1.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13864
last-modified: Tue, 10 Aug 2021 01:33:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKhnYd%2FzlONaAljw6yp42pwG%2FE6S4DxvxyYXYR550GXhVAElT8Fuo1Pwi%2B6dOyKSz0rkbKVSmu6E1rsQ9toNBXt29GS%2F0OgH2%2F2wQLAvw9GzyneL4FiNBtRtJI2AimdJ9Yoi6OEfi8HmdwJkemDWNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 10 Aug 2022 01:33:47 GMT
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=25185
accept-ranges: bytes
cf-ray: 6842b4c61a585b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 753
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqNFuP9PYVFHl9cLV5KYnVJN8mc1AZJIsc0NdpE3BoeMdSBE7IG17bf6ZMOs0uqJTPKzmQLHb86oubb1wR6Vl4hLX%2FcPplANE3h%2BbFO%2Fm7YsAtpou4Z%2BP2ctWk8XfrOyC2lwETaP0DA4n65f42wmzmIPy94%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
cache-control: max-age=172800
cf-ray: 6842b4c46f945b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

sudan24.JPG
sudaneseonline.com/uploadpic15/sep/
Redirect Chain

https://www.sudaneseonline.com/uploadpic15/sep/sudan24.JPG
https://sudaneseonline.com/uploadpic15/sep/sudan24.JPG

28 KB
28 KB

110ms
26ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic15/sep/sudan24.JPG
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c817682c0d0aefdd54577d609d58d18ada6340b5321d22fa56fbe46c895f6bef

Request headers

:path: /uploadpic15/sep/sudan24.JPG
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10708156
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 28195
last-modified: Fri, 23 Apr 2021 07:49:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJAIsz%2F74nuMr07Oka%2Bg5Fgayryrn4T%2BOuYJlPFSnwkdK5LlBu1TX9jjPj33TY8qutDdF9dHAqQhpW5j%2FZ%2BQsPWJfGq5hW497NcZiGz1PnE%2BUVF4l8eW8CsbiGFkogdUYZC7CGjT4cpHrDWoH7datQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 23 Apr 2022 07:49:42 GMT
cache-control: max-age=31536000
cf-polished: origSize=30436, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c61a565b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzxJyTlxvkXiz3o%2B%2B56los2jrnZw1VTrM9rBuef70AYLml6663AM6RF3zIbsmcz%2Bq9Z0a6RCNCT%2BgWvjGVnU4J5t%2Fi9a8IxQaupqH8E4RdEu4vbW9vk392QThP3pvlXGNp18KHdmunze7EwcYOFmQFFD%2Fvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic15/sep/sudan24.JPG
cache-control: max-age=172800
cf-ray: 6842b4c46f965b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 mo1.jpg
sudaneseonline.com/db/avatars/ 41 KB
41 KB 41ms
35ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/mo1.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2a5be1fb732b2f55adc323fc7a2d152719bcce2a573760cd2dc53540c32a010c

Request headers

:path: /db/avatars/mo1.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="mo1.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 41784
last-modified: Fri, 21 Dec 2018 16:05:18 GMT
server: cloudflare
etag: "5c1d0f3e-30620"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3LdJIOEblPMEx1XxYhC0jkS6nO%2BERzw2KH3ZdUl%2FXwwKCUNZVQWS8n5J38Yu9HAiem6CbBLFf0N%2FXorQRb%2BK8F%2F3SDQCpzKbfHzGldZlO7syguXc80OaFzhIeAL2qyQV6Ye5jyHrZYiyV29NXq27A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=198176
accept-ranges: bytes
cf-ray: 6842b4c46f995b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p_20432r69o1.jpg
a.top4top.io/ 51 KB
51 KB 166ms
32ms Image
image/jpeg 163.172.219.20
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.top4top.io/p_20432r69o1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.219.20 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-219-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash: f78f20010d2ea557e19ba11c88fc328ed519d589806a06ed7637f6ec008cb7bc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-file-id: x39884928x
date: Wed, 25 Aug 2021 06:18:58 GMT
last-modified: Thu, 05 Aug 2021 02:42:55 GMT
server: nginx
etag: "610b502f-ca07"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="36752686_10156380659782999_6076361800138358784_n.jpg"
accept-ranges: bytes
content-length: 51719
expires: Wed, 25 Aug 2021 08:18:58 GMT

GET
H3-29 200 img117_637132402.jpg
sudaneseonline.com/db/avatars/ 4 KB
5 KB 40ms
34ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/img117_637132402.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f80a5862031aec6ffc424f43bca8aa8c271628110c27d2b2e869207c64f91b01

Request headers

:path: /db/avatars/img117_637132402.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2861
x-powered-by: PleskLin
content-disposition: inline; filename="img117_637132402.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4316
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-85ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRxgRmdz02RYKJZCcR0PXX6EBi10wXuZQO3KU2UaK8oC%2BlaiShv9Y1NVm05Z6%2FIlEJqwJ%2BKcDmbVeUiHie2KwJJG6ovRQmxToBsfvI96nWeN9TmZgKsALPpfxxYRijZVd%2F5c%2FAbCE5e3%2FZ8LQzNq7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=34220
accept-ranges: bytes
cf-ray: 6842b4c46f9b5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p_18426kvr00.jpeg
j.top4top.io/ 44 KB
44 KB 231ms
96ms Image
image/jpeg 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_18426kvr00.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: 1d84ab7a504f044466a6619b8204ae6bf5c719f73b50c72128e4180b86b366b9

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-file-id: x36375825x
date: Wed, 25 Aug 2021 06:18:58 GMT
last-modified: Sat, 16 Jan 2021 09:35:49 GMT
server: nginx
etag: "6002b375-af22"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="DSC_0148sudan1sudan.jpeg"
accept-ranges: bytes
content-length: 44834
expires: Wed, 25 Aug 2021 08:18:58 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 88ms
72ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 89ms
70ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 06:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 108E 67 KB
25 KB 611ms
608ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbc404e230a949517523753e08bf741f0b6f9f02cbc13ea8ebe314eae2ea414a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:59 GMT
server: cafe
content-length: 25771
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 06:33:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:59 GMT
cache-control: private

GET
H3-29

200

ICC-Logo.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

18 KB
19 KB

20ms
16ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993

Request headers

:path: /uploadpic14/nov/ICC-Logo.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513
x-powered-by: PleskLin
content-disposition: inline; filename="ICC-Logo.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18476
last-modified: Fri, 24 Oct 2014 16:26:04 GMT
server: cloudflare
etag: "544a7d9c-7fb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asyK2j%2BCHg3QvToPZ7zNkAi0%2BD6jVlGxIhDUGyvX3msYh8JQXjrvp1p0j8G4i2Y7XcXQvE2ErjnrN8Bhet7hxyX%2F0aGcFsZeyD0WF30ApPpTk%2Bm4a2IgsF7lBqN3MnZedPsz7hwEOaIBsmYD0cC7zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=32696
accept-ranges: bytes
cf-ray: 6842b4c6ab195b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qhE6lW1qvtcPBAxBxbc8t6HcKqRs59s6n9CDm3mhCZsIEsjcx5RRn6qI7G8BRhuM1I1BtrxZgxHWoKMOv%2FZp%2F9C%2FUAdoLlgSAWIobybdxwjsWy2T9Z4NtOdbjGX0kEcxQHtaabLOD3dgUy3iLmow0ga354%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
cache-control: max-age=172800
cf-ray: 6842b4c579485b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 937a15082c8364b7d235265dacc6a744.jpg
i.pinimg.com/originals/93/7a/15/ 32 KB
32 KB 173ms
163ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/93/7a/15/937a15082c8364b7d235265dacc6a744.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "eb61072fc250ab1ed0329f2f37a0d177"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 32862

GET
H3-29 200 00Latest_News_808188640.jpg
sudaneseonline.com/english/files/ 10 KB
11 KB 83ms
74ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Latest_News_808188640.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb

Request headers

:path: /english/files/00Latest_News_808188640.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 750
x-powered-by: PleskLin
content-disposition: inline; filename="00Latest_News_808188640.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10702
last-modified: Thu, 01 May 2014 15:58:43 GMT
server: cloudflare
etag: "53626f33-44d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sAuUsbI6NShGCm%2FEiwkmedYCSIOhLfO56cQUuqP%2BRnpTp1hNGDebVhlvf5sNgQLIHQHeIFbQLehRYDOhnTY0ye73K%2FPHxOixVnI3bOWXWV0sD%2FigjtJlCOUh45c8vqhbf5bfus9a0CIJ78jEqJTvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=17618
accept-ranges: bytes
cf-ray: 6842b4c5794e5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

200

1nur_131441372.jpg
sudaneseonline.com/english/files/cover/
Redirect Chain

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

12 KB
12 KB

17ms
14ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dfbdab0eb3628feec66d46ed4db9c94f7f21fae0a3feeba9e5bfbd6c9ab5282b

Request headers

:path: /english/files/cover/1nur_131441372.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12045
last-modified: Thu, 01 May 2014 15:33:49 GMT
server: cloudflare
etag: "5362695d-8a70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaNGUd5nysnqdgoliLUVtf%2FKXlp3CDdq%2BQps3L%2FB42Eca23olD9WfqMwN3Sq7OISzdnIuoAmyPy%2BhU3vp6KBP6MywAqrmn%2FZPZdYGWWuXVh5cL%2BT2P3gzLAotQDUJK9oH48w1981yToEnQZq1bWM2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=35440, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c6ab1c5b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgWG1%2BNRxOATN8N2hKPx35iAwTOo1XveuiiIOPDqzX4qQIO69qHy6C38CyUfzS4AZ45yFgN02mO2ynvdYqsK%2FL62rC9vKM1WEomcMD8gtKHa9xmDcxWvz%2B%2BUKU5rxxVSpXBOtZdiYA13n9QWqGAhMwCKLTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
cache-control: max-age=172800
cf-ray: 6842b4c579505b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

766efe683cde3ebb0b9b5cbc7b3fed71.jpg
i.pinimg.com/564x/76/6e/fe/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

12 KB
12 KB

74ms
69ms

Image
image/jpeg

2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
x-cdn: fastly
etag: "0d941b7ba11d2da3dba6ca4aaaab872d"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 11878

Redirect headers

location: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
accept-ranges: bytes
content-length: 0
vary: Origin
retry-after: 0

GET
H3-29

200

4sudanews_jpg10.jpg_500x400_841775616.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

1 KB
2 KB

18ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c

Request headers

:path: /db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517
x-powered-by: PleskLin
content-disposition: inline; filename="4sudanews_jpg10.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1290
last-modified: Thu, 30 Jul 2015 15:58:15 GMT
server: cloudflare
etag: "55ba4997-73c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FxopzeTN02DSUH7tJcZYnCAvO7kNHUMzEy%2ByLGxbU2ATcCjyxnnNurWDNg%2Fg9cdcbx3UOcxG6eoRY0SKl3k9yREbVxqbECsBT9sY69zidKDqZuQW4m9PER8ZwiOZI%2Bxpc1wX3RX3Frp32md3qmoUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=1852
accept-ranges: bytes
cf-ray: 6842b4c6ab1e5b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erUpfu73hWMgHUoeNOlRVBwXQiwu0CkG7CkHtfBUnE5vHV01aKRUBH5FhV0A%2B8MuXh8ko0aUUy6c8K4fBtSRQu7o2zJ%2BeMwwIK%2FLgEO%2BiDk7tC7JQYkTIcJeag7f4xri6GvMrACXKyNLhC2qYPhzneZrkQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
cache-control: max-age=172800
cf-ray: 6842b4c579515b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 bf9da2168ed0158e14c0f64b77cba4c2.jpg
i.pinimg.com/originals/bf/9d/a2/ 35 KB
35 KB 167ms
161ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/bf/9d/a2/bf9da2168ed0158e14c0f64b77cba4c2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 387c47ec69de79ef3993d1bd9c834b690164edd3b4e27f645152bbc63b95c3f3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "e5f84a1e20be28fcb6b16bf3d9ea40ce"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 35889

GET
H2 200 7d3e00378d5d7cf0d89a67c383ecf34f.jpg
i.pinimg.com/originals/7d/3e/00/ 42 KB
42 KB 167ms
162ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7d/3e/00/7d3e00378d5d7cf0d89a67c383ecf34f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7a02e50043d5095ae058e9d777a9fea70d63609aa7bea7125b8475424efc2d9

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "54722515c89db8cd6b9984e1cda6cfef"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 42677

GET
H3-29

200

dr.mahmoudasuleiman.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

7 KB
8 KB

19ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624

Request headers

:path: /uploadpic14/mar/dr.mahmoudasuleiman.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248
x-powered-by: PleskLin
content-disposition: inline; filename="dr.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7212
last-modified: Sat, 20 Sep 2014 20:06:16 GMT
server: cloudflare
etag: "541dde38-460f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufg8QHtGB6OVDZsQkOikiFQwy2GSaUSZlueS%2BpAWRePMxAQLb0z8HGaA4Ue3X6S5ZKZgWqnLtv0jaSgNuZLRrRmluB3JgiFgNsmVaqLuk4vMJ5CFKsqfuznbxKrGv54EXgrXb7L21a%2FsadCH8gUcPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=17935
accept-ranges: bytes
cf-ray: 6842b4c6ab1f5b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um50gVbBo6ooV9qKbzLHgdQQDSU1WhaGi57%2BS56RUFgxl%2F%2FSza68nbhwtT8WGaSP%2Fq%2BnDgDIGexLdUVYK0IIQf6gnI6I4PtTYFEINtJV4aD6rGyEWyluqUMC1LHIun8xfIEjDGECDXRE30tMDICeBcWD3sY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
cache-control: max-age=172800
cf-ray: 6842b4c579535b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 17ffc2d30cde8171e6653dae228bdbb7.png
i.pinimg.com/originals/17/ff/c2/ 199 KB
199 KB 167ms
162ms Image
image/png 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/17/ff/c2/17ffc2d30cde8171e6653dae228bdbb7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06110a23744b87a6b54dffd7f506bfcf053936b3431c7bd4837221b702bca300

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "d8dfcb681ee6cc8eb666e3771d04ecb7"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 203903

GET
H2

200

cf035e0dc41453277f5021ced27969d1.jpg
i.pinimg.com/736x/cf/03/5e/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/cf/03/5e/cf035e0dc41453277f5021ced27969d1.jpg
https://i.pinimg.com/736x/cf/03/5e/cf035e0dc41453277f5021ced27969d1.jpg

34 KB
34 KB

74ms
69ms

Image
image/jpeg

2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/cf/03/5e/cf035e0dc41453277f5021ced27969d1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00ec949959d50c8f5f82c39768c53ffcc3773df7907df86d5ec2f58e34e943f1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
x-cdn: fastly
etag: "4d7b5d8fc2e19a3b531eb976d66c7201"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 34589

Redirect headers

location: https://i.pinimg.com/736x/cf/03/5e/cf035e0dc41453277f5021ced27969d1.jpg
date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
accept-ranges: bytes
content-length: 0
vary: Origin
retry-after: 0

GET
H2 200 4250e372de5a414db1b2ee26d9ad9d40.jpg
i.pinimg.com/originals/42/50/e3/ 39 KB
39 KB 167ms
162ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/42/50/e3/4250e372de5a414db1b2ee26d9ad9d40.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cdce54de03e24afa7603e665a9c73fae0fe170f5d7c98c2bdb4e561cdb048402

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "e28227bb7d30af7d0624edd2a5565a09"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 39872

GET
H3-29 200 nopic.jpg
sudaneseonline.com/db/avatars/ 2 KB
3 KB 77ms
74ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/nopic.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b0b47fbe08813f2964de03684b90df90615e5591820069441e26471cf176fc0f

Request headers

:path: /db/avatars/nopic.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3007
x-powered-by: PleskLin
content-disposition: inline; filename="nopic.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2442
last-modified: Thu, 30 Jul 2015 15:58:43 GMT
server: cloudflare
etag: "55ba49b3-7171"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP8YdjEhC5%2B62wt4Q4jlSCbIZGkiQWdsn0Qvl3wqbpPX4tYqc0DgensI%2BQEB9VqYWfl%2FxlUaVftHupJ%2BWiCo3xensRMCP20R%2BrcwUV60ttDN9cvH2kUFXyVAcd3sqt7Pm7HPXlbHuR%2BOuhP8nsLCPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=29041
accept-ranges: bytes
cf-ray: 6842b4c579545b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9ab50972ef5b94e1af02c50bb1cf8da6.jpg
i.pinimg.com/originals/9a/b5/09/ 20 KB
20 KB 167ms
162ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9a/b5/09/9ab50972ef5b94e1af02c50bb1cf8da6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31c1f492749dc61ef04230aede385861df35856cb40e6f311051e27f05983493

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "30bd7199c183dd8cde33385ccef0fabf"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 20340

GET
H3-29

200

idris1.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

18 KB
19 KB

19ms
15ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/idris1.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9c29701afd31055e0f204731dca3b8c8e010c01e1571113cd5e522f1c5338a9f

Request headers

:path: /uploadpic14/mar/idris1.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18331
last-modified: Sun, 31 Aug 2014 18:35:48 GMT
server: cloudflare
etag: "54036b04-4a96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaUGmcc4ROEnSoUgT%2BxEI2lkzzQvFulxbeoF%2Bbw9f4rylSUHLoT1stj19%2BiUT0XDRu%2BfYLpcePjTrU1ItNxJ3e6tA9b3Gm1gHUSGTlIFQB5tAQphkMjqhweBtaj619n9IzYGRj6jJJagfcskZTICyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: origSize=19094, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c6ab225b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFpxTup%2FHPKRp2%2FD9V275OlwAO6BpvsxllQtJyF7S22zJSmQwuy%2Be8VMX9fvAzy0oICpjHrR%2FBVz1i15TGj8tw9h8RJh0f8CHyWwPexNOerq%2Fyl4PPBbXaMtnSaP6phmHVDZ5p0UoKX273X0rsGtcQpFZ%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic14/mar/idris1.jpg
cache-control: max-age=172800
cf-ray: 6842b4c579555b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 30d0b4b551b9978ed7abaa0234e5c63f.jpg
i.pinimg.com/originals/30/d0/b4/ 5 KB
5 KB 166ms
158ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/30/d0/b4/30d0b4b551b9978ed7abaa0234e5c63f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 728954d89251efa0667bfd0074f608ef6a0d318b31f48f423cd339c7514116cb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "ef031591469d2207d9b9272a095c4430"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 4943

GET
H3-29 200 news1.png
sudaneseonline.com/uploadpic19/ 26 KB
27 KB 75ms
68ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/news1.png
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704

Request headers

:path: /uploadpic19/news1.png
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3314
x-powered-by: PleskLin
content-disposition: inline; filename="news1.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26968
last-modified: Mon, 21 Jan 2019 18:48:18 GMT
server: cloudflare
etag: "5c4613f2-a863"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FLOK0bnOnEePcm2aOTuvyr1nlKzBfAOOeJfI0X7PdbKfuJDCSela%2B4xpEf1BXq94sCQJNqMyvUPUWSW6c8CDDkcmpbebtLQScA62oTFBr0Y%2FyvkltEV3JgByw7ypusPiRUK%2BaxTNGassyxJc1gUHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=43107
accept-ranges: bytes
cf-ray: 6842b4c589845b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 4c7c321ac577acd303cd094e8a9278f6.jpg
i.pinimg.com/originals/4c/7c/32/ 17 KB
17 KB 164ms
149ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/4c/7c/32/4c7c321ac577acd303cd094e8a9278f6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8d0120ed2144058812744194f701e8475f7a219e35e1583ba41213e2cda264

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "2299624104f7a2142506011540e0ff45"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 17401

GET
H2 200 4928e0c867a1f0d0a9c142263b50b778.jpg
i.pinimg.com/originals/49/28/e0/ 74 KB
74 KB 164ms
149ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/49/28/e0/4928e0c867a1f0d0a9c142263b50b778.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 03975aed68110778f890df02903c06aacb3f6513ce60606dc90a4d68119909ab

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "175a12ba8b7a4ce788b500007d934772"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 75522

GET
H3-29 200 Eltayeb_Hamdan_764745101.jpg
sudaneseonline.com/files/daily-writer/ 6 KB
7 KB 82ms
76ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Eltayeb_Hamdan_764745101.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a383952a0479530eedc7d467fe2bfe5769f2fbfaef0e7493964fdef65d11818d

Request headers

:path: /files/daily-writer/Eltayeb_Hamdan_764745101.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4912
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6592
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-609c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y39LFZK7bsiRzotLl5RaZhhxhy%2BSf9L%2F7PTtuz7cuWMbdQKl7qyVERg%2FvmFVkhjzGMdEb84RBE1nfSbE9bsd61IhHOA%2BOpGj7bF6Z4fGtF3V%2BJYBwJCq65lmQHpzkIwezvLPBLNcsNTcpxN0RmqBoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-polished: degrade=85, origSize=24732, status=webp_bigger
accept-ranges: bytes
cf-ray: 6842b4c589865b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 press.png
sudaneseonline.com/uploadpic19/ 43 KB
43 KB 82ms
76ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/press.png
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11

Request headers

:path: /uploadpic19/press.png
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248
x-powered-by: PleskLin
content-disposition: inline; filename="press.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43628
last-modified: Mon, 21 Jan 2019 18:19:38 GMT
server: cloudflare
etag: "5c460d3a-f2ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXvIYlulC7SfSJX0FdzjB%2BaKRVDIaP%2BrRjipzeXs45XChBkAAW83o0W9EQKwNlsHRPVsNIjZ%2FYXN7Q%2Fj01UOY3B6pNdUCCzOufYlaptotKWhM433MI0XXmotG0pXNRYRYFh5j9Z1Uocr9MzztAcl%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=png, origSize=62188
accept-ranges: bytes
cf-ray: 6842b4c589875b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1175a4ef10b9f4bffa15f55776974393.jpg
i.pinimg.com/originals/11/75/a4/ 62 KB
62 KB 163ms
147ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/11/75/a4/1175a4ef10b9f4bffa15f55776974393.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a9ab687221363afc8c58df2eeebea104cbe3e759674d21ada4a4909de806b17c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "18ef93e4271853eed29a95b952eda18b"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 63797

GET
H3-29 200 i_folder_announce_379821710.gif
sudaneseonline.com/files/ 2 KB
3 KB 87ms
77ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/i_folder_announce_379821710.gif
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 489b9fb1fbacf1ba411b43325a90df87c0673880b48f7ebca8c5798edd311adc

Request headers

:path: /files/i_folder_announce_379821710.gif
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248
x-powered-by: PleskLin
content-disposition: inline; filename="i_folder_announce_379821710.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2412
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-a2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObmSE%2F5Ob%2FDG2ztE5TPWdapK%2B4zujkJ4qoacsbiZuEgFTBRUAwYNfRO7PHM28VVABcmU8y5YH1ecGNXBQTYpnCX03nqhNawIaJe%2FgytWbtQFbFOnuqFBgTyzijmb80kkwn6UrxwjvCWbg42K2rd6Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: origFmt=gif, origSize=2603
accept-ranges: bytes
cf-ray: 6842b4c589885b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 jafar_khadir_571127481.jpg
sudaneseonline.com/files/cover/ 11 KB
12 KB 80ms
70ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/cover/jafar_khadir_571127481.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 300873de99fd5dd4cef5b4330e71a4903a54e2b643fb7cdb7c89af79589a6037

Request headers

:path: /files/cover/jafar_khadir_571127481.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248
x-powered-by: PleskLin
content-disposition: inline; filename="jafar_khadir_571127481.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11436
last-modified: Fri, 07 Feb 2014 06:02:44 GMT
server: cloudflare
etag: "52f47704-6a25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nn%2FwPpJkZa2pqDU6iMRKbh74bQYYEaZ8I0KXBvRPDxVNO%2FScIdY%2Fa6JUA0fPKCj5RtsNHehers4D0Jy08iiiZoCr2LoznDpCYo05oE147Id6cfSCYmf%2FT5v9kiBSuWzYMUUCk2p%2F7NPsWt7tATz5VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=27173
accept-ranges: bytes
cf-ray: 6842b4c589895b44-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 d38af4a1fa19289e76462fe3bd5a1a6f.jpg
i.pinimg.com/564x/d3/8a/f4/ 28 KB
28 KB 185ms
101ms Image
image/jpeg 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/d3/8a/f4/d38af4a1fa19289e76462fe3bd5a1a6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
x-cdn: fastly
etag: "96c05b4c1c11aa1721f7c84f3c2a267d"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 29038

GET
H3-29

200

00000asudaneseonline.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

13 KB
13 KB

70ms
70ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c

Request headers

:path: /db/avatars/00000asudaneseonline.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1485
x-powered-by: PleskLin
content-disposition: inline; filename="00000asudaneseonline.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12846
last-modified: Thu, 30 Jul 2015 15:58:05 GMT
server: cloudflare
etag: "55ba498d-be2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eN2LOrFeICmZh5xUTHnXaL1M82HCBgsCUeqned3ZuX4bXlyRA3XujKblGRYDUCPzHXeluzH%2FJJb52Opo6Ha0MWalBrpj9lytR8snd%2FTlcOZn1oBlSjSQfdmWBjPctasQWv73HpKN0aXJalcyA0dJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=48686
accept-ranges: bytes
cf-ray: 6842b4c6ab275b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 249
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLomiHRs8swCH3CX5gfcLfbgGdOsS10yQmeNN9vpYNLcfdYaRwiFl0D0uhm7sLPESSZ2Ws5cke8aN2zPzVnLmo%2FTDfuUPzYntK%2FVj4Y25F4ioHqgLaExQzPXy%2BMaU6mbeNkCBoywsXRypQn4PiVt5Ea7BPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
cache-control: max-age=172800
cf-ray: 6842b4c5fa275b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Darfur_Destroyed.jpg
1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/
Redirect Chain

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

22 KB
22 KB

103ms
18ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Darfur_Destroyed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22596
x-xss-protection: 0
server: fife
etag: "v45"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 09:17:46 GMT

Redirect headers

date: Tue, 24 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: fife
age: 61028
location: https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
expires: Thu, 23 Sep 2021 13:21:50 GMT

GET
H3-29 200 shawgo.jpg
sudaneseonline.com/db/avatars/ 57 KB
58 KB 90ms
17ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/shawgo.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1

Request headers

:path: /db/avatars/shawgo.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="shawgo.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58382
last-modified: Mon, 24 Dec 2018 17:48:12 GMT
server: cloudflare
etag: "5c211bdc-402a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtwrZV1pUots9AWwb7to0yMoEnuXoljjoXsPJKGZwMivvRE99V6eV9KMteBK7VuuPFC0ZHzRoIe2U7zXbAC%2BVbCcnYO%2BPlOSVCHhJcmIoAKJtbFTZBlpwmII16d9xufBiwk83BA9qq0jQvJiHib1Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=262818
accept-ranges: bytes
cf-ray: 6842b4c5fa2a5b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

404

sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
sudaneseonline.com/uploadpic11/june/
Redirect Chain

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

3 KB
3 KB

271ms
271ms

Image
text/html

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

:path: /uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8GKBLhTiKp8m5hFO4rxNhwt5v0Jb8PY5XxToMlQWtiRgHlb9bZeDQbTs9A%2BWDMMtp4QH551YTkWZfZzWU6Yeusesr7SYoL9jQD%2F0N5kxl32599vo7izz4oBecgcWnTHPmaqvnq%2BCCKKLukWFMs0%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6842b4c6ab2a5b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 249
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afsctKCoZnZU1hW9i3faZFGiWiPro8kJtlrGoBnHFsi4l61CvzdfvfhqfAegSBW8y7NDh03gos5enGPhesmwXWTnxg4r%2BtUaWTdEhoaTkqRBnLMTgi4BUPWFa3dJzK4KAop%2FawuEOipQA%2BaSejZHH1X5PiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
cache-control: max-age=172800
cf-ray: 6842b4c5fa2b5b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET 1016333_488823897867823_1875840390_nsudan1sudan.jpg
http//www.sudaneseonline.com/uploadpic14/mar/ 0
0

GET
H3-29 200 mosafir.jpg
sudaneseonline.com/uploadpic16/may/ 2 KB
3 KB 111ms
24ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/mosafir.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4

Request headers

:path: /uploadpic16/may/mosafir.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="mosafir.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2432
last-modified: Sun, 02 Apr 2017 09:18:57 GMT
server: cloudflare
etag: "58e0c201-e7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHsTjq2AaNRyDyVYhELzVMJeR%2Bo1fc3MK6mXnpicJjrGiSFj1Ma0KxPhIQ3FrJoqsDCWTb%2FTfh%2BCenFKWdUJ5%2FjIJD%2BWSNiTWYBMCxNEtNbkejTnUNN2GeMLSeqU62Od%2BrPpk1QllbevLklWixtZAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=3709
accept-ranges: bytes
cf-ray: 6842b4c61a525b44-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

200

mamanadwa.jpg
sudaneseonline.com/uploadpic10/May/
Redirect Chain

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

20 KB
21 KB

15ms
14ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731

Request headers

:path: /uploadpic10/May/mamanadwa.jpg
pragma: no-cache
cookie: _ga=GA1.2.857375138.1629872338; _gid=GA1.2.1933411748.1629872338; _gat=1; __utma=24067384.1003514159.1629872338.1629872338.1629872338.1; __utmc=24067384; _gat_gtag_UA_115921305_1=1; __utmz=24067384.1629872338.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=24067384.1.10.1629872338; __gads=ID=bc22c1df341e76fa-220113e2b4c90001:T=1629872338:RT=1629872338:S=ALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg; __gpi=00000000-0000-0000-0000-000000000000&c3VkYW5lc2VvbmxpbmUuY29t&Lw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sudaneseonline.com
referer: https://sudaneseonline.com/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249
x-powered-by: PleskLin
content-disposition: inline; filename="mamanadwa.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20326
last-modified: Tue, 20 Jul 2010 12:54:07 GMT
server: cloudflare
etag: "4c459c6f-b264"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekPDRaox%2FL98TSLGXXwahnPznQH2Uq1Ee%2BIcNBTvLnK4NkoCnN%2BmDaHJilgXUVu4mecS%2BcZg2l%2BkV6dEqrWDDvmKWdhC8IFdYRXKPsVtjVdYiE6DvP3CZPP%2BLiklaA6xq5f0M%2BXqU7S6N%2FnIqIZjiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=172800
cf-polished: qual=85, origFmt=jpeg, origSize=45668
accept-ranges: bytes
cf-ray: 6842b4c74c375b44-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 25 Aug 2021 06:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 249
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hraEiwfL7g3DIVFh163i%2BXESVedXFk8pZegYYwQOebhoVQupBovjNr%2BDcLAKH96yK9C7fuZ6KBXcO3edQg58W7JkwuE%2FqHNXz02efCuS4BwqKOjw8K0%2BcJzSNF4JEpvlN4jDIqi4MA0J7xZAjJ54u1pJhAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
cache-control: max-age=172800
cf-ray: 6842b4c61a555b44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 900B 98 KB
35 KB 797ms
796ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ec9f7e9310fe7f9c9bf0070a7f9acdc8a5d8af5653e763a03900e0c27183072

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJnXqc7Dy_ICFYgU4AodZTgHiw&gqi=0uAlYd_qN-qV7_UPpsu28Ag&layout=/sadbundle/%24csp%253Der3%24/14459537531482684182/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJnXqc7Dy_ICFYgU4AodZTgHiw&gqi=0uAlYd_qN-qV7_UPpsu28Ag&layout=/sadbundle/%24csp%253Der3%24/14459537531482684182/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:59 GMT
server: cafe
content-length: 35783
x-xss-protection: 0
set-cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE; expires=Mon, 19-Sep-2022 06:18:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:59 GMT
cache-control: private

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5F61 12 KB
5 KB 20ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 25 Aug 2021 06:14:40 GMT
expires: Thu, 25 Aug 2022 06:14:40 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1471 783 B
533 B 20ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9537720200ca7bf7e377a1b350a2a7e32b1458ed82ff3482bff3b928edb6fdb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05lVoUTv19yf39nbWVI8bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

expires: Wed, 25 Aug 2021 06:18:58 GMT
date: Wed, 25 Aug 2021 06:18:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-05lVoUTv19yf39nbWVI8bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B32 66 KB
25 KB 384ms
383ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08bc43f1473d2e76b133e73bbad94f32a9b38b3949fbfa2bbb3d09d8f573b82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:59 GMT
server: cafe
content-length: 25850
x-xss-protection: 0
set-cookie: IDE=AHWqTUkhXD9NzE1pCTJ9L1UITl9LE0WqOPSOs-0mu-Y6nDajmP21McSzP1T4alSumlw; expires=Mon, 19-Sep-2022 06:18:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:59 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08B6 430 B
231 B 82ms
81ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1629807529&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338270&bpp=2&bdt=386&idt=837&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=udjIyIPbbD&p=https%3A//sudaneseonline.com&dtd=909

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8961aa85d358ea22baf4868b3a336674a9528708367ef7733a850fd0aaa7c343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1629807529&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338270&bpp=2&bdt=386&idt=837&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=udjIyIPbbD&p=https%3A//sudaneseonline.com&dtd=909
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 06:18:59 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: IDE=AHWqTUmR4aRqjDrxNX7RVkRJ9Om0qlelKCDpaxfVmLwh1hk08-Y6RmfjQwduxs9w2GA; expires=Mon, 19-Sep-2022 06:18:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:18:59 GMT
cache-control: private

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame F5E4 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:04:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F5E4 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:17:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5E4 124 KB
37 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F5E4 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:12:01 GMT

GET
H2 200 28960c8a32e8dcc49d8dc53b67dce604.js Show response
www.gstatic.com/mysidia/ Frame A6A4 11 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/28960c8a32e8dcc49d8dc53b67dce604.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1629807529&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338254&bpp=2&bdt=369&idt=234&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dfNT4n5OsK&p=https%3A//sudaneseonline.com&dtd=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 09:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4667
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:42:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 09:51:55 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame A6A4 1 KB
857 B 11ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:11:02 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame A6A4 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:04:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame A6A4 2 KB
1 KB 71ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:17:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6A4 124 KB
37 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame A6A4 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:12:01 GMT

GET
H3-29 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame A6A4 26 KB
11 KB 77ms
12ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:42:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:16:19 GMT

GET
H3-29 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 39AB 4 KB
1 KB 11ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 24 Aug 2021 14:01:01 GMT
expires: Wed, 25 Aug 2021 14:01:01 GMT
content-type: text/html; charset=UTF-8
etag: 11900953634711111692
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1157
x-xss-protection: 0
age: 58678
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F5E4 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0BJE0uAlYYGdI8iD7gOosKWwC9q2wZpk96nJn5QOps7mrYkCEAEgioHAA2CVAqAByorY_gPIAQmpAigEiXEnsLM-qAMByAPLBKoE9wFP0AjANVpzAi3DWrUWrBdKaFGlkv6p6rGHyTPXBKFjvtJhuNcfwf9f4sXfuvfbGqQ-jNsVz5izYvh5ed3JzB9p2VIlsArnCUjf6t8D1OXxfzWPgERaiKYNqLayZVC2VZ-esCoAuPln9yd_E5-NzckkjzPuiaAVqNZJ5lfHSRcFM6okbgsnnrxT5bK8j2rOmzmkKl6GBQXvgEbpebG-oFlExPYA2Ns7V8Y93mQXLrzbydBmu572d7LkaARxx1COwnCfZjNI1tvnBeO-ZKKfdxfxUeLZSK8f0nUW5tzoCyGzH8Pdg78XU_9FrZPwJoRL9xBIMms1ppTnwATo-LH21gOSBQQIBBgBkgUECAUYBKAGLoAHnvWnAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ7qoN0ggJCIDhgBAQARgfgAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTk4NjI2NjUxNjk4MzM1ODYYAA&sigh=_K-tZ8winRg&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 06:18:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 11455320262328853069
tpc.googlesyndication.com/simgad/ Frame 9D1B 34 KB
34 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11455320262328853069?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmb4qTLqbTZymonR337jg4EGedtDQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e33bd3eeb6d3e82825ca5990e311ada69b68575d9c5d5d205719adaf3a1618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:09:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 16:03:32 GMT
server: sffe
age: 50979
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35280
x-xss-protection: 0
expires: Wed, 24 Aug 2022 16:09:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 9D1B 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:04:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 9D1B 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:17:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D1B 124 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 9D1B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:12:01 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 9D1B 26 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10771
x-xss-protection: 0
server: cafe
etag: 12253238251956766473
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 19:40:32 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D1B 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK1Xz0uAlYaLHJpms7gP_966gAv_nqMVkyr_Plv0Mv-EeEAEgioHAA2CVAqABnc2l-wLIAQKpAsuE__Ucs7M-qAMByAPJBKoE5QFP0PM7vU0tCH7K45hZ4x39spBdfnRd5v6MZ5CdUwDVuoTvqmcYZLXxbGwD0-cbASI8DzHdH-mQgVQQM9HCkIKICD4nW80-V9SmMaJUjGwM54DMxaGhMPpesGJz5wWj1mA_jsf-sR_OhyRhKl_6bUNwPh5tgKhgfEoSTGWKC96EdQdjDGS0v-7efkPXgTkPhqVdA-x3aSd5_d8ZwliycQFtNNDvtc4RQakZYKuHDDYB1MAUDCoCY4Zde3DzLDeqTCSHxb3dMOlq44-pM3PR2t6NEDZ-A9B5Nf88YRCof6UPmZWyyPwUwATwlcWxpgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHy7LahAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ9qMY0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTk4NjI2NjUxNjk4MzM1ODYYAA&sigh=007AG0SulcE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 06:18:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F61 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6882 143 B
163 B 71ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmR4aRqjDrxNX7RVkRJ9Om0qlelKCDpaxfVmLwh1hk08-Y6RmfjQwduxs9w2GA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338256&bpp=1&bdt=371&idt=296&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pS11OB33O7&p=https%3A//sudaneseonline.com&dtd=302

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 05:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40FA 143 B
163 B 12ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkhXD9NzE1pCTJ9L1UITl9LE0WqOPSOs-0mu-Y6nDajmP21McSzP1T4alSumlw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1629807529&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338257&bpp=2&bdt=372&idt=324&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kygiEJE3rx&p=https%3A//sudaneseonline.com&dtd=341

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 05:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F5E4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0faa520aede6d55e6d5e4b8ae838f888e4b5bea3fc5f1522277645293b6dbc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A6A4 13 KB
13 KB 63ms
14ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQoFBiBkOPi3bxr3IZkR9suG4fN_9uNQ8hi1A71PDsk_EznqghB&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8a1578db0879358b6fa2560254d4975311f87fe4b438f378b532b43c337dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 13:32:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 02:06:09 GMT
server: sffe
age: 319569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13242
x-xss-protection: 0
expires: Sun, 21 Aug 2022 13:32:50 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A6A4 18 KB
18 KB 60ms
12ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQKOCK8mnUogRrUncqaEGmNIbByDQ_EsOQE83S6a8sGge7PxjtK&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d6ee54670825b5b82355d23110803c85e85405b38cf618c8f21fc0382dd1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:06:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Aug 2021 01:40:49 GMT
server: sffe
age: 51156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18197
x-xss-protection: 0
expires: Wed, 24 Aug 2022 16:06:23 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A6A4 17 KB
17 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQRNB5E0cD6My4cxRlA5ulYiktpAhNulDccb8yLRWc1EeHgZLM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbddaf11652a6e0becba9c844d9c234f70919740df8c25935a78aa75cb4ce6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:46:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 09:04:32 GMT
server: sffe
age: 63176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17165
x-xss-protection: 0
expires: Wed, 24 Aug 2022 12:46:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame A6A4 17 KB
18 KB 45ms
6ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTAzuFZWyFD5mP0PYU2O2ey14iRPKStChixIZ55aWqldCtB_39t&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a80188e0a5d0daceca11b3a390f56a85e6e112285313b6a23efa9581ef867c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:21:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 00:47:56 GMT
server: sffe
age: 399439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17779
x-xss-protection: 0
expires: Sat, 20 Aug 2022 15:21:40 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A6A4 16 KB
16 KB 55ms
7ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQkUIvd8DJzbNm6hiZKHJpw5xpbE-ewEbxFohV1m52c0XedDCO3&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e9abeba46e92be33e72f3dde0b067e983a2f175a5a6d4101b8a4669acd75a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:25:47 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Feb 2021 17:57:34 GMT
server: sffe
age: 35592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15892
x-xss-protection: 0
expires: Wed, 24 Aug 2022 20:25:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A6A4 7 KB
8 KB 45ms
7ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcScpr0D7PCUHxPxkqG12zb26bUESkb6BmgCJ5e8uVGeWwYIMPCw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e24bf68cb723a9a7145bee26b29faa6b4004b28ca96f3384cf775cc5134bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 11:31:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Aug 2021 01:35:00 GMT
server: sffe
age: 240441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7486
x-xss-protection: 0
expires: Mon, 22 Aug 2022 11:31:38 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A6A4 22 KB
22 KB 46ms
8ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQDA3Pwq5HuXLE9UF7YttkGieeqERRoszIt7RIorzSMeUfivDQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30734925f87cc0ad5703a6943cf487f1ca1c113f13216b0d5344459ab7e24c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:43:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 00:47:09 GMT
server: sffe
age: 48943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22458
x-xss-protection: 0
expires: Wed, 24 Aug 2022 16:43:16 GMT

GET
H3-29

200

1855790038366648222
tpc.googlesyndication.com/simgad/ Frame A6A4
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl-
https://tpc.googlesyndication.com/simgad/1855790038366648222

2 KB
2 KB

8ms
7ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855790038366648222

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 04:01:30 GMT
x-content-type-options: nosniff
age: 94649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 14:59:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 04:01:30 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 11:56:51 GMT
x-content-type-options: nosniff
server: cafe
age: 66128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1855790038366648222
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Sep 2021 11:56:51 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A6A4 0
0 30ms
27ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfRoz0uAlYdn0H9Wh7gP_obyYBPn9w69k_9-Bq4IOm6jnwb0mEAEgioHAA2CVAqAB48CrxwPIAQmpAigEiXEnsLM-qAMByAPLBKoE6AFP0He9W4siSbMT8wdDDuKfq1390-D_WLoLq1T9QwKlwQEuImr2uE7VBKM_W4Rt-wobm4jt5xeIek5Il3e5V2D6pZwqEWUMhI9Ikh-kET8Y5DjVLdfiQh_qCUHI6ryl1f4JCUqWnePLC00RY316FtK4He4JOVv9Pqqp-4Lm6Jb5kGUuXCcL2mo3cua616inaO2roTEzZyNnbALJUr-6CtGq8zKpgcuh8TSdwlcTaadw6x5IqYIAiGlvKbUz7bQC0LlAqf8nAeMy2LCq6sOT6XyIO9YM2OFcqMyHRKR15K4rAyFzvC-fVMwcwASXrYSmzAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0f-MJqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQgVbSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItOTg2MjY2NTE2OTgzMzU4NhgA&sigh=4Ls502OCMmY&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1629807529&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338254&bpp=2&bdt=369&idt=234&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dfNT4n5OsK&p=https%3A//sudaneseonline.com&dtd=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 06:18:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9D1B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1338cea02b350e3500eb6c233c11a30f0a75f35e08ef20f47eb25ced10c8f0f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6A4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93a552e2ff794a18462e7ff5859758cd547f638e97c5b1a23f84ac7e18232b95

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 14390906264319487786
tpc.googlesyndication.com/daca_images/simgad/ Frame 108E 49 KB
49 KB 59ms
44ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14390906264319487786

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89362bb1b8a984ef669f5d6216ee117fd43c4caf6e7e546809c1c0cc4bf47880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:56:27 GMT
x-content-type-options: nosniff
age: 408152
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50322
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 11:44:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 12:56:27 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 108E 18 KB
7 KB 53ms
44ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:04:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 108E 2 KB
1 KB 53ms
43ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:17:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 108E 124 KB
37 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 108E 14 KB
6 KB 53ms
44ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:12:01 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 108E 26 KB
11 KB 54ms
43ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10771
x-xss-protection: 0
server: cafe
etag: 12253238251956766473
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 19:40:32 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 108E 0
0 51ms
46ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Hck0uAlYZymKtvngAerpK2oCuSKt5Rkten11ZoOjNP2mP4OEAEgioHAA2CVAqAB_7CkowPIAQKpAocqvfYuA7c-qAMByAPJBKoE6QFP0H3lfGd-35ivI3lxEItPPYDdpLt7zo-R7BOdM562yc7nV2h4uPIJiQPiLi0UfH8wNAoy-LHCbhasWOWD6mex9sb0qVmdgkXL94JDNuMjx5dPOGNs9KdXvg1Z92Wc3AddepHcpJqytaAIqbQmdT9aRRr8bOGGkLewQlIGgt5gIKCV3UE2vWMC0M8jowgvf0N0LEhQs1CkiysJNow2Jaufvb_DeCqgI9s_QogGStpe-RN_CZ2ytWjs0bsnxJyI6JbAJO1ilMn5Wyv7xPTDXHYXsEu984KoSJHx0qoolG_C-OS5lHRYdKjBD8AEnczogNYBkgUECAQYAZIFBAgFGASgBgKAB73XhCyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvwB0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk4NjI2NjUxNjk4MzM1ODYYAA&sigh=RFJjOp7l8LM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 06:18:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 39AB 74 KB
26 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26222
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 16:30:43 GMT

GET
H3-29 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 39AB 199 KB
68 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69148
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 12:00:01 GMT

GET
H3-29 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 39AB 11 KB
2 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 09:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1962
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 09:46:21 GMT

GET
H3-29 200 16623847181473039311
tpc.googlesyndication.com/simgad/ Frame 3B32 29 KB
29 KB 8ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16623847181473039311?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qko4djZSZ7qQIDoY6CikTM8DXIGXg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7263671ccb86b6fbc438d7e83088af65fa3ac7674affe7a426b991c5fbcb4305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:05:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Nov 2020 18:35:37 GMT
server: sffe
age: 519218
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29656
x-xss-protection: 0
expires: Fri, 19 Aug 2022 06:05:21 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 3B32 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:04:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3B32 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:17:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B32 124 KB
37 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3B32 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:12:01 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3B32 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2oqSUW8Ixyq5FN62fCDmKsKMfIkE923h9BLnGWthACLGmtUnnzPZ5WFxLGP6SLMs-b05pUn5cXmoJTQDzLwYAj7Vfpw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3B32 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10771
x-xss-protection: 0
server: cafe
etag: 12253238251956766473
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 19:40:32 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B32 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Csuwi0-AlYYOTBdTngQe3vo64Df_nqMVkivTPlv0Mv-EeEAEgioHAA2CVAqABnc2l-wLIAQKpAkfngLK-uLM-qAMByAPJBKoE5QFP0OjXvDfdMkjVfkFhXUf9vps4dYXXXd3PyGLV1qH47nHOX2zpeL2UI5g2LVeGSa_hJyrwflGhjoFqYjUxm7zLiYeNSiGPDFDODt0LUcfo8AZqhYEKxwUHsyvcqPCwk6s2GELkXCPSDBzBB5ZGq8NKhu3hvQ-hjF59YQNvvNxoufPOk24_3PnBiIaFZbBIQesgtCPoRS9GqJ0XsPPAgzagHCYTohy1By6jZXQUGwWq1GK0gztRrfRTLmnaispVPPQSWc51UwMX5w9pR6LdUd0Hce0fURnBLttFhsmG0HnMP8d6RrdOwATwlcWxpgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHy7LahAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQq4cF0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTk4NjI2NjUxNjk4MzM1ODYYAA&sigh=SmHWLXkk8_0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 06:18:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B3F 143 B
163 B 9ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338259&bpp=1&bdt=375&idt=397&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=4291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9pxHEASSxu&p=https%3A//sudaneseonline.com&dtd=412

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 05:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3E53 247 B
806 B 134ms
33ms Document
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

643e03121f75104b52605743908b81e60a0a62c675cdf1da3b654c6c035f0c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-qeHuH3N-VBQfeVvPQKTKBQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 203
date: Wed, 25 Aug 2021 06:18:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 108E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 946e37815daf07144bdfb1d3a2c7a5dea8d8d5a8270d3e34fb6e4efcef5ed014

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 96DF 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 39AB 26 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 12:37:33 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 900B 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:04:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 900B 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:17:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 900B 124 KB
37 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:18:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 06:18:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 900B 14 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 06:12:01 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 900B 0
0 43ms
42ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJ5OA-vcsKQhMU_8SUQFjRdUAnOsG0uo0fubHGS8OWa_C9LuqTdE9G18gb2y-jTfVKvF__XcCPtk7J16pXPoTdMmj3Pw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4666 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 05:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3B32 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8b9ddbab0044b5888575c07dc7d8e4f6d592cb498738a7a30843accca3dc893

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 76 KB
19 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5236be883713c6bc5c3b466e256a214bcb387458c66fc7cd6f4cc3f02f89df03

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14459537531482684182/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 23 Aug 2021 10:06:50 GMT
expires: Tue, 23 Aug 2022 10:06:50 GMT
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19655
age: 159130
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 900B 0
0 21ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CndSu0uAlYZmmOIipgAfl8JzYCMzyrJBk38HW9uQO587H69knEAEgioHAA2CVAqABn9K1twHIAQmpAigEiXEnsLM-qAMByANIqgTuAU_Qgr4quwLLGpTeKksRpuJsYzkQP04p7Vnz2cuc8mL3DbXDdFpXSWFzuxZ9O0Pf9aXd3QdVPxHXGnQijgi2XAotAUIBcjt69utfK3nF2taMwmYLJRjwOk9B3Elflk4rJhcrxhsWXCw4juhJc8yUG7imkbVSHp2enoStokOkxhU9Xz8WZdx17sB5zoIjQowQ9uTTMvbZiUsK4D6L_fQNcDIQdMQLBeLWsafSZcRwpqs3TGT6GLQ2mbCHV_86JMU66KSdXTnFRJWgrlsNBTpdwecoqMEeNngV80rF-gP5eZM55FP5-fyvkgU6ca11GpzABNjtu6nPA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJrcrIAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDxugjSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTg2MjY2NTE2OTgzMzU4NhgA&sigh=Cb-GEL7ixWE&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 06:19:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6882
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 07:19:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:19:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 07:19:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:19:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3669 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99D9 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 05:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 900B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be30f22c896dc09a734bea62e559c84198d61054e16e020c59c1a81a0c7b1c9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 iframe.html Show response
p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3E53 4 KB
2 KB 78ms
37ms Document
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

386581a9b9164347f3c669770f2aa2127bd40df351f8c93d4c42a03873ed74d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-Ea_WajGj2QKU6dt1h4mxVw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1863
date: Wed, 25 Aug 2021 06:19:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4B45 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4B45 26 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 12:37:33 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 4B45 29 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1626772622

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b2eeb7b890430b990ead38e7ac0e2715d47e1584e68b77000e3d58a5ebde5e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 05:58:26 GMT
server: ESF
date: Wed, 25 Aug 2021 06:19:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4B45 57 KB
23 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B3F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 07:19:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:19:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 39AB 6 KB
669 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 04:29:48 GMT
server: ESF
date: Wed, 25 Aug 2021 06:19:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Aug 2021 06:19:00 GMT

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 39AB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4666
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
17ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 07:19:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:19:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9996 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1629807529&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338269&bpp=1&bdt=384&idt=722&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZeYjuw5bUV&p=https%3A//sudaneseonline.com&dtd=795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 39AB 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 84402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 06:52:18 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1629807529&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629872338261&bpp=2&bdt=376&idt=541&shv=r20210819&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc22c1df341e76fa-220113e2b4c90001%3AT%3D1629872338%3ART%3D1629872338%3AS%3DALNI_MZJTIqXRfdJjSJqwKzvtcQGjzyEMg&gpic=00000000-0000-0000-0000-000000000000&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8144570799791&frm=20&pv=1&ga_vid=1003514159.1629872338&ga_sid=1629872338&ga_hid=308674468&ga_fc=1&ga_cid=857375138.1629872338&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066111%2C44747621%2C31062370%2C21065724%2C31062297&oid=3&pvsid=1678000242269036&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AW601ap6Ub&p=https%3A//sudaneseonline.com&dtd=642

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUllm0fWstzeIsAQAX1jDpvRJuv4y4xhVbXmkf2_1GXYWmjtgIx-O5dOpOUNwJE; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 07:19:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 06:19:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 06:19:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 e47c22e8b914b2ac317ee8574e0e9d15.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 1017 B
1 KB 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/e47c22e8b914b2ac317ee8574e0e9d15.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec12520cbefe8332b188d556ed950022b283fe115e8fbbe6d92f0a035973ec7c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 518443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1017
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Thu, 19 Aug 2021 06:18:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:18:17 GMT

GET
H3-29 200 864b1e0426dae7371c461cbd2f028db5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 135 B
165 B 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/864b1e0426dae7371c461cbd2f028db5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0ff4032cc37ee30c83692ea623e669426e79ed74d670bcd54104938c397aacc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 58710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Tue, 24 Aug 2021 14:00:30 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:00:30 GMT

GET
H3-29 200 33dc2170c53ddb496269136f0396aa79.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 1 KB
1 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/33dc2170c53ddb496269136f0396aa79.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f375deaeadd1b99d6c9cb9e64ae6fa01d17869a577906d5477532d656dc08a2e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:29:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:29:53 GMT

GET
H3-29 200 1046e711211686b4206d997e305b2f4e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 6 KB
6 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/1046e711211686b4206d997e305b2f4e.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

985a95cdd7670aee9b0d01a81ad52389698fbe2860fe614307a4d16461cc788d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 518297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5700
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Thu, 19 Aug 2021 06:20:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:20:43 GMT

GET
H3-29 200 bc9662360663e190845abef96cf51c04.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 13 KB
13 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/bc9662360663e190845abef96cf51c04.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09813ce96c0615aaa714b8ee5b9af5f331f9a295ac80333cfee984b8bb131383

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 519107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13470
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Thu, 19 Aug 2021 06:07:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:07:13 GMT

GET
H3-29 200 46e5b860694084a45ac3b13d9a7b3a37.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 12 KB
12 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/46e5b860694084a45ac3b13d9a7b3a37.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88bc81bcf989a3b6afd4f96d1605467861ddd16c459ac63c08f777a09579888d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 44835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12513
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Tue, 24 Aug 2021 17:51:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 17:51:45 GMT

GET
H3-29 200 2c6a571cf2e42695f3dad46cbfe40244.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 7 KB
7 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/2c6a571cf2e42695f3dad46cbfe40244.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d2a89eb357fa6c714b9001affa7aa1d5c2f610860a86b71a76b310f8da2c38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 29770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6896
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Tue, 24 Aug 2021 22:02:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 22:02:50 GMT

GET
H3-29 200 872b5b1b7ba396c8c6ae7c3aac67db10.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 194 B
225 B 11ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/872b5b1b7ba396c8c6ae7c3aac67db10.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a1bd058692997f41b685612cfdb2fafdaad3a3332a9cac0bf57292ef5d19de9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:29:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:29:53 GMT

GET
H3-29 200 351d757f2fa0b981cb60fddb362e9fd8.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 512 B
543 B 13ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/351d757f2fa0b981cb60fddb362e9fd8.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024d16adc0044cc6ce113d1b195100578c0bd59ba58b3dbd1856386b580fb4e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 512
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:29:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:29:53 GMT

GET
H3-29 200 2fab9a8d208c5404d9ffbaa76d329d57.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 192 B
223 B 12ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/2fab9a8d208c5404d9ffbaa76d329d57.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666625ffdacf823b459afe9dd409db8420f73f31331bb6e1b426946e8c82d0ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:29:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:29:53 GMT

GET
H3-29 200 64bb8d5256a0a498a1af5aa0a7f7cc4c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 8 KB
8 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/64bb8d5256a0a498a1af5aa0a7f7cc4c.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec2430e51815d80a1fd1fc0bfaa71cfacf79ee348bbe4d0eb74d46a1431f9ce3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7964
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:30:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:30:19 GMT

GET
H3-29 200 0f9364ce62f66682211762ecfba02248.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 187 B
218 B 13ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/0f9364ce62f66682211762ecfba02248.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d961b75ebfd23625074af97d27353f622eebba5624c0cc65ec709c78ed7d81

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:29:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:29:53 GMT

GET
H3-29 200 imagesc3uhuw3yh5rad0ki2mge.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/imagesc3uhuw3yh5rad0ki2mge.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

032f2f6de0a27532766834d16dddb82167346a3f41e1c251980a2c2a392504f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3193
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:30:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:30:19 GMT

GET
H3-29 200 imagesdiiaauxk7g3fac2n5sm6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/ Frame 4B45 1 KB
1 KB 13ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/imagesdiiaauxk7g3fac2n5sm6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14459537531482684182/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

019901bf0906da82f22340234d83e0508441a05067bb93d1b7e30db554dc2be9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1504
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:43:51 GMT
server: sffe
date: Mon, 23 Aug 2021 09:29:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 09:29:53 GMT

GET
DATA 200
OK truncated
/ Frame 4B45 18 KB
18 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af3e53ba239afaf52cd9039fff2045b9907b860a90ff469c7c22eeb3be9bf74c

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 4B45 19 KB
19 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1626772622

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:36:29 GMT
x-content-type-options: nosniff
age: 106951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:36:29 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 39AB 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 98306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 03:00:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 39AB 15 KB
15 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 08:57:53 GMT
x-content-type-options: nosniff
age: 76867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 08:57:53 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210819&jk=1678000242269036&bg=!lpWlldHNAAYXVutgF1Y7ACkAdvg8WrP9w6qIZSfGoiGNHNb0tAIZvxJmG-4EGomTLWPa6d5GnBLDhwIAAAJmUgAAAF1oAQcKAIOnekwxSjK_nPHgY2FfppAe5RIPnwY2Q-bsv4-atDdo03x-AWvSCE-SbqDJM5baxF5XGrqgWccj8ruG8kJ3frJAvcraU2XlQpjSU-HtBnq3PuevG0C8HcSAoNphdkCdTJuKGpDwk31HLvfMF5x3UXF6LF007vYvWPsJQyiQNsmrmuOTWZkCdo0plj3YqNuewv6KSgvrQSHmt1XD4_rrSLtAxCh5FA9LupkEPTipet3bZ2c0xeEEldQ1EqLk_zabnzu1B8CvZcm8m7DZ6DUdeoHCQfoXITcu8DSXJOY4Jsdr8XsYtlCFZErvp3khjgvkv514reYm4cJXdVNYfv16wrV-ZzcCl6R3JxQXAQ9P1CRYZZ080ALYTPWU6roMndXB_15EFQ1-gIOXvNhCCohZaptmw95VSzG_YDvakmKrX26I2ShWwTfh6h7XkaXK2zVoEsCCQ_mOQgxtYsO878bMqxBZoOpWIk0vI2qDpxMtVDOgp_nZmwTZlTYHLwuAccFDH738iC9v9AcwYIuqhqpsU3DgGMP5-ewt3oc_ARTGDvIA8ClnlIbifMUh5Hi5RFfZBq8A8eq01GMaYdHgL-AW1X0YTi6ZRwOeDIWpTcsyhEDYW5wGTVTN9mN079ew3ZaeYLlEsN83PYwgEmItmkvmDMBo50-K8sGCGOBByLpYWQxKXx2w2zpiKv371CCMkadVOugOk-3FRfkFW4VQKz5odflqfmKoY2YOSxfmsH0imljGvKbtNaEmUvzW-QAL9N1Cf2Zp8AHMCOFrKsL0pxWfiSq485pm4NoFrr017Eu9oDVRhYUwrsLX8y05Csv0IdjADof8nvC4WLfYPqMD0JEBAq1y84uDdwXe5KgumBgnYRMGRHEbkY5gNWB6VihGtGGPYCFyOquQk2wFd_juJnE8glx_uAhFKgzWOusJ1xljFu2ZeVcelCLeua25MtAHvlvnWP9d7IteLV6iGfjCMXkZIV5sDJSb7EZdfDR_UYNcE3TSRPoXApDnX-mVEgHbiQ
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5E4 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdfkwG21rwVWAZBsovOgKL4nN4ypncQVX9Hj3mzSnEVajPONPuEmSy7tRhFgqbE6LoU45uEgFP6luqLYo7zVHyyRvIZX0gzMziYCPZFdIVmjU7r4m4J4CEd-BOxA&sai=AMfl-YRvWVftRWFER9nJCdpMP4gkeTWzy5ZBQaKnR5Jr3ALZ3lCsrd48DqN7vX7wgLJVno_3WNcBZy0OYtsN&sig=Cg0ArKJSzOZ7D6XVwEexEAE&id=lidar2&mcvt=1037&p=111,10,811,145&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3758595536&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629872338560&dlt=421&rpt=951&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:19:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E3C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B45 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 20:54:34 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D1B 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus65cFJd1impqPrI7W5yFbcgBsp-S8opBn6qjeDDRVUh3VjI-hI-RZVxZ5ID1pTXV06N1GMXruMK9Lc05q3qfQIn8GmjHst13Ee9ZubQTsBacfeBKKPLMmEG6bbw&sai=AMfl-YTMEyZYJpiG3h-QVlfYRNjxoFodGdpzUxRaamnTEwdEzTMxw_bynIVO_hJOYhQKLUWQwVS_ofIpKobX&sig=Cg0ArKJSzB42rk1DHLo_EAE&id=lidar2&mcvt=1015&p=111,348,361,1318&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1230168666&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629872338600&dlt=504&rpt=970&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:19:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A6A4 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst60lvx4u2Za4cmwn5s8WcSeQGWIBCuLgLDOqbloZ5eQuHAHYlgkK5UuVHdoTY-Ys1xC0d1TPvHWpCeMMjPF931GgmddoOU5FsyypCmvqd0GwGmiX-LXvVF6hZTzg&sai=AMfl-YRIK3nlJtzKka0BCO1BmSeBls3ybsMugWDi91-9aJLj2fiiN5f2wHnr_uQH37xSJubJs7T6g9dJ54E9&sig=Cg0ArKJSzPLkD9WJWfzaEAE&id=lidar2&mcvt=1000&p=0,586,60,1054&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2256891426&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629872338505&dlt=478&rpt=1285&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:19:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3B32 42 B
64 B 32ms
32ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJk9OWszOSRurdBJSFd2BSBdGh2YdbzZqe6aXtA4DlTEeiqDTwTNLFJc6fl8EE3x4LvCuCwGI364qx-oP1j7n_azq2v2isMew_rxCBxonzb8Bwqu89ISLF-5ZbCA&sai=AMfl-YR_urOWUt4XeiybXbwxLOtBSsmPeFvmb7n2EYqZTaExrHAryAJAdjYwNE_bfUUUVnXw9labcRj7o-534iTieE6WmBvBcQ-Mkw3iQHErCTaWphtA-Otot7cXNmcY&sig=Cg0ArKJSzGijYcuipSPDEAE&cid=CAASF-RobTjHPC0BvAU8qb9W8sB4y9PwNmuv&id=lidar2&mcvt=1000&p=101,1460,607,1595&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=90918906&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629872339065&dlt=542&rpt=927&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 06:19:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.annaqed.com
URL: https://www.annaqed.com/images/critic.gif

Domain: http
URL: https://http//www.sudaneseonline.com/uploadpic14/mar/1016333_488823897867823_1875840390_nsudan1sudan.jpg

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sudaneseonline.com/	1970-01-19 20:44:32	Name: _gat_gtag_UA_115921305_1 Value: 1
.sudaneseonline.com/	1969-12-31 23:59:59	Name: __utmc Value: 24067384
.sudaneseonline.com/	1970-01-20 14:15:44	Name: __utma Value: 24067384.1003514159.1629872338.1629872338.1629872338.1
.sudaneseonline.com/	1970-01-19 20:44:34	Name: __utmb Value: 24067384.0.10.1629872338
.sudaneseonline.com/	1970-01-19 20:44:32	Name: _gat Value: 1
.sudaneseonline.com/	1970-01-20 01:07:20	Name: __utmz Value: 24067384.1629872338.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.sudaneseonline.com/	1970-01-19 20:45:58	Name: _gid Value: GA1.2.1933411748.1629872338
.sudaneseonline.com/	1970-01-20 14:15:44	Name: _ga Value: GA1.2.857375138.1629872338

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.top4top.io
adservice.google.com
adservice.google.de
bp1.blogger.com
code.jquery.com
connect.facebook.net
d.top4top.io
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
http
i.pinimg.com
i.postimg.cc
j.top4top.io
p4-gpsdu3oj37tfe-tjauckagsj2gvcqn-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
s-media-cache-ak0.pinimg.com
s0.2mdn.net
ssl.google-analytics.com
stats.g.doubleclick.net
sudan-uprisings.org
sudaneseonline.com
tpc.googlesyndication.com
www.annaqed.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sudaneseonline.com
xslt.alexa.com
http
www.annaqed.com
107.6.185.250
135.181.63.70
142.250.186.34
143.204.101.186
163.172.219.20
172.217.23.99
2001:4de0:ac18::1:a:1a
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:20::681a:b2e
2606:4700:20::ac43:4b3e
2a00:1450:4001:801::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9b
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1f::84
5.135.83.165
51.158.146.105
00ec949959d50c8f5f82c39768c53ffcc3773df7907df86d5ec2f58e34e943f1
019901bf0906da82f22340234d83e0508441a05067bb93d1b7e30db554dc2be9
024d16adc0044cc6ce113d1b195100578c0bd59ba58b3dbd1856386b580fb4e4
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
032f2f6de0a27532766834d16dddb82167346a3f41e1c251980a2c2a392504f7
03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb
037600afdbf2b5d8fe542d0bb882bc5d8a3fb492b12b64671f79d171247f6ec3
03975aed68110778f890df02903c06aacb3f6513ce60606dc90a4d68119909ab
03e44449ec6beba4d249d1a0c5fa6cc28ab817ee856b71560f9beafd7862acf9
06110a23744b87a6b54dffd7f506bfcf053936b3431c7bd4837221b702bca300
08bc43f1473d2e76b133e73bbad94f32a9b38b3949fbfa2bbb3d09d8f573b82e
09813ce96c0615aaa714b8ee5b9af5f331f9a295ac80333cfee984b8bb131383
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0f6e6582296b1d29ca0bc18449883ee26d4791a204a2d8a4aa3396465209e5aa
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
104fb306a0d86629e0ca0a63261b35c8a60b8f52ddd8cfb9271875c26bc16b33
1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d
11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1338cea02b350e3500eb6c233c11a30f0a75f35e08ef20f47eb25ced10c8f0f6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583
1c4f1a9488c3f6301aae3a559e40d8155d6a3dd59b8931212193647d6d715033
1d84ab7a504f044466a6619b8204ae6bf5c719f73b50c72128e4180b86b366b9
1ec9f7e9310fe7f9c9bf0070a7f9acdc8a5d8af5653e763a03900e0c27183072
24a80188e0a5d0daceca11b3a390f56a85e6e112285313b6a23efa9581ef867c
2501a50dc61d9731f9ad9741b0d8d18c7d73257ae029bfb0064c497272d55e4c
27587e1ff1d4d06320d484731179de589b003007ff05b369592ce4a16edc0bb7
2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624
2a5be1fb732b2f55adc323fc7a2d152719bcce2a573760cd2dc53540c32a010c
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b2eeb7b890430b990ead38e7ac0e2715d47e1584e68b77000e3d58a5ebde5e1
2b4867bad1c889d8aa10e1aaa3858631313fbf97023b01959b56913b391e814f
2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
300873de99fd5dd4cef5b4330e71a4903a54e2b643fb7cdb7c89af79589a6037
31c1f492749dc61ef04230aede385861df35856cb40e6f311051e27f05983493
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
348f0a54cacd3b63d2c1ab2be44ed1148f49b95a5c917ee8af9adab0e73fa087
34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67
372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c
386581a9b9164347f3c669770f2aa2127bd40df351f8c93d4c42a03873ed74d2
387c47ec69de79ef3993d1bd9c834b690164edd3b4e27f645152bbc63b95c3f3
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
3a93ef00953b3e0bb2630ec5215478b1ae00d8abc6ea36e8ce4670e770d5b984
3d6d4d9bfe05d74caf16cb20f639700e997214563af26c11478cc4c97c9f9f67
4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5
4240475704d5c6560364fd97b581ab0a38024b705ec7c4e41e100c4ed8f97792
4838de5492f836d9565c73beeecad18332c0fd02fca68348eaff0b366793f565
4890ee291ee6aa027778a3e9a26ef86bd74ed7f765a08ef1d63983ccce391de9
489b9fb1fbacf1ba411b43325a90df87c0673880b48f7ebca8c5798edd311adc
4b416a4e3309dc082b017a970e55dc84948a2a773a25d1f050b95c45820e03db
4de7b51725d4bb70235fb155bc24eec9d215d5693a3b6f6774ac1d19bb2ca024
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5236be883713c6bc5c3b466e256a214bcb387458c66fc7cd6f4cc3f02f89df03
52d2a89eb357fa6c714b9001affa7aa1d5c2f610860a86b71a76b310f8da2c38
547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0
56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4
56e24bf68cb723a9a7145bee26b29faa6b4004b28ca96f3384cf775cc5134bd9
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5d2cca8826edf60c734bd15b702a303778194e5faf93e4c4123924e252596691
5ff724d0581b622b8d6deaaf52407f2c677f097971182b61e036a66a84c92abd
6084f8ce225061ed6a3b29b8b36b3a4aa17ef76b8701d11fad655a8a09a308e9
643e03121f75104b52605743908b81e60a0a62c675cdf1da3b654c6c035f0c06
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
666625ffdacf823b459afe9dd409db8420f73f31331bb6e1b426946e8c82d0ce
68d6ee54670825b5b82355d23110803c85e85405b38cf618c8f21fc0382dd1ee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2ae1f41fe86b4dccd71aab882db89f3cb078128ada71768c0fa1f950e9eea7
719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76
724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea
7263671ccb86b6fbc438d7e83088af65fa3ac7674affe7a426b991c5fbcb4305
728954d89251efa0667bfd0074f608ef6a0d318b31f48f423cd339c7514116cb
72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2
72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5
772029ffddff8892ab9484f7ac91a8a9d7e12d1edef3390dc336054184c880d3
797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2
7a1bd058692997f41b685612cfdb2fafdaad3a3332a9cac0bf57292ef5d19de9
7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a
7c4c3da451884e100648a65bb3627db2825858e124ab0196a6f0abf1023c071f
7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11
7e8d0120ed2144058812744194f701e8475f7a219e35e1583ba41213e2cda264
7ff0912dd44d629167459ee299ca362877213bf224f51a68296ef360538eb2ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8381a872a04642c944fc50b6077667b6ac3321372c808c62e7303743eeedb1b2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a
88bc81bcf989a3b6afd4f96d1605467861ddd16c459ac63c08f777a09579888d
89362bb1b8a984ef669f5d6216ee117fd43c4caf6e7e546809c1c0cc4bf47880
8961aa85d358ea22baf4868b3a336674a9528708367ef7733a850fd0aaa7c343
8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993
8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b
931e70ddbceb45fcd26e45a6cb0b0257a101b6fa89b6658aeef7f2db7efdadc7
93a552e2ff794a18462e7ff5859758cd547f638e97c5b1a23f84ac7e18232b95
943c6f64558b7891692150b4cd2b1999c4f3ab2a46ecf0ea830d10630a93a72a
946e37815daf07144bdfb1d3a2c7a5dea8d8d5a8270d3e34fb6e4efcef5ed014
9537720200ca7bf7e377a1b350a2a7e32b1458ed82ff3482bff3b928edb6fdb6
967f8ff0af2094033432c8e9dc522bc1661e3dac01c9bd4d04d0b263cc718e46
985a95cdd7670aee9b0d01a81ad52389698fbe2860fe614307a4d16461cc788d
992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731
99c1d606773767eec58bc7c39f89713894577fb5b8ac3c11c86504c512d2cb97
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9c29701afd31055e0f204731dca3b8c8e010c01e1571113cd5e522f1c5338a9f
9e9abeba46e92be33e72f3dde0b067e983a2f175a5a6d4101b8a4669acd75a09
a101b45e2d75716f73ac665eadedacaef83267360581922837dece7aa1b9ba3f
a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb
a30734925f87cc0ad5703a6943cf487f1ca1c113f13216b0d5344459ab7e24c2
a383952a0479530eedc7d467fe2bfe5769f2fbfaef0e7493964fdef65d11818d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7b16ac81020d35be7427d787a76016edd3b0bf56f828186f9323c6d634441be
a8b9ddbab0044b5888575c07dc7d8e4f6d592cb498738a7a30843accca3dc893
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
a9ab687221363afc8c58df2eeebea104cbe3e759674d21ada4a4909de806b17c
ab7fa79a76104519ca55289caab769739ededf93c97bc1e48647e1b4756ea761
ac0e8d13ec5f276feada45b806b85af037f734e0ee5a8aa7ce4b9e1e9110d5fc
ad0faa520aede6d55e6d5e4b8ae838f888e4b5bea3fc5f1522277645293b6dbc
ad8a1578db0879358b6fa2560254d4975311f87fe4b438f378b532b43c337dbe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3e53ba239afaf52cd9039fff2045b9907b860a90ff469c7c22eeb3be9bf74c
b0b47fbe08813f2964de03684b90df90615e5591820069441e26471cf176fc0f
b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7
b4d961b75ebfd23625074af97d27353f622eebba5624c0cc65ec709c78ed7d81
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b96d52bbeaf4b1e8233c9f95a3c15219649eda5f59216c604241322f109f2c09
b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c
be30f22c896dc09a734bea62e559c84198d61054e16e020c59c1a81a0c7b1c9c
be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfd08c3b6d10f81d4fe970b53368d29d1245661740e7ce9aa32ace9cc4e19408
c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f
c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c7fd4c6980b897d0e5b39cce99ebd930bd97239128538ec6d4927900e370282a
c817682c0d0aefdd54577d609d58d18ada6340b5321d22fa56fbe46c895f6bef
c990926de4ccd371acf6560885ae5a357a2f6e062bb8bbf4d831c730609aa044
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e
cdce54de03e24afa7603e665a9c73fae0fe170f5d7c98c2bdb4e561cdb048402
cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1
d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7
d3e33bd3eeb6d3e82825ca5990e311ada69b68575d9c5d5d205719adaf3a1618
d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a
d5d945265b85e7b1096755168a5509322d5b088eb0cb97adf51fc4a6bb4beb6d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3
dad400480ed910066d05fde9e1a0f1525d78d3d37f3321571af05672075bf41e
db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45
dbddaf11652a6e0becba9c844d9c234f70919740df8c25935a78aa75cb4ce6e1
dbe908e1f4120ffc109dc589d0f20dab17c875114dab951ad9b9e09cd5be612c
dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195
dd1665c06814cd2459affd4cc6aa2b48ac9229dee9bedfe1df7717056c9c732d
dfbdab0eb3628feec66d46ed4db9c94f7f21fae0a3feeba9e5bfbd6c9ab5282b
e0ff4032cc37ee30c83692ea623e669426e79ed74d670bcd54104938c397aacc
e10dba2b62a403e299ad9ab9cf4d137389e7db2d016d7aaec2f25b78884942cf
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e3863d4dd13720d8040769ed404a704400c99c00513a0ae81998455feef2359e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9e33a6e29e9d4852f65cefae0304e8b49a99724d3327c2ca3840ee432952bb1
eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f
ec12520cbefe8332b188d556ed950022b283fe115e8fbbe6d92f0a035973ec7c
ec2430e51815d80a1fd1fc0bfaa71cfacf79ee348bbe4d0eb74d46a1431f9ce3
ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704
f0d3ebac683deacb5a3b131a58b843270fb11f0abdd33e15789372705836981d
f2fa6e4e375418690ff9dd712e48656ce0b3f463bcd43952f3dd9d041f976c10
f375deaeadd1b99d6c9cb9e64ae6fa01d17869a577906d5477532d656dc08a2e
f78f20010d2ea557e19ba11c88fc328ed519d589806a06ed7637f6ec008cb7bc
f7a02e50043d5095ae058e9d777a9fea70d63609aa7bea7125b8475424efc2d9
f80a5862031aec6ffc424f43bca8aa8c271628110c27d2b2e869207c64f91b01
f980381a6d7c3219c534917bbfc5d57c5c79ee22551ae2684a4a7608475b2e6a
fa9cdf9e3f9d95bc258c6aad323775e7d53770eead4c23191a4a2ef5ad66bfa1
fbc404e230a949517523753e08bf741f0b6f9f02cbc13ea8ebe314eae2ea414a
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe45955078b49244aade9f8593fd2d0257665356ed68e5a1116ae05c9eefe711

sudaneseonline.com Open in urlscan Pro 2606:4700:20::681a:b2e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

244 Requests

99 %HTTPS

82 %IPv6

25 Domains

41 Subdomains

44 IPs

6 Countries

3974 kBTransfer

6506 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

244 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sudaneseonline.com Open in urlscan Pro
2606:4700:20::681a:b2e Public Scan

Screenshot
Live screenshot

Full Image

244
Requests

99 %
HTTPS

82 %
IPv6

25
Domains

41
Subdomains

44
IPs

6
Countries

3974 kB
Transfer

6506 kB
Size

8
Cookies

244 HTTP transactions
7 data transactions